18 September, 2011

[XP/7]Make yourself admin @ school! Reset PASSWORDS! + MORE!! [Win7/xp]

WARNING! READ FIRST!

VIDEO COMMING SOON!


What you can achieve through Local Users and Groups: Microsoft information on it

This is obviously against school rules/policy and if/when you are caught you could possibly be charged or expelled depending on the severity. hacking a school is dangerous and should not be done unless you know how to cover your tracks. i will cover this briefly in this tutorial.

First of all, please keep this thread alive, even if you just decide to read this tutorial please comment on the structure or even give me information that i can add to this tutorial.

I WILL be adding pictures for windows XP later on.

I will start with Windows XP.

WINDOWS XP

First off: If task manager is disabled use either: Regedit Task Manager Fix or
External Task manager
Okay, For Windows XP we will login and right click on the task bar now just above Start RIGHT click and hit explore, you are now in C drive/ If you are not in C: drive navigate there through the folders.
Now this part is very similar to Windows seven.
Type in MMC (Console Root)

[Image: E6orp.png]
The file path for the correct file should be something like C:MMC/System32

Open this up and you should be on the following window.

The Windows XP part i havn't tested fully as i have been on exam blocks but i will be able to post any fixups if needed for XP.

Now simply click File> Add/Remove Snapin and select Local Groups and Users.
[Image: EN4ej.png]

From here you can create new accounts/reset Administrator password etc.

There is many other Snapins that you are able to add. You can experiment with these and discover new things. (i will make more tutorials about school hacking with the more i discover).

Windows Seven!


First off: If task manager is disabled use either: Regedit Task Manager Fix or
External Task manager

Windows seven is practically the same as windows XP, the only difference is that we will be navigating to C: a different way (the same way may work for you but at my school we cannot "Explore" through taskbar on Windows 7 only XP.

Now we will right click on anywhere on the taskbar and select "Start Task Manager"

[Image: 4hDSf.png]

navigate to the processes tab and find one that contains your student username for example

Code:
Username: JSmith

[Image: mzhKK.png]
this simply means i will find a process with that name in it. We will right click this process and click "Open File location" (doesn't matter what process it is as long as it contains your username).

Now we will navigate to C: again and type in MMC (In search OFC).

[Image: E6orp.png]

Open the file named: C:MCC.exe/system32 (should look like that)

Now you can add/Remove any snapins you want
click file > Add/remove Snapins. Add local groups and users.
[Image: EN4ej.png]

From here you can add/change/remove/Reset admin/student accounts. There are many other Snapins you can add/remove as well. Just experiment with them.

CONCLUSION!


Ultimately anyone can do this, within five minutes of using Windows 7 for first time at school i had access to Admin files. It's all about trial and error.
On the Windows XP computers i gained access to the Admin files + Exams/assignments etc + i had access to the remote access tool to mess with other people's PC'S on the school network.

I currently know the password of the Admin but i do these things for fun (aka to learn) it's more fun that way and you learn your way around a PC.
If you enjoyed this tutorial or think you could gain something from it don't be afraid to comment! especially if you don't understand something!.

Also IF you know something that i can add LET ME KNOW!


Experimental Searches
If you navigate to C: (windows seven) same way in this guide and search for netplwiz you should be able to manage passwords/Advanced user group management (If you get prompted by a UAC then use the above method)

Covering your ass
If your school has Windows seven, you probably wont be able to disable the monitoring software through .bat files, so your best off using SAFE MODE! or! wait for a student to leave their PC and sometimes it won't log them out as it is still waiting for programs to close, pounce it and click cancel then utilise it! same goes for XP!

If your school has XP then find the process name of the monitoring software and if you can't stop it PM me and ill write you a .BAT file that will close it on a loop so you can do it safely.

You can also use safemode for windows XP.

Also if you know another student/teachers password simply use theirs. be creative.


if all else fails....

make a .bat file the appropriate information filled in and/or
open cmd and..

Code:
net localgroup group_name UserLoginName /add
For example to add a user to administrators group from command line we can run the below command. In the below example I have taken username as John.

net localgroup administrators John /add

Few more examples:

To add a domain user to local users group from command line:

net localgroup users domainname\username /add

This command should be run when the computer is connected to the network. Otherwise you will get the below error.

H:\>net localgroup users domain\user /add
System error 1789 has occurred.

The trust relationship between this workstation and the primary domain failed.

To add a domain user to local administrator group from command line:

net localgroup administrators domainname\username /add

To add a user to remote desktop users group:

net localgroup “Remote Desktop Users” UserLoginName  /add

To add a user to debugger  users group:

net localgroup “Debugger users” UserLoginName /add

To add a user to Power users group:

net localgroup “Power users” UserLoginName /add

then to make that user administrator

Code:
On Windows computer we can add users to a group from command line too. We can use net localgroup command for this.

net localgroup group_name UserLoginName /add
For example to add a user to administrators group from command line we can run the below command. In the below example I have taken username as John.

net localgroup administrators John /add

Few more examples:

To add a domain user to local users group from command line:

net localgroup users domainname\username /add

This command should be run when the computer is connected to the network. Otherwise you will get the below error.

H:\>net localgroup users domain\user /add
System error 1789 has occurred.

The trust relationship between this workstation and the primary domain failed.

To add a domain user to local administrator group from command line:

net localgroup administrators domainname\username /add

To add a user to remote desktop users group:

net localgroup “Remote Desktop Users” UserLoginName  /add

To add a user to debugger  users group:

net localgroup “Debugger users” UserLoginName /add

To add a user to Power users group:

net localgroup “Power users” UserLoginName /

if you cannot do this due to admin or denial of some kind..try using windows 7 elevated command prompt

Below is the procedure to open elevated administrator command window on a Vista or Windows 7 machine.

Click on Start button
Search for command program by typing cmd.exe in the search box.
Right click on the cmd.exe entry shown under the Programs in start menu
Select ‘Run as administrator’
Click on ‘continue’ if user account control asks for confirmation.
The above steps will open a command prompt wvith elevated privileges.

Labels:

0 Comments:

Post a Comment

Subscribe to Post Comments [Atom]

<< Home