Hack Windows Administrator passwords Using Stick keys

Ever wanted to hack administrator accounts in college/school Pcs . so that you can download with full speed or just wanted to hack your friend’s PC to make him gawk when you tell your success story of hacking ? well there's a great way of hacking Windows administrator password which works 100 % even today......  interested ? read on ......


Concept 
When we Press shift key 5 times a sticky key dialog box shows up.This works even at the logon screen. But If we replace the sethc file  which is responsible for the sticky key dialog box ,with cmd. (command prompt ), and then  press shift key 5 times at logon screen .we will get a command prompt with administrator privileges because no user has logged on. From there we can hack the administrator password or create a new user with admin privileges


Things we Need :-

1. Bootable  Linux distro .In this tutorial i will be using backtrack  If you don't know
    how create a bootable Linux distro you can refer my previous 
    article How To Make a Bootable Backtrack CD / USB


Procedure to Hack windows Administrator passwords Using Stick keys

1. First plug in your Bootable Linux distro CD or USB then restart your computer and 
go to boot menu by  pressing ( f12 or del key ) now select your booting device as CD/USB accordingly


2. After booting with your Linux distro open a new terminal mount the hard disk and navigate to c:/windows/system32 and copy cmd (command prompt) and rename it as sethc


3. Now copy /past the new sethc to c:/windows/system32,when asks for overwriting the file click yes.

4. Now reboot and remove your usb/cd . Now when your in the logon screen press shift key 5 times Instead of Sticky Key confirmation dialog box ,command prompt with full administrator privileges will open.




5. Now you can change the password of the administrator account or add a new user using the following commands

Example :
"Net user administrator 123 " where 123 is the password  or  you can add a new user 
"Net user  hackaholic /add "  where hackaholic is the name of the user  


6. You can also hide the  newly created account by going  to registry editor by click run and entering regedit  


Now  navigate to [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ WindowsNT\CurrentVersion\Winlogon\SpecialAccounts\UserList]                                 Here create a new DWORD value, write its name as the “user name”                        that you created for your  account  

By  this way we are able to hack windows admin accounts successfully .
If you have any doubts please feel free to post a comment 

Subscribe to Hackaholic

Enjoyed this article?
Subscribe to "Hackaholic"and get daily
updates in your inbox for free!

Related Posts Plugin for WordPress, Blogger...

Anonymous

what is a dword value? how do i add that or what kind of value is it? Please provide an example.

REPLY
john said on March 14, 2011 at 7:15 PM :

@Anonymous

after navigating to [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\SpecialAccounts\UserList]

simply right click in empty space now select new ---> dword value and enter the "user name" once this done the newly created user account will be hidden


i request you to use Ur name instead of anonymous

REPLY
hrushikesh said on March 15, 2011 at 7:43 AM :

thnks for your methods ...

REPLY
Anonymous

nice, ill test it @school

REPLY
john said on March 21, 2011 at 12:57 AM :

@hrushikesh ,Anonymous

Thanks for your comments keep visiting

REPLY
Jan

Hi
I'm currently testing this tutorial;
Everything works as it should do.
To my question:
In the last paragraph of your tutorial you wrote sth. about hiding the new administrator account.

If I hide the account; it won't be displayed on the logon screen, right?
How can I get access to now?

REPLY
john said on March 28, 2011 at 3:23 AM :

@jan

press Ctrl + Alt + Del twice when u are in the login screen , Now u will be able to see all the Hidden accounts that u created

REPLY
Anonymous

I will try it soon

REPLY
Anonymous

i didn't get your 2,3 steps. can you explain one more step by step.

REPLY
emc3 said on January 20, 2012 at 8:58 AM :

if it could be possible please upload the tutorial for this ......how to hack with stick key

REPLY
Isireli Buwawa said on June 27, 2012 at 5:27 PM :

Great Method man... I used ophcrack instead of Backtrack to gain entry to the system files...

REPLY
UnleashedMONSTER said on August 11, 2012 at 7:09 PM :

Will this work in XP? i mean everything except creating new user account and changng administrator password workd.. Can u create account and change password in XP ??

REPLY
Elijah Dsouza said on December 18, 2012 at 12:33 AM :

a video would be useful

REPLY
Elijah Dsouza said on December 18, 2012 at 12:34 AM :

can u post a vid plz, and email me when u reply to this thanks

REPLY
John ( Admin ) said on December 21, 2012 at 7:21 PM :

@Elijah Dsouza

I will try to post a video of this

REPLY
Nick Gordon said on February 16, 2013 at 6:49 PM :

It works on all editions of windows xp and above and is really simple to, as most admins don't block bios

REPLY
Rohyl Joshi said on April 4, 2013 at 4:34 AM :

Hello!
This is really helpful and easy !
Is there any way to make it 100% invisible , yet, still accessible .
So that the I.T dept doesnt see it through the normal way of viewing user accounts through permissions e.t.c

REPLY
Kapil said on April 10, 2013 at 2:27 AM :

good tutorial..

REPLY
allen lai said on April 18, 2013 at 11:11 PM :

i am not able to copy & Paste or rename any file name in the system 32, a error message saying admin password is needed to do that.

REPLY
John ( Admin ) said on April 20, 2013 at 7:01 PM :

@allen lai

If this is not working for you, Then please try the other methods (on "how to hack Windows Password") explained in our blog

REPLY
Aaron Anderson said on May 10, 2013 at 12:51 PM :

I'm able to rename sethc.exe by going to "my computer" then Local Disk/WINDOWS/System32 without any software, its just there. On Monday i'll try to log in as Admin

REPLY
Aymeric Bouyer said on May 31, 2013 at 9:35 AM :

my schools uses novel loging is there a way to bybase that tyo log on as admin
thanks for the help in advance

REPLY

Use the form below to comment. No spam please!!!

© 101hacker | Design by Mukund edited by John
Powered by Blogger