Use powershell to create a administrator account

What Will I Learn?

• Learn more about the administrator acount of the system

• How to use powershell to create administrator account of the Windows system

  

Requirements

• Windows or other system like linux,macos

• Powershell

  

• Coding IDE

  

• ADSI adapter

• .NET framework

Difficulty

• Intermediate

Tutorial Contents

Before contents:

If you do not know any about powershell ,you had better reading this post firstly as well as consulting more from the books

Use powersehll to speak the text

---

What is administrator account

One of the important tasks of the system administrator is to manage the user, not only to allow the user to perform the corresponding operation, but also to prevent the unauthorized user from overstepping the power. If there is a problem with the permissions of the user's home directory in the virtual host, other users can use it to hack the system ,of course including going back to the parent directory which can do more dangerous thing to our computer. And access to other users' files, directly caused the leakage of these files, the solution to this problem is to each user's home directory permissions set to only administrators and users can access, access to others. Each user's file is only independent of his or her own rights, and cannot access other people's files, and other people cannot access their own files.

So ,one sentence to conclude that is :administrator account can lead to your system being hacked.

---

Use powershell to create administrator account

1. Add WinNT ADSI path

   $CT=[adsi]"WinNT://localhost"
   

   • [adsi]：use the ADSI adapter to create a container
   • WinNT://localhost： access the account path of WinNT
   • $CT:connect to the adsi adapter container

2. Create a account name

   $account=$CT.create("user","cha0s")
   

   • $CT.create: the function to create different type of account
   • "user" : the type of the the account is user
   • "cha0s" : the account name is cha0s

3. Create the password of the account

   $account.setpassword("steemit")
   

   • setpassword : set up the password of the account "cha0s"
   • "steemit" : tthe password of he account "cha0s" is "steemit"

4. Write the configuration into system database

   $account.setinfo()
   

   • setinfo(): save the account name and the password of that account into the sytem database to take effect

5. List the account which we create just now to check it if success and set the configuration of the password

   Get-WmiObject -Class Win32_UserAccount -Filter "name = 'cha0s'" | Set-WmiInstance -Argument @{PasswordExpires = 0}
   

   • Get-WmiObject: Get an instance of the WMI class or get information about the available classes.
   • Win32_UserAccount : get information of the system account
   • -Filter: set up the filter to search the account quickly
   • Set-WmiInstance : Update the account configuration
   • @{PasswordExpires = 0}: set up the password of the account "cha0s" will never be outdated

6. Connect to the container of administrators group

   $administrator=[ADSI]"WinNT://localhost/administrators,group"
   

   • WinNT://localhost/administrators,group : connect to WinNT administrators account group container

7. Add our new created account to the administrators container

   $administrator.add("WinNT://localhost/cha0s")
   

 -   add : add some account to the administrators group to become a administrator account
 -   WinNT://localhost/cha0s : connect to the account which we created just now

8.The whole program

$CT=[adsi]"WinNT://localhost"
$account=$CT.create("user","cha0s")
$account.setpassword("steemit")
$account.setinfo()
Get-WmiObject -Class Win32_UserAccount -Filter "name = 'cha0s'" | Set-WmiInstance -Argument @{PasswordExpires = 0}
$administrator=[ADSI]"WinNT://localhost/administrators,group"
$administrator.add("WinNT://localhost/cha0s")

​

---

Check the effect of the program