Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Standard view
Full view
of .
Look up keyword
Like this
0 of .
Results for:
No results containing your search query
P. 1
6730819 Xp Admin Hack

6730819 Xp Admin Hack



|Views: 125|Likes:
Published by anoop29

More info:

Published by: anoop29 on Jul 25, 2009
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less





exploit process1. create a bootable floppy disk. a bootable floppy disk can be created by goingto windows explorer or my computer. from there, an ms-dos startup disk can be
 recreated. after the bootable floppy disk is created, the following files can besafely deleted to save space for later use:display.sys
2. copy into the bootable floppy disk the ntfs file system recognition program.one such example is sysinternals ntfsdos v3.02r+. the file ntfsdos.exe is only
 52kb and can be easily fitted into one disk.3. copy compression program into the bootable floppy disk. there are a fewcompression programs in the market, but the one i use is rar version 3.30 for dos.after extracting all the files from the distribution file, only two files arerequired:emx.exe
4. boot target machine using the bootable floppy disk. if the target machine isset up to boot from the floppy disk drive, then this step will just be puttingyour disk into the drive, reboot the system, and have a sip of your favouritedrink while the boot up process is under way. otherwise, you will need to go tocmos to change the bootable sequence. if cmos is password protected, a cmospassword cracker or physically resetting it might be required. but cracking cmospassword is outside the scopescope of this document.5. load the ntfs file system recognition program. if sysinternals ntfsdos has
 been put on the floppy disk, all you need to type at the dos prompt is: ntfsdos.6. compress and copy the system and sam files into the bootable floppy disk. ifrar is used, all you need to do is to type the following two commands:rar32 a m5 v system.rar location of system file\system
rar32 a m5 v sam.rar location of sam file\sam
location of the system and sam files are in the same location, which is:d:\windows\ system32\ config7. extract system and sam files from the bootable floppy disk. after the systemand sam files are compressed and stored into the floppy disk, they can beextracted from the disk by using the following rar commands:rar32 e system.rar
rar32 e sam.rar
8. remove syskey protection in the system and sam files. this step may not benecessary since ive heard that some password crackers (used in step 9) can crack
 password that is syskey protected, but it will take a longer time to crack. tominimise the time used, two tools can be used to remove the syskey before cracking

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->