Get Control Over Windows
How to hack Windows passwords on physical machines using a Windows installation bootable USB disk
The following example is using a Windows 10 Pro machine on VMware. The steps will be similar when using a bootable USB disk.
Insert the bootable USB disk (equivalent or higher installation OS)
Restart the machine
Press the F2 key to enter the BIOS setup during boot up
Select the bootable disk and in the case of Figure 1, it would be 'EFI VMware Virtual SATA CDROM Drive (1.0)
As shown in Figure 2, press any key to boot from the bootable disk
Figure 3 shows that the boot up to the installation disk was successful
Press "Shift" + "F10" to open the command prompt as show in Figure 4
Type 'c:' + 'Enter' to change to C Drive
X:\Sources>c:
C:\>Type 'dir' + 'Enter' to list all the files and directories to check if C Drive is the correct disk drive
C:>dir
In the case as shown in Figure 6, D Drive is not the correct disk drive
In Figure 7, we will need to change to the directory where the files cmd.exe and sethc.exe are located by entering 'cd Windows\System32' into the command prompt
c:\>cd Windows\System32
c:\Windows\System32>
Let's back up the sethc.exe file to sethc_bak.exe using the rename command 'ren' as shown in Figure 8
c:\Windows\System32>ren sethc.exe sethc_bak.exe
In Figure 9, cmd.exe was copied and named as sethc.exe
c:\Windows\System32>copy cmd.exe sethc.exe
Close the command prompt window as shown in Figure 10 by clicking on the top right red 'x'
Proceed to cancel the Windows installation setup as shown in Figure 11
Restart the machine and remove the bootable installation USB disk drive if you are using one.
Last updated