HOW TO RESET Administrator PASSWORD and Unlock any PCs?!

Introduction 0:00
Explaination 0:57
Targets 1:48
Installing Win 3:08
Main Stuff 5:29
BOOM 9:05
(Thank me later, 😉)

epicaedit

This was actually useful and not a rigged scenario, good work on this one.

lonewolfs

Not only this, there is one more option to reset password known as SETHC. Simply you just need to replace your SETHC key with cmd just like this as Utilman.exe to cmd.exe,
Then you only need to press SHIFT button 5 consecutive times and then boom You'll see a command prompt where you'll be able to reset the password by using the same commands..
Happy Learning- :) :)

aakibkhan

Hey! I just wanted to thank you for showing us this exploit. No harm intended, it's just super convenient to repair users pcs this way in case they forget passwords

Mikigoalie

Your English is so good I saw a video that you had posted about 7 years ago They just randomly come across and I've noticed the difference between how you speak now and then I just want to save me amazing progress! I honestly thought he lived neither Canada by the way you need to come to Vancouver since you were doing it doing survey or God forbid you lived in America. Lies speaking at a Native speakers level for English impressive

LifelongLearner

You don't need an installation media at all but just upon botting windows force power off it then power it on and press F10 or F8 for repairing it then it boots from the recovery partition and you get CMD and you can do the same steps (sticky keys glich) to reset windows password.

* A smart guy can disable sticky key glitch but you still can do it through booting again from an installation media or as I said from repairing boot partition the load the hive of offline windows then reactivate the sticky keys again.

itachiuchiwa

You are right on point with this one...I have been locked out of my admin account for 3 months....not anymore.Ty for this video

PiercedJeebus-

Very good because you left everything intact and only accessed what you needed. Normally others like spotmau would remove the pswd completely which raises eyebrows

arthurwekati

Thanks you so very much. I have been fighting to try and remember the password on my PC, but you made it easy to figure it out. Thanks again.

l.a.martin

OLD BUT INTERESTINGG
SPECIALLY I LOVE YOUR EXPLAININGG WAY
MR. LOI 👍👍👍👌👌👌

nohopeaa-

I bought your course on udemy but i learn a lot from your YouTube channel 😅😂

ReadyForJail

Nice UI bro ! The most awesome thumbnail ever seen .

utensilapparatus

I got myself a cheap little dell optiplex 3000 and its im guessing an old work computer with some decent specs but im unable to reset the computer and remove all data should this work on a domain admin work pc???

jazieex

Just go to startup recovery menu, open cmd, then open notepad, see all files, rename sethc.exe to something.exe and cmd.exe to sethc.exe then restart computer and logon screen press shift button 5 times and then you will have command prompt with admin access..

Girlust

You left out some points. In cmd the external drive is not always D:. I had to run a list and find the correct disk. I think you forgot that not everyone is using the same external drive as you.

mikerentiers

actually it's called "supply chain" attack vector and widely used not only for fun hack windows. for example, if you replace DLL (win) or SO (lin) libraries with your own doing the same things as original but plus your stuff there (bind or reverse shell, etc.), then any SW which uses (depends on) that libraries will be under your control with the rights of person who run the SW.
enjoy! ;-)

apristen

Would this (using a Win USB boot stick as you described) work if my office machine is locked down with bitlocker? Wouldn't I need to be logged in with that before I could could mess with the registry/disk contents? Which would be 'hard' to do on a USB reboot, no?

BytebroUK

*Guidance needed.* I have a computer which has a bios password so loading Linux live is a no go (stuck on secure boot).

When I turn it on, it shows the logon, then a loading wheel as if it logged in, then for a fraction of a second it pops up a power shell, then loads a “T” app (shows a “T” in a purple square and 2 silhouettes, for the App logo), then says “can’t logon with no internet connection” and prompts me for credentials.

Any idea on how to bypass this? I’ve been trying to stop the startup programs via a windows setup cmd but it’s been to no avail.

No, this isn’t stolen and yes, it is my property! I purchased an HP Slice G2 from an estate sale, it had a sticky note on it with the “credentials” but they are not valid. And when I contacted the people, they said “all sales are final and unfortunately the credentials written on the item are the only credentials that will be given”.

Usually I just pop in a live kali and have my way with it but the secure boot is impeding this option.

Uneke

Now that is exactly the reason why most administrators block the use of external media on their network. So this only will work on privatly owned computers or computers is small organizations.

eddys.

So many comments saying 'this is old news/technique'. So what. Ive never seen it, or thought of it. Thanks MASS for sharing this. Im not intending to use it maliciously, but as someone somewhat new to the cybersecurity field, it's certainly something im glad I'm now aware of and to consider. 👍💯

scottspa