Set-Up a BackDoor In Windows : Open CMD on Login Screen

Set-Up a BackDoor In Windows : Open CMD on Login Screen

As the word says, backdoor is a hidden way to access a place. In terms of computer backdoor means a way to access that system(network, pc or anything)through a unknown, hidden way making use of a vulnerability present in that system.

In this article I will tell you a way to access a pc running in windows os even if the system is password protected. But you must have accessed that system before.
For this trick you need only less than 5 minutes. For example think that your friend ask you to do something in his pc while he is having food. Then apply this trick at that moment.
And in future when you get a chance you can access that pc even if you don’t know the password(this trick is for password protected pc).
Follow the given steps and you can access any password protected system. Before that be notified with the trick behind it. Whenever you try to login to a password protected pc no other application other than “sethc.exe” can be opened.(just try during login),you can open the application just by tapping shift key for 5 times continuously(try it).
This facility is meant for handicapped people to use the system. So what will happen if we replace sethc with command prompt (cmd)? Yes during login instead of sethc we can open cmd(by tapping shift key times).
And using a cmd code we can reset the password of the account in which you have to login and you can access without a password.
So follow the given trick and you can access the system (first time you access a pc) without password (in future). If you use the following code you can reset the password easily and without confirming the old password. So you don’t need the old password and only the new password you are wishing to assign.
Type the following code:
Syntax: net user accountname *See the example: net user administrator *
First time when you use a pc do these:
In windows 7:
1) Go to c:\windows\system32

2)Copy cmd.exe to desktop

3) Rename it as sethc.exe
You will get a dialogue box saying that you don’t have rights to move it in to system32 or for replacing sethc.exe the cmd.exe you should follow these sub-steps:
a)Right click on sethc.exe in system32
b)Open properties

c)Click on advanced in security tab

d)Click on owner
e)Click edit
f)Change owner from “trusted installer” to “administrator”

g)Click apply
h)Then go to ‘security’ tab in properties
i)Click edit
j)Click on ‘administrator’

k)Check the option enabling full control
l)Click on apply

4)Copy and paste the renamed .exe file to system32 again.
That’s all now just tap shift key 5 times and see the magic even at login time.

In windows xp:
Just copy cmd to desktop and rename it as sethc.exe and paste it back in system32. Original sethc will be replaced by new sethc.exe no other permissions required.
After opening cmd by tapping shift keys 5 times type the given code(syntax is given,replaceaccountname with administrator or accordingly)
net user accountname *

In future for accessing the pc on which you have done the above hack just do the following tap shift key times continuously and cmdopens.just type the below code and you can enter the pc without a password(we have resetted it).
So what to think, just follow the above trick and be ready with a backdoor to access any pc your friends,school’s,office or anywhere when you get an access……….

Leave a Reply

Your email address will not be published. Required fields are marked *