Showing posts with label Windows Hacking. Show all posts
Showing posts with label Windows Hacking. Show all posts

Bypass Admin access through guest Account in windows 10

Open command prompt and check windows user account status using “whoami” command.


Account name is “joe” and account status is ‘DefaultAccount’ which is a non-administrator account type.
Try changing administrator using the ’net user’ command. You will see an error ‘Access is denied’


Now download “CVE-2017-0213_x64” from here and unzip in your PC. Go to the folder and you can find the .exe file, double click on it to run it.


The moment you double click on it, it will automatically open a new command prompt with administrator privileges.


Use ‘net user’ command to change the administrator account password. Message ‘The command completed successfully’ will appear. You have now successfully changed the administrator accounts password.

Bypass Windows Login Password using Android Phone with DriveDroid

Drive Droid is an Android application that allows you to boot your PC from ISO/IMG files stored on your phone. This is ideal for trying Linux distributions or always having a rescue-system on the go... without the need to burn different CDs or USB pen drives.

Drive Droid also includes a convenient download menu where you can download USB-images of a number of operating systems from your phone. You can also create USB-images which allow you to have a blank USB-drive where you can store files in. Blank images also allow you to use tools on your PC to burn images to the drive and create a bootable USB disk that way.

You can manually download it from google playstore.
Note: need root privilegde means you need rooted phone.

Let’s start!!!

Install DriveDroid app on your smartphone and run the application.


Click on plus sign at the lower right corner to add any iso image file.


Under preference here we need to select image directories so that we can browse konboot iso image file.


Further it will move into internal storage to let you choose your iso file, I have opt for konboot.iso and click on select (Please note that the kon-bootCD.iso file should exist on your phone)


Selected the koonboot iso file and it will get mounted


Tap on the mounted file and we can see three boot options as shown in the figure below Select the third option of CD-ROM and connect the smart phone with the system and reboot the system


Now plug the USB cable between phone and system for booting it from your phone and restart the system (pc) then continuously press function key of your desktop system.


Great!!! Successfully you will get administration console; now hit the enter button on the key board. This will bypass the admin console without entering password.

2 ways to Hack Windows 10 Password Easy Way

In this article, you will learn the multiple ways to recover/reset/crack the password when you don't have access to the machine or you forgot the login password of window 10.
Security is importanat for everyone, so people use passwords to protect their data or machine. But many times users forgot their password and try multiple combinations of alphabets and numbers to remember the password and to log in the PC. Don’t waste time, get the easy way to crack the window10 password.

Table Of Content
·         Prerequisites to crack window10 password
·         Create a bootable USB of window 10
·         Crack window10 password via replacing cmd .exe with Ease of Access App (on Screen Keyboard .exe)
·         Crack Window10 Password via replacing cmd .exe with Ease of Access App (Utilman .exe)
·         Crack window10 password via WinGreek Ultimate tool

Prerequisites to crack window 10 password
Either you should have already bootable USB having window10 image or you can first boot the drive before the password crack activity.
You should have an ISO image of window 10 or can download from https://www.microsoft.com/en-in/software-download/windows10 that contains all setup files. Secondly, you should have a CD/DVD or USB drive with at least 8 GB (for the 64-bit operating system). And make it bootable from an ISO image of window 10.


Create Bootable USB of window10
There are multiple ways to boot the USB drive but the method we mostly used either by RUFUS or by Universal USB-Installer. Below are the steps as follows:
1.       Download the latest version of RUFUS from https://rufus.ie/
2.       Click on select and browse the ISO image of window10.
3.       Select partition Scheme either MBR or GPT and File system FAT32 or NTFS as per compatibility.

4.       Click on start and makes the USB bootable.



Crack Window10 Password via replacing cmd.exe with Ease of Access App (osk .exe)
In window10, the Ease of Access button is on the bottom right corner of the login screen. Through the boot media, you can replace the Ease of Access applications with cmd.exe to open an elevated command prompt without logging in. There is much Ease of access app you can select as per your choice. But here we will show by using two utilities(on-screen keyboard and utility icon).
Ease of Access Utilities
                                                                                
Name      
.exe filename
On-screen keyboard
osk.exe
Magnifier
magnify.exe
Narrator
narrator.exe
Sticky Key
sethc.exe
DisplaySwitch
displayswitch.exe
Utility
utilman.exe
app switcher
Atbroker.exe

Let’s start the easy way to crack the window10 password.
Start your computer and enter into Bios Setup (computers of different brands have their boot menu and BIOS key ). You can choose boot preferences (CD/DVD or USB ) devices that you want to boot from.
Click next


In the lower-left corner of windows setup, click on "Repair your computer".


Now, choose to troubleshoot as an option, to see the advanced options


Click on Advanced options


Now click on command prompt



Command prompt will elevate, and then you’ll copy the command prompt executable (cmd.exe) over top of the On-Screen keyboard executable. (Must know the path of system32 drive)
copy d:\windows\system32\cmd.exe d:\windows\system32\osk.exe
Type yes for overwrite option.

Now Reboot the PC. 


