• jas0n@lemmy.world
      link
      fedilink
      arrow-up
      6
      ·
      edit-2
      6 months ago

      It’s a well known exploit on Windows:

      • delete sethc.exe (sticky keys executable) from the system32 directory.
      • replace it with a copy of cmd.exe (name it sethc.exe)
      • reboot to login screen.
      • shift 5 times, and you get a command prompt with administrator privileges

      Now, you can change all the passwords on the system from the login screen.

      Last I checked, it still works, and it’s been around since xp days.