Kon-Boot password tool

Kon-Boot is an awesome tool that I’ve used extensively with tech jobs that I’ve had in the past (it’s been around since 2009), for clients that couldn’t remember their password :/ or a employee that was fired etc… Most recently Red-Team pentest engagements when I’ve had physical access to a box and needed quick and stealth access. It allows accessing a target computer (Windows/Mac OSX) without knowing the user’s password.

Kon-Boot does not need to remove or modify the user’s password and all changes are reverted back to previous state after system restart unlike other tools that just remove/modify the password and is currently the only solution that I know of that can bypass Windows 10 online passwords.

Their latest versions (since 2.7), lets me run PowerShell scripts on Win8/10 machines, which allows me to automate data exfiltration or add persistent access quickly onto the box. The Sticky Keys escalation feature (spawns a system prompt before logging in by pressing shift key 5 times) allows for quick access to system-level resources without worrying about user’s level access or group policy.

Supported operating systems:

Microsoft Windows systems (both x86 and x64) :
   XP, Vista, 7, 8/8.1, 10, Server 2003/2008

Apple OSX / macOS systems:
   Apple OSX 10.7-10. 11
   Apple macOS Sierra (10.12)
   Apple macOS High Sierra (10.13)
   Apple macoS Mojave (10.14)


Tutorials: https://kon-boot.com/docs/
Twitter: https://twitter.com/thelead82

Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *