Net User: Command Prompt
Windows command prompt utility Net User, can also be used to manipulate the user accounts in Windows. The commands are as follows:
- To check the User Accounts: Net User
- To Change the Password of User Account: Net User Username *
- To Add a New User Account: Net User Username Password /add
- To Delete a User Account: Net User Username /delete
Sticky Keys Backdoor
- Sticky Keys application can be used as the Backdoor in Windows Operating System.
- Command Prompt file ‘CMD.EXE’ can be renamed to ‘SETHC.EXE’ in C:\Windows\System32 Folder.
- After this one can hit the Shift Key 5 times on the User Login Screen and will get the Command Prompt right there. Net User can be used to modify User Accounts thereafter.
Live Boot Disk Attack
- Software: Active Password Recovery can be used to create Live Boot Disks for Windows Operating System.
- Live Boot Disk can be used to start the Windows and access the SAM File.
- Attacker can Remove the Passwords from the User Accounts or can set new Passwords on the Accounts.
Brute Force Attack
- Brute Force Password Guessing is just what it sounds like: Trying a Random approach by Attempting Different Passwords and hoping that One works. Some logic can be applied by trying passwords related to the person’s name, job title, hobbies, or other similar items.
- Brute force randomly generates passwords and their associated hashes.
- There are Tools available to perform the Brute force attack on the Windows SAM File. One of the most famous of them is Cain and Able.
- Once the Administrator account is Cracked, one can easily Login with the Administrator User Account and Promote any User Account to give him the Administrator privileges.
- One more thing which an attacker can do is to boot the computer from the Live CD and change the SAM file to promote any Limited User account to Administrator.