This project forked from wandersick/sneaky-win-intruder
[Legacy] Physically log into Windows OS as a new admin by creating the admin account at welcome screen with the sethc.exe trick
Home Page: https://wandersick.blogspot.com/2009/09/windows-sneaky-win-intruder.html
License: MIT License
Instructions for Sneaky Win Intruder (Swi) Type 1 Last update: 11/9/2008, revision 0.9a Purpose: To get into a password-protected Windows using the sethc.exe trick, thru the administrative command prompt shown at logon to create a new temp account and refresh the screen. after having finished working with the PC, restore the modifications e.g. temp user account UAC setting, last logon user history, user profile, etc. --------------------------------------- Before running, make sure all required executables exist (see 'Required exe...' section) If you're clueless, please run in this order: [Part 1] -- Swap sethc.exe With an external Windows source (i.e. not currently logged on) or under Windows PE, run "Swi.bat", enter "Search" or "S" to locate target Windows Note: For Vista or later, in the middle of the way it may ask you to disable UAC if it detected UAC is on, please enter "y" to turn it off. It will be enabled during restoration later. [Part 2] -- Create temporary user Boot to target Windows, at logon screen, hit SHIFT 5 times, enter "adduser" (if it does not work, try "adduser1") in the Command Prompt that's just popped up. It may ask you to refresh screen, enter "y" if you don't see an updated Welcome screen. enter 'n' if you use a logon box. [Part 3] -- Delete account, remove traces After working with the PC, to restore the changes and remove the traces, open a Command Prompt (cmd.exe), enter "clean". Do not open Command Prompt by hitting SHIFT 5 times or else restoration may fail. Your part is done. The last part of removal is ALMOST complete. So far, temp account deleted, sethc.exe restored, last logon user (only if AutoAdminLogon is off) erased. The rest will carry on in the background at the next logon of the user (not you). If the user is not administrator it will fail as it uses RunOnce. By then, UAC will be re-enabled (only if it was initially on), user profile folder and the rest of files that was left over will be deleted. Even if it fails, the traces that it left are not noticeable by a normal user. If you want you can remove manually the files in "clean_next_boot.bat". --------------------------------------- Required executables for download Before running, please ensure some of the following executables must be present either in system path (e.g. Windows\system32 folder) or in Swi folder. attrib - XP/2003 built-in* cacls - XP/2003 built-in* sc - XP/2003 built-in* reg - XP/2003 built-in* taskkill - XP Pro/2003 built-in* (alternatively, use wkill and pskill) ALT: pskill - http://technet.microsoft.com/en-us/sysinternals/bb896683.aspx ALT: wkill - http://alter.org.ua/en/ takeown - Server 2003 built-in (alternatively, use subinacl) ALT: subinacl - http://www.microsoft.com/downloads/details.aspx?FamilyID=E8BA3E56-D8FE-4A91-93CF-ED6985E3927B&displaylang=en startx - http://www.naughter.com/startx.html srvany - Windows 2003 Resource Kit - http://www.microsoft.com/Downloads/details.aspx?FamilyID=9d467a69-57ff-4ae7-96ee-b18c4790cffd&displaylang=en *Note while Vista and 7 also have these, they cannot run on older OS. So better use XP version. --------------------------------------- Known bugs: - After applying SWI on Windows 7, the Command Prompt shown by hitting SHIFT 5 times cannot show some messages properly, however script runs fine. - In Windows 7, sometimes after restoration user profile is not fully deleted, leaving only empty Music, Pictures, Documents folder. But other leftovers are deleted. - Fails if "Sticky Keys" is disabled, in that case, use Swi type 2 instead (which is not yet finished at this moment). So far it has been confirmed working offline on Windows XP, 2003, Vista, 7, both Chinese and English, using Windows PE 1.x (NoName XPE, Hiren's BootCD), PE2.0 (VistaPE), PE3.0 (C7PE), XP, 7 as base system. --------------------------------------- For details, refer to the blog post at https://wandersick.blogspot.com/2009/09/windows-sneaky-win-intruder.html (available in English translation) Please report any bugs to [email protected], or reply to the blog post
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.
