• jas0n@lemmy.world
    link
    fedilink
    arrow-up
    6
    ·
    edit-2
    6 months ago

    It’s a well known exploit on Windows:

    • delete sethc.exe (sticky keys executable) from the system32 directory.
    • replace it with a copy of cmd.exe (name it sethc.exe)
    • reboot to login screen.
    • shift 5 times, and you get a command prompt with administrator privileges

    Now, you can change all the passwords on the system from the login screen.

    Last I checked, it still works, and it’s been around since xp days.