How to hide an administrator account

Source: Internet
Author: User
Tags command line
Everyone is familiar with the Regedit.exe, but cannot set permissions on the key keys to the registry, and Regedt32.exe the biggest advantage is the ability to set permissions on key keys in the registry. NT/2000/XP's account information is under the Registry's Hkey_local_machine\sam\sam key, but other users are not authorized to see the information except system users, so I first use Regedt32.exe to set the SAM key for me Full Control permission. This allows you to read and write the information in the SAM key. The concrete step is as follows:


1, assuming that we are logged on to a terminal-service broiler with a Superuser administrator, first create an account at the command line or in the Account Manager: hacker$, here I set up this account under the command line net user hacker$content$ Nbsp;1234/add


2, in the start/Run input: Regedt32.exe and enter to run Regedt32.exe.


3, click "Permissions" will pop up the window point after adding the account I logged in to the security bar, here I am logged in as the administrator, so I will join the administrator and set the permissions to "Full Control." Here is a note: It is better to add the account or account you are logged in to the group, do not modify the original account or group, otherwise it will bring a series of unnecessary problems. And so the hidden super user is built, and then come here to delete the account you added.


4, then click "Start" → "Run" and enter "Regedit.exe" return, start Registry Editor Regedit.exe. Open key: hkey_local_maichine\sam\sam\domains\account\user\names\hacker$ "


5, the item hacker$, 00000409, 000001f4 exported to Hacker.reg, 409.reg, 1f4.reg, with Notepad to play these several exported files for editing, the root of the key to the corresponding 000001F4 keys "F" of the value of the copy , and overwrite the value of the key "F" under item 00000409 of hacker$, and then merge 00000409.reg with Hacker.reg. (www.3lian.com)


6. Execute NET user Hacker$content$nbsp;/del at the command line to remove hacker$ users Hacker$content$nbsp;/del


7, Regedit.exe in the window F5 refresh, and then file-Import registry files will be modified Hacker.reg import registry can be


8, to this, the hidden super user hacker$ has been built, and then shut down the Regedit.exe. In the Regedt32.exe window, change the Hkey_local_machine\sam\sam key permissions back to the original (as long as you delete the added account administrator).


9, note: Hidden Super user built, in the account manager can not see hacker$ this user, in the command line with the "NET User" command can not see, but after the establishment of superuser, you can no longer change the password, if the net user command to change the hacker$ password, The hidden Superuser will be seen again in the account manager and cannot be deleted.


Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.