Hacking into Windows 95. How to Hack into Computer System Beginners Hacking Part 2

Important warning: This is a beginners lesson. BEGINNERS. Will all you geniuses who were born already knowing 32-bit Windows just skip reading this one, OK? We don't need to hear how disgusted you are that not everyone already knows this.  

 PARENTAL DISCRETION ADVISED!  

This lesson will lay the foundation for learning how to hack what now is the most commonly installed workstation operating system: Windows NT. In fact, Windows NT is coming into wide use as a local area network (LAN), Internet, intranet, and Web server. So if you want to call yourself a serious hacker, you'd better get a firm grasp on Win NT.  

In this lesson you will learn serious hacking techniques useful on both Windows 95 and Win NT systems while playing in complete safety on your own computer.  

In this lesson we explore:  

• Several ways to hack your Windows 95 logon password.
• How to hack your Pentium CMOS password .
• How to hack a Windows Registry - which is where access control on Windows-based LANs, intranets and Internet and Webs servers are hidden!  

 

Read Also: Top 10 Tools Mostly Used by Black Hat Hackers

Let's set the stage for this lesson. You have your buddies over to your home to see you hack on your Windows 95 box. You've already put in a really industrial haxor-looking bootup screen, so they are already trembling at the thought of what a tremendously elite d00d you are. So what do you do next?  

How about clicking on "Start," clicking "settings" then "control panel" then "passwords." Tell your friends your password and get them to enter a secret new one. Then shut down your computer and tell them you are about to show them how fast you can break their password and get back into your own box!  

This feat is so easy I'm almost embarrassed to tell you how it's done. That's because you'll say "Sheesh, you call that password protection? Any idiot can break into a Win 95 box! And of course you're right. But that's the Microsoft way. Remember this next time you expect to keep something on your Win95 box confidential 😎.  

And when it comes time to learn Win NT hacking, remember this Microsoft security mindset. The funny thing is that very few hackers mess with NT today because they're all busy cracking into Unix boxes. But there are countless amazing Win NT exploits just waiting to be discovered. Once you see how easy it is to break into your Win 95 box, you'll feel in your bones that even without us holding your hand, you could discover ways to crack Win NT boxes, too.  

But back to your buddies waiting to see what an elite hacker you are. Maybe you'll want them to turn their backs so all they know is you can break into a Win95 box in less than one minute. Or maybe you'll be a nice guy and show them exactly how it's done. 

Read Also: Usb Device not Recognized by Windows

But first, here's a warning. The first few techniques we're showing work on most home Win 95 installations. But, especially in corporate local area networks (LANs), several of these techniques don't work. But never fear, in this lesson we will cover enough ways to break in that you will be able to gain control of absolutely *any* Win 95 box to which you have physical access. But we'll start with the easy ways first.

Easy Win 95 Breakin #1:

Step one: Boot up your computer.  

Step two: When the "system configuration" screen comes up, press the "F5" key. If your system doesn't show this screen, just keep on pressing the F5 key.  

If your Win 95 has the right settings, this boots you into "safe mode." Everything looks weird, but you don't have to give your password and you still can run your programs.  

Too easy! OK, if you want to do something that looks a little classier, here's another way to evade that new password. 

If you need to exit safe mode, simply restart your device, or:

• Press the Windows logo key + R.
• Type msconfig in the Open box and then select OK.
• Select the Boot tab.
• Under Boot options, clear the Safe boot checkbox.

Easy Win 95 Breakin #2:  

Step one: Boot up.  

Step two: when you get to the "system configuration" screen, press the F8 key. This gives you the Microsoft Windows 95 Startup Menu.  

Step three: choose number 7. This puts you into MS-DOS. At the prompt, give the command "rename c:\windows\*pwl c:\windows\*zzz."  

**************************************

Newbie note: MS-DOS stands for Microsoft Disk Operating System, an ancient operating system dating from 1981. It is a command-line operating system, meaning that you get a prompt (probably c:\>) after which you type in a command and press the enter key. MS -DOS is often abbreviated DOS. It is a little bit similar to Unix, and in fact in its first version it incorporated thousands of lines of Unix code.  **************************************

Step four: Reboot. You will get the password dialog screen. You can then fake out your friends by entering any darn password you want. It will ask you to reenter it to confirm your new password.  

Step five. Your friends are smart enough to suspect you just created a new password, huh? Well, you can put the old one your friends picked. Use any tool you like - File Manager, Explorer or MS-DOS -- to rename *.zzz back to *.pwl.  

Step six: reboot and let your friends use their secret password. It still works!  

Think about it. If someone where to be sneaking around another person's Win 95 computer, using this technique, the only way the victim could determine there had been an intruder is to check for recently changed files and discover that the *.pwl files have been messed with  

**************************************

Evil genius tip: Unless the msdos.sys file bootkeys=0 option is active, the keys that can do something during the bootup process are F4, F5, F6, F8, Shift+F5, Control+F5 and Shift+F8. Play with them!  **************************************

Now let's suppose you discovered that your Win 95 box doesn't respond to the bootup keys. You can still break in.

