- Log into your account (must have admin rights)
- Get to a command prompt and type ‘net user username *’ where username is Administrator, or the renamed administrator account.
- Give administrator a STRONG password.
One of the first things I do is give the Administrator a password. I also disable the guest account, and give the guest username a password.
Next I uninstall all networking components except TCP/IP. Next I disable netbios in the TCP/IP component settings.
Then I disable some services from running, use ‘net user username /DELETE’ to delete the “SUPPORT” and helpdesk usernames totally, and do a bunch of other stuff.
Caveats: If you are on a pc that does not allow you to boot into safe mode, you can get around this. They aren’t disabling the safe mode from the OS, they are just not allowing it from startup by pressing a function key. All you need to do is reboot, and then when windows is still loading, before the login screen, turn off the computer by holding down the power button for 5 seconds. Then turn it back on and you should have safe mode available. You can try this at many different stages to get to a safe mode.
If you have administrator rights, you can modify your boot.ini file to automatically boot into safe mode, or, preferably, you can modify your boot.ini file to give you a choice of booting into safe mode every single time you reboot. I have a custom boot.ini on every windows I run.
You could also use a linux “live cd” such as knoppix to edit your boot.ini file. But if you are going to do that, why not just use a live cd to reset the password, or retrieve the hashes and crack them with saminside?
See available boot.ini switch options at microsoft support boot.ini switch options
This is meant to be for beginners so don’t give me any grief for how easy or simple this is. Not all of us even use windows. Questions/Comments welcome.
No comments:
Post a Comment