Hacking a Windows 10 Admin Password

Lost your password?

No problem… If you are in physical possession of a Windows machine, you can easily reset the passwords with a small amount of technical direction.

Download Ubuntu 16.04.02 GNOME LTS

Download Linux onto a non-target Windows system. If you have preference to download another Linux distro, feel free. The important facet here is that it has a Live or Test mode so you can run Linux from the USB drive (2GB+) without installing on a hard drive.

https://wiki.ubuntu.com/UbuntuGNOME/GetUbuntuGNOME

Create a bootable USB drive on Windows

Again, do this on a non-target Windows system.

https://tutorials.ubuntu.com/tutorial/tutorial-create-a-usb-stick-on-windows#0

Shutdown Windows with shift key

Do this with the actual target Windows system that you need to replace the password on. Hold the shift key down and select shutdown. It is important to hold the shift key down so the drive is fully released from hibernation. If you do not do this it may cause complications mounting the drive from Linux.

Insert the USB drive in target system

Boot with the USB drive, immediately upon power on tapping escape until it lets you select boot device. Select the USB drive to boot from.

Start a Linux terminal session.

$ sudo fdisk -l
$ sudo cd /media
$ sudo mkdir mnt
$ sudo mount /dev/sda1 mnt # <– substitute red with your drive name from fdisk above
$ sudo cd Windows/System32 # <– case important
$ sudo cp -a osk.exe osk.exe.orig
$ sudo cp -a cmd.exe cmd.exe.orig
$ sudo cp cmd.exe osk.exe

Exit and shutdown the Ubuntu session, remove the USB drive.

Boot the target Windows system

Select the Ease of Access icon.

Next select the On-Screen Keyboard.

This will execute the renamed cmd.exe and bring up a command prompt as shown below.

Now you can type ‘net user’ to show all user accounts.

Then type ‘net user Administrator *’ to reset the password for Administrator as an example.

Do this for all user accounts and login with the new password, you should be set.

Be sure to copy cmd.exe.orig to cmd.exe and osk.exe.orig to osk.exe to undo the backdoor you created.

Thanks!
-Yehuda

Installing ubuntu-restricted-extras

The Ubuntu Gnome-Software Center does not show all available software such as technical packages

Kernels, console apps, etc. will not show up.

This may be a feature, but some consider it a bug. I consider it yet another good reason to use the command line which is better.

You can see by the description above ubuntu-restricted-extras is very useful to the desktop experience.

To install from the command line:

# apt -y install ubuntu-restricted-extras

You may run into a hitch when the Microsoft EULA comes up. Use tab to move forward, shift-tab to move in reverse. Use space to select/click the OK button.

If you somehow miss the EULA and need to be prompted again:

# apt –purge –reinstall install ttf-mscorefonts-installer

If you need to remove ubuntu-restricted-extras:

# apt show ubuntu-restricted-extras
# apt show ubuntu-restricted-addons

Important: Take note of all the ‘Recommends:’ packages

# apt remove ubuntu-restricted-extras ubuntu-restricted-addons
# apt remove [all the recommended packages]

To get rid of the installed dependencies for the recommended packages:

# apt autoremove [all the recommended packages]

To reinstall:

# apt -y install ubuntu-restricted-extras

Thanks!
-Yehuda

OG Pt3: More control sharing your WordPress site with Yoast SEO plugin

This is part 3 of a continuing series:
Part 1: Duplicate Open Graph Meta Tags and the Facebook Open Graph Object Debugger
Part 2: Facebook Open Graph Object Debugger and the Share App ID Missing Warning

Now we are at the point where you can control and see the improved results of your Facebook shares.

The final warning that should be fixed revealed by the Facebook Open Graph Object Debugger is the Inferred Property warning above.

Before explicitly setting the home page title and description, Facebook displayed the complex pieces of the web site the best it could. You may agree this is not optimal.

To optimize this, edit your home page (or any other posts or pages as well are configurable). Scroll down to the Yoast section. You may need to check it in the screen options at the top of the editor and/or open up the actual section if it is not expanded.

Click on the share icon on the left, and select the Facebook tab. Fill out the title and description fields to your preference. I overrode the defaulted displayed image in the first post of this series [Duplicate Open Graph Meta Tags and the Facebook Open Graph Object Debugger], but if you want more granular control or per post/page this would also be the place to do it.

Note: the image dimensions make a difference.

A 2nd example:

Update (Save) the page and you should be set. Big improvement in my opinion.

FYI, after you make these changes, re-scrape the page:

https://developers.facebook.com/tools/debug

Thanks!
-Yehuda

OG Pt2: Facebook Open Graph Object Debugger and the Share App ID Missing Warning

Continued from previous post:
Duplicate Open Graph Meta Tags and the Facebook Open Graph Object Debugger

https://developers.facebook.com/tools/debug/og/object

Another warning that may be revealed by the Facebook Open Graph Object Debugger is the ‘Share App ID Missing’ warning.

To resolve this error you need to specify a Facebook app ID for your site. See the following Facebook guide to register and app and get the ID:

https://developers.facebook.com/docs/apps/register

1st, login to your Facebook account and then register as a Facebook Developer.

Next, Create App ID.

Next, do the security CAPTCHA, and voila! You should have your ID now.

Then, go to Yoast in your WordPress Admin page.

SEO > Social > Facebook > Facebook App ID

Insert your ID and Save changes.

Back at your Facebook Developer Dashboard, select App Review on the left menu bar.

Set the Slider from No to ‘Yes’, add a category as shown and ‘Confirm’.

Rescrape the site and you should see the warning gone.
https://developers.facebook.com/tools/debug/og/object

Thanks!
-Yehuda

Be sure to see the next post in this series:
More control sharing your WordPress site with Yoast SEO plugin