This type of "attack" requires that you have physical access to the target computer.
- Restart the targeted computer
- At Splash screen kill the power
- Turn the computer back on
- Click on the Launch Repair
- At prompt to restore click on CANCEL
- When prompt to send click on “View problem details”
- Scroll to the bottom
- Click on the link at the
- Notepad should come up
- Goto File > Open > Computer > Local Disk (C:)
- Change file type to all files
- Goto Windows > System32
- Rename file called Sethc to Sethc.org
- Copy cmd.exe, scroll to the bottom of the screen, click on a blank spot, right-click and paste it
- Rename “cmd.exe copy” to Sethc
- Click Cancel
- Click “Don't send”
- You should now be back in the login screen
- Click on Shift x5
- A terminal should now come up
- Recon for an user name by typing in: net users
- Provide a new password for the targeted user name - net user <NAME> <PASSWD>
- If successful close the terminal, otherwise try again or another user
- Attempt to login as the user you change the password for
- You should now be successfully logged as the use
I need to weaponize this into a rubber ducky...
ReplyDelete