After reboot, PC will start and once you will reach on the login page, in the right bottom corner of the login screen click on Ease of Application (middle one), after that once you will click on On-Screen Keyboard immediately CMD prompt as an administrator mode will elevate


Now you can reset the password, either by changing the existing user password or by adding a new user (permissions should be as an administrator)
Syntax: net user account name *
Example: net user raj * and press enter.

Set any password for that account.


Crack Window10 Password via replacing cmd .exe with Ease of Access App (Utilman .exe)

Follow the above steps mentioned in the first procedure until the command prompt elevation not opened to replace the cmd.exe with Utilman.exe (Ease of App utility). 


Then copy the command prompt executable (cmd.exe) over top of utility manager executable. (Must know the path of system32 drive)
copy d:\windows\system32\cmd.exe d:\windows\system32\osk.exe
Type yes for overwrite option.

Now Reboot the PC. 


After reboot, PC will start and once you will reach on the login page, in the right bottom corner of the login screen click on Ease of Application (middle one) icon, once you will click on it immediately CMD prompt as an administrator mode will open.


Now you can reset the password, either by changing the existing user password or by adding a new user (permissions should be as an administrator)
Syntax: net user account name *
Example: net user raj * and press enter.

Set any password for that account.


Crack window10 password via WinGeeker Tool
This method is the most user-friendly approach to hacking a Windows 10 password. It’s highly effective and doesn’t require any expertise to use. The simple three-step process will ensure that any Windows user or admin account is immediately accessible. The most reliable aspect of this utility, called TunesBro WinGeeker, is that it does not touch your data in any way.
 Download TunesBro WinGeeker to a different PC then use the built-in ISO burning utility to burn the ISO file and create a boot disk or boot drive. This is your password reset disk.
 When the disk or drive is ready, remove it and insert it into the locked PC. You will now need to go into the BIOS menu and change the boot priority so the system boots from your password reset disk instead of the Windows installation files that are on your hard drive.
 Once you see the TunesBro WinGeeker interface, you need to select the right Windows version and the user account that is locked. Click on ‘Reset Password’ to hack and blank the Windows 10 password. Now click on ‘Reboot’ and the job is done.

Hack Windows Password in Clear Text using Mimikatz and Windows credential Editor

mimikatz is a tool to check Windows security. It's now well known to extract plaintexts passwords, hash, PIN code and kerberos tickets from memory. mimikatz can also perform pass-the-hash, pass-the-ticket or build Golden tickets.


First Download mimikatz windows version from here. and right click on it & Run it as Administrator.


It will open mimikatz windows.


Type the following command to check  privilege
privilege::debug


Now type the following command to get users passwords in text mode.
sekurlsa::logonPasswords


Windows Credential Editor

Windows Credentials Editor (WCE) is a security tool that allows to list Windows logon sessions and add, change, list and delete associated credentials (e.g.: LM/NT hashes, Kerberos tickets and clear text passwords).

First Download WCE from here.
Go to WCE directory & execute the following command as Administrator. And run the following command
 wce.exe -w It will show the password in plaintext

Hack Windows Password with the Help of Hiren's Boot CD

Hiren’s BootCD is an ultimate solution to almost all your computer problems. It comes loaded with hell lot of tools.Each of them is powerful and can be really very helpful if used with caution. You can solve nearly all your PC problems like virus infection, hdd failure, data recovery, Hard disk partitioning, password recovery using this CD.
This CD consists of variety of tools like
  • Antivirus Tools
  • BIOS / CMOS Tools
  • Browsers / File Managers
  • FileSystems Tools
  • Hard Disk Tools
  • MBR (Master Boot Record) Tools
  • MultiMedia Tools
  • Ms Dos Tools
  • Network Tools
  • Optimizers
  • Partition Tools
  • Password Tools
  • Process Tools
  • RAM (Memory) Testing Tools
  • Recovery Tools
  • Registry Tools
  • Remote Control Tools
  • Security Tools
  • Startup Tools
  • System Information Tools
  • Testing Tools
  • Tweakers
Change Password with the Help of Hiren Boot CD


1. Enter “Offline NT/2000/XP/Vista/7 Password Changer”
With Up & Down keys select Offline ‘NT/2000/XP/Vista/7 Password Changer’ and press Enter.

Press ENTER

Press ENTER Here,


Press ENTER Here,


Press 1 for (Password Resetting) and then Press ENTER

Press 1  and then ENTER

Write (user name to be changed  for Password) and then ENTER

Press 1 (to clear Password) and then ENTER

Press Q ( to quit)and then ENTER

Press (!),and then ENTER



Press (y) and then ENTER

Press (n), and then ENTER

Press ctrl+alt+delete
Remove Hiren's BootCD and Restart the Computer

How to use ERD Commander(2007)


  1. Start your computer and enter into Bios Setup.
  2. Change your boot preferences to boot from CD /DVD.
  3. Insert your ERD Commander Bootable CD.
  4. Once the ERD Commander starts booting it will ask you for Windows Installation, select appropriate installation for which you need to reset password



Once ERD is loaded it will present you a interface similar to windows.Click the START button, Select System Tools > and then select Locksmith.


From Locksmith choose the admin account for which you need to reset password.  Enter you new password and close Click Start Button again and restart the PC.