Administrative Rights Issue

Status
Not open for further replies.

Junpaku

Junior Member
Dec 19, 2012
4
0
0
My OS is Windows 10. I have the only admin account, and the other is a local standard user. I have bitlocker on, I disabled CMD, and regedit. How is this standard user still able to change his account to admin? What other measures can I take to prevent this from happening? Any help is appreciated.
 

sm625

Diamond Member
May 6, 2011
8,172
137
106
Maybe he got access to the hidden administrator account. You have to find out how to display all user accounts. There are tutorials which tell you how to enable the hidden administrator account, but that only works if the name wasnt changed.
 

sm625

Diamond Member
May 6, 2011
8,172
137
106
lol we are assuming the OP has of course changed his password AND all security questions to something that absolutely cannot be broken. That is the correct assumption, yes? :p
 

mindless1

Diamond Member
Aug 11, 2001
8,326
1,545
126
Check the USB port for a keylogger and the room for hidden cameras. Install the OS fresh again then monitor the user by putting a keylogger and camera on it. :)
 

PrincessFrosty

Platinum Member
Feb 13, 2008
2,300
68
91
www.frostyhacks.blogspot.com
Is bitlocker encrypting the entire disk, or just portions of it?

You can always boot off a USB key which has recovery tools on such as Hiren's BootCD and use them to unlock the hidden administrator account and set the passwords to blank, that gives them full admin rights on the device.

If you have FDE (Full Disk Encryption) enabled then this will prevent other OS's from modifying the disk which is how these password reset tools work.

Otherwise the only other methods I'm aware of are local privilege escalation vulnerabilities in windows which crop up from time to time and are patched by Microsoft, that means keep your windows patched and updated as frequently as possible.
 
Status
Not open for further replies.