In this post , I would be focusing on a simple hacking strategy. I would be explaining how to access a system(Windows) to which you have no access. Let me elaborate the scenario. Suppose you want to access your friend’s desktop when he is on leave. You actually need to get some important document from his computer that is related to your project and you are not able to get him online to get his password so that you can have access to his system, in such a case you can use the below mentioned method. This is one of the good uses out of it. But as you all know, the negative side would be more attractive for the most where you can access your administrator’s system on his absence, you can peep into your boss’ system, the list goes on and on.
In Windows, the feature you can have access to before logging into the system is “sticky keys”. This is actually not in a flaw in the system, but its devised so that even physically challenged people can access the system with much ease. But, unfortunately, we have tapped the functionality for some “other” purposes. Now our procedure is basically developed on exploiting this property of Windows. But to use this property , you should at least get 30 seconds access to the system you are planning to hack. The file that executes Sticky Key is present in "C:\WINDOWS\system32" and the name of the file is “sethc.exe”.
Step.1: Copy the file “cmd.exe” from “C:\WINDOWS\system32” to any other folder.
Step.2: Rename the file as “sethc.exe”.
Step.3: Copy the file back to “C:\WINDOWS\system32”.A message would pop up asking if the existing file needs to be replaced.Click on "Yes". ( It is advised that you copy the original sethc.exe file to some other folder intially)
Step.4: Now log off the system.
Step.5: Now press Shift key 5 times and you can see your command window opening up on the login screen.
This is not over yet. Now type in “ start explorer.exe ” and you can see the whole start menu popping up in the login screen. Now use them on your will. So you are actually using the system without even logging in.Now since you have command prompt ready for you to use, I guess you know the power you have got. In the next post, I would be talking about how to tweak it further.
Note:Try this at your own risk :)