Skip to main content

WINDOW HACKING -PRIVELEGE ESCAPLATION


first of all we have to know that what is it?
 
Actually it is an techenique through which we ca 
 
get access to administrator account through the 
 
guest account.
 
In simple word...we can get access to the admin 
account through the guest account of that pc 
 
with the help of it guest account...
 
there is two way through which you can get 
 
advantage of its feature to get acess into its 
 
admin accout..their is two method...
 
1. sticky key attack
 
2.hidden admin account
 
 
...........STICKY KEY.............
 
actually this feature is activated by default in 
 
windows for the physical disable person.
 
This key will used by person by pressing 
 
Ctrl,Shift or Alt keys along with any others key 
 
or simultenously..
 
like as pressing the Shift key 5 time will open up 
 
the file..
 
c:\windows\system32\sethc.exe file...
 
show the main logic is that..instead of this 
sethc.exe file if we replace it with the cmd.exe 
file..then after pressing Shift button 5 time will open up the command prompt....
 
that is main vernibility of the window to get 
 
hacked.....
 
but ..now main quetion arise here that how to do 
 
this thinks....don't be panic here is the solution 
 
step by step.......
 
*****NOTE******
 
this trick will valid upto the window 7 serise 
 
only....
 
here is the main our aim is that how to get 
 
 
command prompt in the login page..with the help 
 
of sticky key..so their is also two method to get 
 
that......
 
method 1..

a. creat a bootable USB drive for windows 
 
PE(miniature bootable version of window) or 
 
start window RE (by booting window setup 
 
DVD and then select repair)...
 
b. this will open up the command prompt(but this 
 
not the command prompt what we requiered),
 
now chage the file sethc.exe by cmd.exe file...
 
type....
 
'copy c:\windows\system32\sethc.exe 
 
 
c:\windows\system32\cmd.exe'
 
this will replace the file sethc.exe by the file 
 
cmd.exe.
 
c. now restart the window and press the Shift 
 
key 5 time ...this will open up the command 
 
prompt(what we required).
 
........METHOD 2........

to get command prompt through the sticky key we 
 
have to replace the sethc.exe file by cmd.exe 
 
file....this can be done by an another trick...
 
1. start the pc....while you get hte windows 
 
logo...just press the poweroff key until the screen 
 
sutdown.
 
 
2.now again open start the pc..now this time you 
 
will see an option showing the error massage...
 
 
where you get two option...select ..launch start 
 
up repair..as shown in screenshot.






3.now you will see the startup repair window
 
just cluck on the button restore...
 
after that it will dignosed the problem that could 
 
take 10-15 minute sometime may be more are 
 
less..
 
4.after this over you will get window as shown 
 
below..just click on the show more detail..where 
 
you will get the blue links..just scroll it at last 
 
and click on that that...
5. this will manage you to go to the window 
 
drives..
 
search for folder windows\system32 where you 
 
will get cmd file as well as sethc file...
 
usually this thins yoou will find in drive D..
 
just search it and replace the file sethc.exe file 
 
with the cmd.exe file..
 
see below in the screenshot..this will clear you a lot.
 
 
 
Here you clearly see that 'cmd 'folder rename 
 
with 
 
the 'sethc'
 
 
and 'sethc' original folder rename as 

'sethc1'.
 
 
 
After saving it ..just close the window and 
 
restart the pc again..and now press Shift 

button 
 
5 time ,,and here we go again we will get 

the 
 
command prompt in login screen...
 
 
 
here we get the command prompt with the 

help- 
 
of sticky key where we manupulate by 

replacing 
 
the default opening folder after pressing sticky 
 
key,by the folder name cmd.exe file which 

will 
 
cause to open up the command prompt 

after 
 
pressing sticky key instead of the sethc.exe 

file...
but after this what we will do to get login 
 
access...its very easy....
 
 
Step 1. type .... 'netuser'
 
this show the all account on that pc.
 
Step 2. now select which account you want to get 
 
access.....
 
and type.... 'netuser <account name> *'
 
after this it will ask you to enter the password..
 
please type carefully because it does not shows in 
 
window...
 
 
and after that it ask for confirmed the 

typed 
 
password...
 
 
 
if you type same password as before an massage 
 
will print up that command successfully update...
 
 
now what ......Bravo we will get the access 

in the 
 
account......
 
 
stay safe ...secure.......
 
 
this is ....                  
                              .ZEROCOOL...
                              
                               Signing out.......
 
 
please like and share this blog..if you 

like....
 
     
 
also like fanpage of this blog in 
 
 
      ..where you will get all 
 
the notification of the new article.....


Popular posts from this blog

DEEP SOUND -STEGNOGRAPHY

In the series of the steganography ..today we are going to discuss the hiding of data in the music file through the help of the window based tool name       "DEEP SOUND" ..now a days very famous TV series name             Mr. Robot . . off course i am  fan of this show..where elliot use this tool for hiding his secret data.. read previous article on steganography                                                         so without wasting much time lets start .. 1.install the DEEP SOUND go to the official website of the deep sound and download it to your machine.  and open up the interface of the deep sound. 2. setting click on the setting gear icon, an pop-up window show up...where languge remain same as english,           change your output  directory ..like i change it to the documents by browsing the folder. after that check the box for encrypt files .. after that it will ask for the password.. input your password for the sec

KALI LINUX -SECURITY ,CONFIGURATIO AND UPDATES

      Configuring network services and  secure  communications The first step in being able to use Kali is to ensure that it has connectivity to either a wired or wireless network to support updates and customization. You may need to obtain an IP address by DHCP (Dynamic Host Configuration Protocol), or assign one statically. First, confirm your IP address using the  command  ifconfig command from a terminal window, as shown in the following screenshot: IP address is 192.168.1.11.... If an IP address was not obtained, an address can be assigned by DHCP using the command dhclient eth0 (or other available interfaces, which will depend on the  specific configuration of the system being used). If a static IP address is used, additional information may be required. For example, you can assign a static IP of 192.168.1.11as follows:                     inet addr:192.168.1.11            Bcast:192.168.1.255            Mask:255.255.255.0        Securing com

EVERY LINUX_ADMIN-COMMANDS TO BE KNOW

Hello Friends,             in todays article i am gonna cover the most used 16 linux commands,every linux admin should know it.in the whole article i just show the uses of all the commands and their additional attributes too.