Want to break through a user account and login in to the system, whether its your pc or your friend's?
Heres how it can be done.. But remember to do this on your own risk. Be legal in whatever you do..
Starting from the basic ones...
1.This works only on Windows XP .
Here when you start the victim's PC ( whose password you need to break ) and when you reach the login screen, you will find it something like this
So, here is the trick just press ctrl+alt and while they are pressed ... press the del key twice ... means ctrl + alt + del(2 times) simultaneously without leaving ctrl + alt .
You will see a screen like this..
Here username must be administrator and password must be blank....
Just press enter without changing this and you will able to login as administrator .
Well the trick here is that during XP installation people usually don't provide a password for administrator and using that loophole you can login into the victim pc .
2.If you are logged in into the victim pc and you have administrator privileges
That works for all version of windows .
a)Open start menu->run->type "compmgmt.msc"
Here you will see
Then in the side box click Local user and Groups and then on users... then you will see all the usernames on your machine, then right click on the user whose password you wanna change and click set password .
Best thing is you need not to know the current password .
b) Using command prompt
Go to cmd prompt(for this go to start->run->type cmd and enter) and type "controluserpasswords2" and enter ... you will see a list of usernames and from there you can reset password .
you can use the command
net user username *
here at the place of username you need to enter the username of account whose password you wanna break .
after pressing enter it will ask for a new password .
3. Now if you are logged in as a limited user or you are not able to login in victim pc.. then here comes the one of the best ways ..
For that you need a little basic knowledge of linux....and you need a bootable pendrive having linux or any linux live os .
Now insert the bootable linux media and restart the pc and boot through that media and run linux live .
Then in the linux go to your partion in which windows is installed and then move to Windows/system32 directory .
Here rename the file sethc.exe to any other name and cmd.exe to sethc.exe and your work on linux is over .
Reboot the system and when you reach the login screen of your windows press shift key continously for 5 to 8 times . Then a command prompt box will open up with administrator priveleges and after reaching command prompt... i told u above how to break the password of any user account using
"net user username *
"control userpasswords2" .
Try any of them to break the password .
Here the trick is sticky keys which are used to prevent multiple use of shift key, windows provide sticky keys and it gets activated when you press shift for more than 5 times and this function works on login screen too..
An executable file sethc.exe which is found in system32 directory, is executed every time stikey keys is activated..So by some means we are able to open an exe file of that computer without actually logging in..Now if we remove sethc.exe and rename cmd.exe to sethc.exe , when we press shift 5 times, actually we open the command prompt, by fooling the system when it searches for sethc.exe. So , we got the access of command prompt and we can break the password .
Here all the tricks told are used to break the password.. means you can change the password and then login.. but you can't know the current password .
One thing you can do after reaching command prompt in the last trick above is that you can type explorer.exe and you will see the desktop without changing the password ( means you are logged in without changing or removing the password ) or you can add a new user and delete it after your work .
Otherwise there are other ways to know the current password .
Which i am gonna tell you in the next post .
Happy ethical hacking!!