SysPopper or how to hack administrator passwords on Windows

Sign shows you the way to hack

Mike Bailey, an expert in computer security, has released a tool that has called SysPopper, with which you can hack into any Windows-based system, to change administrator passwords, as well as users of the computer list.

The tool has so far only been tested in virtual environments and is still in beta, and requires a computer running Windows XP or higher and a hard disk unencrypted. SysPopper bases its operation on a known trick to recover lost which is to replace the sethc.exe (executable special keys) with cmd.exe, something recommended for advanced users, but not so inexperienced.

What most surprised SysPopper is the relative ease with which you can hack the system from a console window. Once installed on your computer to attack, the hacker simply starting, press Enter a few times to set the language and confirm the hack, and wait for closure.

The program looks forward to the return to activate, pressing the Shift key five times in a row. Instead of opening the standard dialog box telling us about the ability to enable or disable the special keys on Windows (this accessibility option designed for people who have difficulty pressing more than one key at a time), a console window will open where we can tinker with the configuration of passwords for system administrators.

Some 'useful' commands SysPopper

If we have this program available as an ISO image on the website of its developer, installed on our computer, we can create new administrator accounts or change passwords for administrators current with a few commands. These are some of the highlights.

  • net userDisplays on screen the list of computer users.
  • net user Administrator password: Set user password as the password Administrator password.
  • newadmin password net user / addCreate a new account called newadmin with the password password.
  • newadmin net localgroup Administrators / addSets the user newadmin as a computer administrator.

How do you know if someone SysPopper installed on your computer?

The answer to the question is obvious: give the Shift key five times and waits to see what happens. If you skip the typical window Special keys, no need to worry. Instead, if you show a console window, someone SysPopper installed on your computer.

pop Special Keyspop Special Keys

The good news is that removing this tool from your computer quite simple. You just have to delete C: \ Windows \ system32 \ sethc.exe and back to replace it with the original file which will be saved as sethc.exe (random number). So if you are interested again have enabled the functionality of the special keys, even if you're a regular gamer, you may be interested to have this annoying option disabled.

The downside is that it's so easy to disable the program, it is quite possible that a clever hacker has already been able to erase any trace on your computer after use SysPopper.

Alexandre Dulaunoy edited CC 2.0 license