Win XP system to establish a hidden super user method

I think everyone is familiar with regedit.exe, but can not set permissions on the registry key, and the biggest advantage of regedt32.exe is the ability to the registry The item key sets the permission. The account information of nt/2000/xp is in the HKEY_LOCAL_MACHINE\\SAM\\SAM key of the registry, but except for the system user SYSTEM, other users have no right to view the information inside, so I first use the regedt32.exe for the SAM key. I set the "Full Control" permission. This will read and write the information in the SAM key. The specific steps are as follows:

1. Suppose we log in to the broiler with terminal service as the super user administrator. First create an account in the command line or in the account manager: hacker$, here I Create this account under the command line net user hacker$ 1234 /add

2. At the start/run, type: regedt32.exe and press Enter to run regedt32.exe.

3, after clicking "Permissions", a pop-up window will be added to add the account when I log in to the security bar. Here I am logged in as the administrator, so I will add the administrator and set the permissions. For "full control." Here you need to explain: It is best to add the account you are logged into or the group where the account is located, and do not modify the original account or group, otherwise it will bring a series of unnecessary problems. If you hide the super user, you can delete the account you added here.

4, click "Start" → "Run" and enter "regedit.exe" Enter, start the registry editor regedit.exe. Open the key: HKEY_LOCAL_MAICHINE\\SAM\\SAM\\Domains\\account\\user\ ames\\hacker$"

5, export the item hacker$, 00000409, 000001F4 to hacker.reg, 409.reg, 1f4.reg, Use Notepad to play these several exported files for editing, copy the value of the key "F" under the item 000001F4 corresponding to the super user, and overwrite the value of the key "F" under the item 00000409 corresponding to the hacker$, and then Combine 00000409.reg with hacker.reg.

6. Execute net user hacker$ /del at the command line to delete user hacker$: net user hacker$ /del

7, at In the regedit.exe window, press F5 to refresh, then hit the file - import the registry file and import the modified hacker.reg into the registry.

8, at this point, the hidden superuser hacker$ has been built. Then, close regedit.exe. In the regedt32.exe window, change the HKEY_LOCAL_MACHINESAMSAM key permission back to the original state (just delete the added account administrator).

9, Note: hidden super users are built. After that, the user in the account manager can't see the hacker$, and the command line uses the "net user" command. I can't see it, but after the super user is established, I can't change the password any more. If you use the net user command to change the password of the hacker$, then the hidden superuser will be seen again in the account manager, and it can't Delete.