Bypassing the Windows Login??
Hello everyone, You’ve probably looked up this subject a lot in various circumstances, such as when you lost your password, someone reset your account, or you just wanted to easily hack someone.
It’s possible that you have encountered several solutions for situations ranging from complicated to extremely difficult, yet you may not have completed your job as well. Okay, let’s look at how we can easily avoid the Windows login process by following a few really easy steps.
Note: The below method will only work when no defense mechanism/tools such as Windows Defender/AVs are not configured/not-installed.
Disclaimer: This blog is for educational purposes only.
Let’s get to the floor:
Things you need:
- USB stick — minimum 8 gigs
- Windows Installation Media — can be downloaded from here.
Description :
What we’re going to do is click the “online keyboard button” in the lower right corner of the login screen. “Utilman.exe,” which is housed inside the system32 folder of this Windows installation, will be called by this action. We are going to switch this call’s action from “utilman.exe” to the command line prompt, “cmd.exe.”
After that, you can easily change this user account’s password.
Let’s get our work done!
Step 1:
Create a windows media installation on the USB pen drive using the downloaded Windows Installation Media software mentioned above.
Step 2:
Using the downloaded file, create an installation media for the USB drive, you can google it if you don’t know how to create an installation media.
Step 3:
Let’s boot the target PC to boot from USB stick/pendrive.
Step 4:
Once you reach it to the installation screen, press “SHIFT + F10” and it will prompt you the Command Prompt:
Step 5:
Once we get the cmd, we will explore the available drives, and replace the Utilman.exe with cmd.exe in System 32 folder of the target os. To explore the drives available.
wmic logicaldisk get name
Step 6:
Find the windows installation drive (C:/ in my example) and navigate to system32 folder
Rename Utilman.exe into something else. (ex. Utilman.exe)
and then copy the cmd.exe to utilman.exe.
This will make popup the “cmd” in the login screen when you click on the screen
Now close the installation media window and boot back from the hard-drive again.
Step 7:
Click on the below button (where it is supposed to open the “utilman.exe” surprisingly, it will now open the Command Prompt “cmd.exe”)
Step 8:
Let’s change password since we have the access to command prompt.
net user
net user <username> <password>
It’s easy, isn’t it? Look how exposed you are. Are you not? Don’t worry, we’ll limit this procedure to a few easy stages.
How can you protect your login so that this action is blocked?
1. To prevent unauthorised access to the BIOS setup, enable the password.
2. Turn off the online keyboard that shows up when you log in.
3. Installing AVs (Antivirus) will complicate this procedure!
That is all there is to it. If you find it useful, please share!
Stay tuned for more blogs delving into the critical realms of Application Security, SIEM (Security Information and Event Management), Data Loss Prevention, and Threat Hunting.
