This Windows backdoor is by-far, the simplest way to 'own' Windows and it works on all Windows versions.
To install this backdoor you will need:
To install the sethc backdoor, you need to prepare a flash drive on a PC first:
1. On your PC, make sure your flash drive is connected, and then open Rufus.
2. Ensure that your USB device is selected in Rufus correctly, and that 'FreeDOS' is selected. When you are satisfied, click on 'start'
To install this backdoor you will need:
- 1GB flash drive - drive will be erased, so backup any data
- Rufus (Download Here)
To install the sethc backdoor, you need to prepare a flash drive on a PC first:
1. On your PC, make sure your flash drive is connected, and then open Rufus.
2. Ensure that your USB device is selected in Rufus correctly, and that 'FreeDOS' is selected. When you are satisfied, click on 'start'
That's the preparation finished. Now perform the following steps on the PC you want to install the sethc backdoor on:
3. Connect the flash drive to the target PC, and turn it off.
On some PCs the next step is different
4. Hold down one of the following keys while pressing the power button on the PC until a configuration screen appears
F8 F10 ESC
The screen you are seeing can differ on different PCs
6. Search around for a setting called 'Secure Boot' and make sure its disabled
7. Go to the last tab and select save
8. Hold down F2 whilst turning the PC on and select the USB drive from the list
9. A black MS-DOS command prompt will appear, to install the backdoor, enter in the following commands and press enter
ren C:\Windows\System32\sethc.exe sethc2.exe
copy C:\Windows\System32\cmd.exe C:\Windows\System32\sethc.exe
exit
10. Turn the PC back on, and press the SHIFT key 5 times once the login screen appears
CMD will appear with SYSTEM privileges, you can enter any command. The backdoor is installed!
11. OPTIONAL: Install the official Backdoor Controller to hide the Backdoor
Installation guide here
12. To change the password of an account, type the following command in CMD replacing username with the username of the required account and replace password with the password you want (Remember to keep the quotes)
net users "username" password