POST CATEGORY : Window Password Hacking

Bypass Admin access through guest Account in windows 10

Open command prompt and check windows user account status using “whoami” command.

Account name is “joe” and account status is ‘DefaultAccount’ which is a non-administrator account type.

Try changing administrator using the ’net user’ command. You will see an error ‘Access is denied’

Now download “CVE-2017-0213_x64” from here and unzip in your PC. Go to the folder and you can find the .exe file, double click on it to run it.

The moment you double click on it, it will automatically open a new command prompt with administrator privileges.

Use ‘net user’ command to change the administrator account password. Message ‘The command completed successfully’ will appear. You have now successfully changed the administrator accounts password.

Author– Abhimanyu Dev is an Aspiring Cyber Security Expert Contact Here

Bypass Windows Login Password using Android Phone with DriveDroid

Drive Droid is an Android application that allows you to boot your PC from ISO/IMG files stored on your phone. This is ideal for trying Linux distributions or always having a rescue-system on the go… without the need to burn different CDs or USB pen drives.

Drive Droid also includes a convenient download menu where you can download USB-images of a number of operating systems from your phone. You can also create USB-images which allow you to have a blank USB-drive where you can store files in. Blank images also allow you to use tools on your PC to burn images to the drive and create a bootable USB disk that way.

You can manually download it from google playstore.

Note: need root privilegde means you need rooted phone.

Let’s start!!!

Install DriveDroid app on your smartphone and run the application.

Click on plus sign at the lower right corner to add any iso image file.

Under preference here we need to select image directories so that we can browse konboot iso image file.

Further it will move into internal storage to let you choose your iso file, I have opt for konboot.iso and click on select (Please note that the kon-bootCD.iso file should exist on your phone)

Selected the koonboot iso file and it will get mounted

Tap on the mounted file and we can see three boot options as shown in the figure below Select the third option of CD-ROM and connect the smart phone with the system and reboot the system

Now plug the USB cable between phone and system for booting it from your phone and restart the system (pc) then continuously press function key of your desktop system.

Select the smartphone as the boot device from the bios boot menu of the system and system will boot with koonboot.

Great!!! Successfully you will get administration console; now hit the enter button on the key board. This will bypass the admin console without entering password.

Hack Locked Workstation Password in Clear Text

For this tutorial we will be using kali Linux iso which can be found on their official website and wce(windows credentials editor) which can be found at http://www.ampliasecurity.com/research/windows-credentials-editor/

Download the universal version if you don’t know the target system architecture (32 bit or 64 bit).

Windows Credentials Editor (WCE) is a security tool to list logon sessions and add, change, list and delete associated credentials (ex.: LM/NT hashes, plaintext passwords and Kerberos tickets).

First of all make your pen drive bootable with kali linux (you can choose any other linux distro) and then copy the wce.exe to the pen drive and then boot up the kali linux with the PD on target system  and from the boot menu choose Live boot option and hit enter.

Now after OS boots up go to File Manager and browse to other locations and choose the 16 GB volume (size of the windows installation which will be different in your case).

Now browse to the Windows/System32 folder.

Now rename the Utilman.exe file to any other name and then rename the cmd.exe to Utilman.exe.

Now restart the system but this time doesn’t boot the system to kali Linux, let it boot to the installed windows and you will be presented with password screen after choosing the user.

At the password screen to lower left side a blue icon named ease of access will be present, click on it and a command windows will be opened

Now you have to execute the wce.exe file in the pd so type the following command to know the external devices connected:

diskpart  (a windows command line utility which enables us to manage disk and partitions)

and then on diskpart prompt type command:

list volume (show all the connected drives)

Now choose the FAT32 Fs type drive (to be sure also confirm the drive name with the size of your pen drive)

In my case it is F. Now exit the diskpart by pressing ctrl^c.

So now browse to the pd by typing the following command: f:  (Here f is the drive letter name In your case it could be different) and then execute the wce.exe file which you copied previously with command:

wce.exe –w (-w is used to dump all the passwords in clear text)

As you can see it has successfully dumped the password in clear text.

2 Ways to Hack Windows 10 Password Easy Way

Start your computer and enter into Bios Setup. Change your boot preferences to boot from CD /DVD. Click on Next

Now select the “Repair your computer” option from the lower left-hand corner.

Then click on Troubleshoot option.

Then click on advanced options.

Now click on command prompt

Then you’ll copy the command prompt executable (cmd.exe) over top of the On Screen keyboard executable

Now you can reboot the PC.

Resetting the Password

Once you get to the login screen, click on On-Screen Keyboard, and you’ll see an administrator mode command prompt.

Now to reset the password—just type the following command, replacing the username and password with the combination you want:

Syntax: net user account.name *

Example: net user raj * and hit enter. Set any password for that account.

Second Method

Start your computer and enter into Bios Setup. Change your boot preferences to boot from CD /DVD. Click on Next

Press SHIFT + F10 to open a command prompt

Then you’ll copy the command prompt executable (cmd.exe) over top of utility manager executable

Now you can reboot the PC.

On the Windows 10 sign-in page, click the Utility Manager icon

Now to reset the password—just type the following command, replacing the username and password with the combination you want:

Syntax: net user account.name *

Example: net user raj * and hit enter. Set any password for that account.

3rd Way

This method is the most user-friendly approach to hacking a Windows 10 password. It’s highly effective and doesn’t require any expertise to use. The simple three-step process will ensure that any Windows user or admin account is immediately accessible. The most reliable aspect of this utility, called TunesBro WinGeeker, is that it does not touch your data in any way.

Step 1: Download TunesBro WinGeeker to a different PC, then use the built-in ISO burning utility to burn the ISO file and create a boot disk or boot drive. This is your password reset disk.

Step 2: When the disk or drive is ready, remove it and insert it into the locked PC. You will now need to go into the BIOS menu and change the boot priority so the system boots from your password reset disk instead of the Windows installation files that are on your hard drive.

Step 3: Once you see the TunesBro WinGeeker interface, you need to select the right Windows version and the user account that is locked. Click on ‘Reset Password’ to hack and blank the Windows 10 password. Now click on ‘Reboot’ and the job is done.

On restart, you will be able to access the account that was locked, and you won’t need to enter anything in the password field because it has just been blanked.

TunesBro WinGeeker works on multiple Windows versions and has been tested rigorously on more than four dozen PC, laptop and notebook brands from around the world. It has a 100% recovery rate and is used by millions of Windows users. It is a self-contained software application, which means you won’t need separate ISO burning software or be forced to do any command line work usually required to unlock a password. Simply create the password reset disk and use it to instantly remove any user, guest, admin, Server or Microsoft account password, and access your files without the fear of any data corruption or missing files.