Home Hacking Hack a Windows 7/8/10 admin account password with Windows magnifier

Hack a Windows 7/8/10 admin account password with Windows magnifier

by admin

Hack a Windows 7/8/10 admin account password with Windows magnifier

This exploit takes advantage of the ease of access tool on the login page by ‘tricking’ windows into launching a fully privileged command prompt by selecting ‘make items on the screen larger – magnifier’. By using this method you can simply reset admin account password, just by having physical access to the computer.

Disclaimer: This is for use on a PC that you own. Breaking into someone else’s PC is considered a serious crime in most places. If you make a mistake or change something else, your Windows may become a non-boot. If so, just undo whatever you changed outside of the hack shown here, and it will back to normal. Need I say this is for Educational Purposes! You are responsible for your own thoughts and actions.

1. Launch any OS that allow full access to file system

Here you can use many different linux distros or even a windows disk/usb, as long as you can access the terminal/command prompt, you’re good. In this case, we are going to use Kali linux distro. Insert CD/DVD into drive and reboot the machine. Start your Live DVD. You may need to go into the BIOS screen and change the boot-up order to CD/DVD drive first, HDD second.

2. Navigate to Sys32

Use the file browser in your Linux environment, navigate to %windir%/system32/. You may have to right-click and mount the Windows partition/drive first or use the NTFS-3G command.

Article is written on a macbook with Windows dual booted, there is Windows instance named as BOOTCAMP.

3. Rename Magnify.exe

Find and rename magnify.exe (Magnifier file) to magnify.old

mv magnify.exe magnify.old

4. Rename cmd.exe

Find and rename cmd.exe to magnify.exe.

mv cmd.exe magnify.exe

5. Shut Down Linux & Reboot Windows

Log out and reboot, remove CD/DVD/USB, and restart into Windows.

READ ALSO:  Send Anonymous emails: 19 sites to keep your identity hidden

6. Get CMD Prompt Modify Accounts

When Windows reboots, click on the ease of access button in the bottom left corner

Click the second selection “Make items on the screen larger (Magnifier)” and hit apply.

The command prompt should now be in front of you. You now have a system level command prompt. At this point is where you can change the admin password and make any modification to the system using administrator privileges. 

TipYou can right-click on cmd.exe and click “Run as administrator” inside of Windows for escalated privileges. To edit files, it would never be allowed at basic admin level (caution). Same goes for any app in Windows right click and make the magic happen.

Type net user to get a list of accounts

Change Password: 

net user username new_password

Tip: when you do so, the password changes without prompting you again.

Add an account: 

net user username password /add

Tip: If your username has a space, like John Doe, use quotes like “John Doe”.

Admin that: 

net localgroup administrators username /add

Delete that: 

net user username /delete

Remote Desktop Users Group: 

net localgroup Remote Desktop Users username /add

Net User Syntax Reference:

net user commands 
net user for domain

7. Revert back all changes

Now you should insert your Linux Live CD/DVD/USB and rename the files back to the original names.

  1. Repeat Step 1
  2. Repeat Step 2
  3. Rename magnify.exe back to cmd.exe
  4. Rename magnify.old back to magnify.exe
  5. Log out, take out CD/DVD USB, reboot into Windows

Recommended resources

Kali Linux
Create Live USB Sticks Rufus

READ ALSO:  “Disappearing Malware” Allowed Hackers Steal $800,000 Cash From Russian ATMs

Conclusion

Well, that was how you hack a Windows 7/8/2008/10 administrator account password with Windows Magnifier. This also demonstrates how you could Pwn a machine if you think about it some, have hands on and they have not disabled EoA.  Hope it helps you in some way.

source: https://null-byte.wonderhowto.comhttps://thehacktoday.com

You may also like

Leave a Comment

* By using this form you agree with the storage and handling of your data by this website.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept

Privacy & Cookies Policy