Sunday 29 July 2012

Setting Backdoor in Windows ~ Command Prompt On Logon Screen

Setting Backdoor in Windows ~ Command Prompt On Logon Screen



Let’s assume that you have just cracked victim's windows password or simply got access to his windows for some time. Can you make some changes in windows so that you could access the windows again even if victim changes the password ?? or Can you make any changes in your own windows so that you could access it anytime even if anybody sets/changes password ?
Simply Can we set a backdoor in windows ?

 
Yes…..!!!!

Backdoor actually means maintaining access.
okay  lets do one thing first. Open your command prompt (run as administrator in win 7/vista).

Type the following command :

Syntax : net user account.name *
Example: net user administrator *
and hit enter. Set any password for that account.
                                 
Hopefully your new password must have been set did you notice one thing ? It didn't ask you to confirm old password. Now suppose if anyhow we manage to access command prompt at logon screen (without logging in), we can easily change/clear password.  
Okay lets move on.
Now press shift key five times and you must have got a dialog box "sticky keys" on screen.
 
Sticky keys  is a feature that makes it easy for users who have physical  disabilities to press multiple keys at time.   This is the only feature which can be used before logging in at logon screen . So, this feature can be used at  logon screen by pressing shift key five times.
Whenever we start an application like paint, we are actually running mspaint.exe placed in C:\windows\system32  or command prompt, we are running cmd.exe placed in system32 directory, similary
When we press shift key 5 times or use sticky keys feature, system actually starts the executable file
sethc.exe placed in system32 directory. This means if we rename cmd.exe to sethc.exe and press shift 5 times, system would again start sethc.exe but instead of sticky keys the command prompt will be opened.
But you just can’t simply rename it or change system32 files. To do that follow the steps given below:-.

STEPS :-

1.      Go to C:\windows\system32.
2.      Copy cmd.exe on your desktop and rename it to sethc.exe .
3.      Now copy that file and paste again in system32 directory.
@ Windows XP Users


Hopefully existing original sethc.exe must have been replaced and your job is done. Now press shift five times and you would see command prompt on screen .You can access command prompt at windows logon screen and change/clear the password easily using "net user" command.

Note1: You can also do these changes while using windows Guest Account. But when you would access command prompt at logon screen, you can change/clear password even of administrator's account. This is exactly how , we can hack into administrator's account through guest account.
Note2: Sometimes you may still get sticky keys dialog box after replacing the new   renamed  sethc.exe (originally cmd.exe).So, to overcome this problem cut the original sethc from system32 and paste it somewhere else i.e. in other drive so that you should have only  sethc.exe (originally cmd.exe) in system32 now rename it as sethc .This time don’t use the extension .exe.

@ Windows vista/7 Users


You must have got a pop up box saying "Access Denied".


 

Actually you can not change system32 directory files until you do not have the permissions. You can not have the permissions until you do not have the ownership. So let’s take ownership, change permissions, just follow the steps.

1. Right click on sethc.exe and run as administrator.  Again right click on sethc.exe, open properties.
Click on Advanced tab , then on owner and click edit, change the owner from "trusted installer" to "administrator" and click apply.







 
2. Then click on 'Edit' in security tab to edit permissions. Click on 'Administrators' , give it full control
and apply changes.


 
Okay it’s done now.

Now try replacing the original sethc.exe with our sethc.exe (got by renaming cmd.exe).
Press shift key five times and hopefully you would get command prompt on the screen instead of sticky keys.

Enjoy Command prompt at logon screen...

So do not forget to set this backdoor whenever you would get friend's laptop for a few minutes...

Now you can also like Zeal2hack on facebook. https://www.facebook.com/Zeal2hack

2 comments:

  1. Replies
    1. Need The To Hire A Hacker❓ Then contact PYTHONAX✅

      The really amazing deal about contacting PYTHONAX is that the Hack done by us can’t get traced to you, as every Hacking job we do is strongly protected by our Firewall. It’s like saying if anyone tries to trace the Hack, it will lead them to us and we block whatever actions they are doing.

      We have been Invisible to Authorities for almost a decade now and if you google PYTHONAX, not really about us comes out, you can only see comments made by us or about us.

      Another Amazing thing to you benefit from Hiring our Hackers is that you get a Legit and the best Hacking service, As we provide you with Professional Hackers who have their Hacking Areas of specialization.
      We perform every Hack there is, using special Hacking tools we get from the dark web.

      Some list of Hacking Services we provide are-:
      ▪️Phone Hacking & Cloning ✅
      ▪️Computer Hacking ✅
      ▪️Emails & Social Media Account Hacking✅
      ▪️Recovering Deleted Files✅
      ▪️Tracking & Finding People ✅
      ▪️Hunting Down Scammers✅
      ▪️Hack detecting ✅
      ▪️Stealing/Copying Files & Documents From Restricted Networks and Servers ✅

      OTHER SPECIAL HACKING SERVICES

      ▪️Binary Option Recovery ✅
      ▪️Scam Money Recovery✅
      ▪️Bitcoin Multiplication✅
      ▪️Change Of Grades In Universities/Colleges ✅
      ▪️Phone Calls Monitoring✅
      ▪️keyLogging Installation✅
      ▪️Remote Access Trojan (RAT) installation ✅
      ▪️Cyber Security Upgrade✅
      ▪️And lots more...........

      Whatever Hacking service you require, just give us an Email using the Emails Address provided below.
      pythonaxhacks@gmail.com
      pythonaxservices@gmail.com

      PYTHONAX.
      2020 © All Right Reserved.

      Delete