WINDOW HACKING -PRIVELEGE ESCAPLATION


first of all we have to know that what is it?
 
Actually it is an techenique through which we ca 
 
get access to administrator account through the 
 
guest account.
 
In simple word...we can get access to the admin 
account through the guest account of that pc 
 
with the help of it guest account...
 
there is two way through which you can get 
 
advantage of its feature to get acess into its 
 
admin accout..their is two method...
 
1. sticky key attack
 
2.hidden admin account
 
 
...........STICKY KEY.............
 
actually this feature is activated by default in 
 
windows for the physical disable person.
 
This key will used by person by pressing 
 
Ctrl,Shift or Alt keys along with any others key 
 
or simultenously..
 
like as pressing the Shift key 5 time will open up 
 
the file..
 
c:\windows\system32\sethc.exe file...
 
show the main logic is that..instead of this 
sethc.exe file if we replace it with the cmd.exe 
file..then after pressing Shift button 5 time will open up the command prompt....
 
that is main vernibility of the window to get 
 
hacked.....
 
but ..now main quetion arise here that how to do 
 
this thinks....don't be panic here is the solution 
 
step by step.......
 
*****NOTE******
 
this trick will valid upto the window 7 serise 
 
only....
 
here is the main our aim is that how to get 
 
 
command prompt in the login page..with the help 
 
of sticky key..so their is also two method to get 
 
that......
 
method 1..

a. creat a bootable USB drive for windows 
 
PE(miniature bootable version of window) or 
 
start window RE (by booting window setup 
 
DVD and then select repair)...
 
b. this will open up the command prompt(but this 
 
not the command prompt what we requiered),
 
now chage the file sethc.exe by cmd.exe file...
 
type....
 
'copy c:\windows\system32\sethc.exe 
 
 
c:\windows\system32\cmd.exe'
 
this will replace the file sethc.exe by the file 
 
cmd.exe.
 
c. now restart the window and press the Shift 
 
key 5 time ...this will open up the command 
 
prompt(what we required).
 
........METHOD 2........

to get command prompt through the sticky key we 
 
have to replace the sethc.exe file by cmd.exe 
 
file....this can be done by an another trick...
 
1. start the pc....while you get hte windows 
 
logo...just press the poweroff key until the screen 
 
sutdown.
 
 
2.now again open start the pc..now this time you 
 
will see an option showing the error massage...
 
 
where you get two option...select ..launch start 
 
up repair..as shown in screenshot.






3.now you will see the startup repair window
 
just cluck on the button restore...
 
after that it will dignosed the problem that could 
 
take 10-15 minute sometime may be more are 
 
less..
 
4.after this over you will get window as shown 
 
below..just click on the show more detail..where 
 
you will get the blue links..just scroll it at last 
 
and click on that that...
5. this will manage you to go to the window 
 
drives..
 
search for folder windows\system32 where you 
 
will get cmd file as well as sethc file...
 
usually this thins yoou will find in drive D..
 
just search it and replace the file sethc.exe file 
 
with the cmd.exe file..
 
see below in the screenshot..this will clear you a lot.
 
 
 
Here you clearly see that 'cmd 'folder rename 
 
with 
 
the 'sethc'
 
 
and 'sethc' original folder rename as 

'sethc1'.
 
 
 
After saving it ..just close the window and 
 
restart the pc again..and now press Shift 

button 
 
5 time ,,and here we go again we will get 

the 
 
command prompt in login screen...
 
 
 
here we get the command prompt with the 

help- 
 
of sticky key where we manupulate by 

replacing 
 
the default opening folder after pressing sticky 
 
key,by the folder name cmd.exe file which 

will 
 
cause to open up the command prompt 

after 
 
pressing sticky key instead of the sethc.exe 

file...
but after this what we will do to get login 
 
access...its very easy....
 
 
Step 1. type .... 'netuser'
 
this show the all account on that pc.
 
Step 2. now select which account you want to get 
 
access.....
 
and type.... 'netuser <account name> *'
 
after this it will ask you to enter the password..
 
please type carefully because it does not shows in 
 
window...
 
 
and after that it ask for confirmed the 

typed 
 
password...
 
 
 
if you type same password as before an massage 
 
will print up that command successfully update...
 
 
now what ......Bravo we will get the access 

in the 
 
account......
 
 
stay safe ...secure.......
 
 
this is ....                  
                              .ZEROCOOL...
                              
                               Signing out.......
 
 
please like and share this blog..if you 

like....
 
     
 
also like fanpage of this blog in 
 
 
      ..where you will get all 
 
the notification of the new article.....


Popular Posts