Read Also: How Hackers Got Caught by Cyber Forensics

If your computer does allow use of the boot keys, you may wish to disable them in order to be a teeny bit more secure. Besides, it's phun to show your friends how to use the boot keys and then disable these so when they try to mess with your computer they will discover you've locked them out.  

The easiest - but slowest - way to disable the boot keys is to pick the proper settings while installing Win 95. But we're hackers 👿, so we can pull a fast trick to do the same thing. We are going to learn how to edit the Win 95 msdos.sys file, which controls the boot sequence.  

Easy Way to Edit your Msdos.sys File:  

Step zero: Back up your computer completely, especially the system files. Make sure you have a Windows 95 boot disk. We are about to play with fire! If you are doing this on someone else's computer, let's just hope either you have permission to destroy the operating system, or else you are so good you couldn't possibly make a serious mistake.  

*******************************

Newbie note: You don't have a boot disk? Shame, shame, shame! Everyone ought to have a boot disk for their computer just in case you or your buddies do something really horrible to your system files. If you don't already have a Win 95 boot disk, here's how to make one.  To do this you need an empty  disk and your Win 95 installation disk(s). Click on Start, then Settings, then Control Panel, then Add/Remove Programs, then Startup Disk.  From here just follow instructions.  ********************************  

 

Step one: Find the file msdos.sys. It is in the root directory (usually C:\). Since this is a hidden system file, the easiest way to find it is to click on My Computer, right click the icon for your boot drive (usually C:), left click Explore, then scroll down the right side frame until you find the file "msdos.sys."  

Step two: Make msdos.sys writable. To do this, right click on msdos.sys, then left click "properties." This brings up a screen on which you uncheck the "read only" and "hidden" boxes. You have now made this a file that you can pull into a word processor to edit.  

Step three: Bring msdos.sys up in Word Pad. To do this, you go to File Manager. Find msdos.sys again and click on it. Then click "associate" under the "file" menu. Then click on "Word Pad." It is very important to use Word Pad and not Notepad or any other word processing program! Then double click on msdos.sys.  

Step four: We are ready to edit. You will see that Word Pad has come up with msdos.sys loaded. You will see something that looks like this:  

[Paths]  WinDir=C:\WINDOWS  WinBootDir=C:\WINDOWS  HostWinBootDrv=C  

[Options]  BootGUI=1  Network=1  ;  ;The following lines are required for compatibility with other programs.  ;Do not remove them (MSDOS>SYS needs to be >1024 bytes).

To disable the function keys during bootup, directly below [Options] you should insert the command "BootKeys=0."  Or, another way to disable the boot keys is to insert the command BootDelay=0. You can really mess up your snoopy hacker wannabe friends by putting in both statements and hope they don't know about BootDelay. Then save msdos.sys.  

Step five: since msdos.sys is absolutely essential to your computer, you'd better write protect it like it was before you edited it. Click on My Computer, then Explore, then click the icon for your boot drive (usually C:), then scroll down the right side until you find the file "msdos.sys."  Click on msdos.sys, then left click "properties." This brings back that screen with the "read only" and "hidden" boxes. Check "read only."  

Step six: You *are* running a virus scanner, aren't you? You never know what your Friends might do to your computer while your back is turned. When you next boot up, your virus scanner will see that msdos.sys has changed. It will assume the worst and want to make your msdos.sys file look just like it did before. You have to stop it from doing this. I run Norton Antivirus, so all I have to do when the virus warning screen comes up it to tell it to "innoculate."  

Hard Way to Edit your (or someone else's) Msdos.sys File.  

Step zero. This is useful practice for using DOS to run rampant someday in Win NT LANs, Web and Internet servers. Put a Win 95 boot disk in the a: drive. Boot up. This gives you a DOS prompt A:\.  

Step one: Make msdos.sys writable. Give the command "attrib -h -r -s c:\msdos.sys"  (This assumes the c: drive is the boot disk.)  

Step two: give the command "edit msdos.sys" This brings up this file into the word processor.  

Step three: Use the edit program to alter msdos.sys. Save it. Exit the edit program.  

Step four: At the DOS prompt, give the command "attrib +r +h +s c:\msdos.sys" to return the msdos.sys file to the status of hidden, read-only system file.  

OK,  now your computer's boot keys are disabled. Does this mean no one can break in? Sorry, this isn't good enough.  

As you may have guessed from the "Hard Way to Edit your Msdos.sys" instruction, your next option for Win 95 breakins is to use a boot disk that goes in the a: floppy drive.  

Read Also: What i Need in Order to Hack ?

How to Break into a Win 95 Box Using a Boot Disk  

Step one: shut down your computer.  

Step two: put boot disk into A: drive.  

Step three: boot up.  

Step four: at the A:\ prompt, give the command: rename c:\windows\*.pwl c:\windows\*.zzz.  

Step four: boot up again. You can enter anything or nothing at the password prompt and get in.  

Step five: Cover your tracks by renaming the password files back to what they were.

Wow, this is just too easy! What do you do if you want to keep your prankster friends out of your Win 95 box? Well, there is one more thing you can do. This is a common trick on LANs where the network administrator doesn't want to have to deal with people monkeying around with each others' computers. The answer -- but not a very good answer -- is to use a CMOS password.

How to Mess With CMOS

Coming Soon 🕐🕐