I am familiar with everyone, but I cannot set permissions for the keys of the registry. The biggest advantage is that I can set permissions for the keys of the registry. The account information of nt/2000/xp is all under the HKEY_LOCAL_MACHINE\SAM\SAM key in the registry, but except for the system user SYSTEM, other users do not have the permission to view the information inside, so I first set the "full control" permission for me with the SAM key. This allows you to read and write the information in the SAM key. The specific steps are as follows:
1. Suppose we log in to the broiler with terminal services as the super user administrator. First, we create an account under the command line or in the account manager: hacker$. Here I create this account under the command line. net user hacker$1234/add
2. Enter: and enter in Start/Run to run.
3. After clicking "Permissions", a pop-up window will be clicked to add the account I logged in to the security bar. Here I logged in as an administrator, so I added the administrator and set the permission to "full control". Here we need to explain: it is best to add the account or group you are logged in to. Do not modify the original account or group, otherwise it will bring about a series of unnecessary problems. Wait until the hidden super user is created, and then come here to delete the account you added.
4. Click "Start" → "Run" and enter "" to enter to start the registry editor. Open key: HKEY_LOCAL_MAICHINE\SAM\SAM\Domains\account\user\names\hacker$"
5. Export the items hacker$, 00000409, and 000001F4 as, and use Notepad to edit the exported files. Copy the value of the key "F" under the item 000001F4 corresponding to the super user, and overwrite the value of the key "F" under the item 000000409 corresponding to the hacker$, and then merge it with it.
6. Execute net user hacker$ /del on the command line to delete the user hacker$: net user hacker$ /del
7. Press F5 in the window to refresh, then type the file - import the registry file and import the modified registry.
8. At this point, the hidden superuser hacker$ has been created and then closed. Change the HKEY_LOCAL_MACHINE\SAM\SAM key permissions back to their original appearance in the window (just delete the added account administrator).
9. Note: After the hidden super user is created, the hacker$ user cannot be seen in the account manager, and the "net user" command cannot be seen on the command line. However, after the super user is established, you cannot change the password. If you use the net user command to change the hacker$ password, then the hidden super user will be seen in the account manager and cannot be deleted.
Note: The local machine starts directly from step 2
1. Suppose we log in to the broiler with terminal services as the super user administrator. First, we create an account under the command line or in the account manager: hacker$. Here I create this account under the command line. net user hacker$1234/add
2. Enter: and enter in Start/Run to run.
3. After clicking "Permissions", a pop-up window will be clicked to add the account I logged in to the security bar. Here I logged in as an administrator, so I added the administrator and set the permission to "full control". Here we need to explain: it is best to add the account or group you are logged in to. Do not modify the original account or group, otherwise it will bring about a series of unnecessary problems. Wait until the hidden super user is created, and then come here to delete the account you added.
4. Click "Start" → "Run" and enter "" to enter to start the registry editor. Open key: HKEY_LOCAL_MAICHINE\SAM\SAM\Domains\account\user\names\hacker$"
5. Export the items hacker$, 00000409, and 000001F4 as, and use Notepad to edit the exported files. Copy the value of the key "F" under the item 000001F4 corresponding to the super user, and overwrite the value of the key "F" under the item 000000409 corresponding to the hacker$, and then merge it with it.
6. Execute net user hacker$ /del on the command line to delete the user hacker$: net user hacker$ /del
7. Press F5 in the window to refresh, then type the file - import the registry file and import the modified registry.
8. At this point, the hidden superuser hacker$ has been created and then closed. Change the HKEY_LOCAL_MACHINE\SAM\SAM key permissions back to their original appearance in the window (just delete the added account administrator).
9. Note: After the hidden super user is created, the hacker$ user cannot be seen in the account manager, and the "net user" command cannot be seen on the command line. However, after the super user is established, you cannot change the password. If you use the net user command to change the hacker$ password, then the hidden super user will be seen in the account manager and cannot be deleted.
Note: The local machine starts directly from step 2