Injecting Password Hashes into the SAM:
Easiest ways to gain Administrator privileges
on a machine, is by injecting your own
password hashes into the SAM file. In order to
do this you will need physical access to the
machine and a brain larger than a peanut.
Using a utility called "chntpw" by Petter
Nordhal-Hagen you can inject whatever
password you wish into the SAM file of any
NT, 2000, or XP machine thereby giving you
total control, just burn the .iso on a disk and
use it. I would give a tip like backing up the
SAM file first by using an alternate OS.Make a
USB disk of linux or Windows Live dsik can
also work. Go in, inject the password of your
choosing. Login using your new password. Do
what you need to do. Then restore the original
SAM so that no one will know that i was
hacked.
You need to have admin access to perform
this change from the command line. This is an
especially handy trick if you want to change a
password on an account but you’ve forgotten
the original (going through the Control Panel
can require confirmation of the old password).
Now we hack Admin Password To verify the
user name, by simply typing net user, I get a
list of all the user names on that windows
machine. Now, go to the command prompt and
enter:
cd\
cd windows\system32
net user
If there are people near you and you don’t
want them to see the password you type, enter:
net user *
E.g. > net user username *
> Type a password for the user:
> Confirm the password:
Easiest ways to gain Administrator privileges
on a machine, is by injecting your own
password hashes into the SAM file. In order to
do this you will need physical access to the
machine and a brain larger than a peanut.
Using a utility called "chntpw" by Petter
Nordhal-Hagen you can inject whatever
password you wish into the SAM file of any
NT, 2000, or XP machine thereby giving you
total control, just burn the .iso on a disk and
use it. I would give a tip like backing up the
SAM file first by using an alternate OS.Make a
USB disk of linux or Windows Live dsik can
also work. Go in, inject the password of your
choosing. Login using your new password. Do
what you need to do. Then restore the original
SAM so that no one will know that i was
hacked.
You need to have admin access to perform
this change from the command line. This is an
especially handy trick if you want to change a
password on an account but you’ve forgotten
the original (going through the Control Panel
can require confirmation of the old password).
Now we hack Admin Password To verify the
user name, by simply typing net user, I get a
list of all the user names on that windows
machine. Now, go to the command prompt and
enter:
cd\
cd windows\system32
net user
If there are people near you and you don’t
want them to see the password you type, enter:
net user *
E.g. > net user username *
> Type a password for the user:
> Confirm the password:
.jpg)
0 comments:
Post a Comment