• @jas0n
      link
      6
      edit-2
      7 months ago

      It’s a well known exploit on Windows:

      • delete sethc.exe (sticky keys executable) from the system32 directory.
      • replace it with a copy of cmd.exe (name it sethc.exe)
      • reboot to login screen.
      • shift 5 times, and you get a command prompt with administrator privileges

      Now, you can change all the passwords on the system from the login screen.

      Last I checked, it still works, and it’s been around since xp days.

      • @jj4211
        link
        17 months ago

        Don’t you need to be admin to muck with system32?

        • @jas0n
          link
          27 months ago

          Just access to the hard drive. A bootable Linux USB could do that. I think you can get there through some obscure way with windows installation media as well.