[FULL Kon-Boot V2.0l
Saija Grzegorek
Kon-Boot (aka kon boot, konboot) is an application which will silently bypass the authentication process of Windows based operating systems. Without overwriting your old password! In other words you can login to your Windows profile without knowing your password. Easy to use and excellent for tech repairs, data recovery and security audits. Fast, tiny and gets your job done!
General requirements:
Pentium III compatible processor, 100MB free space on the hard drive. USB flash drive (prefered USB pendrive size is 16GB), keyboard. Compatibile BIOS version. Windows system is required for installer to run. USB flash drive is required for the UEFI version to work. Internet connection is required for the installer to work. Kon-boot can be only installed by using the original installer. One kon-boot license permits the user to install kon-boot on only one USB device (USB pendrive).
Not supported:Disk encryption, secure boot must be disabled., tablets and tablet hybrids, multiple operating systems installed on target computer, 3rd party loaders are supported, kernel debuggers, virtualization software (VMware, QEMU, VirtualBox) is not supported. CD and Floppy versions are deprecated.
Since version 2.7 kon-boot CD version is no longer available. We have left the old .iso images just for compatibility purposes. All versions starting from kon-boot 2.7 can be installed only on USB media.
Since version 2.7 kon-boot can be installed only by using our GUI installer. Internet connecton is required for installer to work. Please note that all other installation options like CD installation are depracated (older kon-boot version is included in the package for compatibility reasons or in case of temporary lack of Internet connection).
There are limitations to this method: depending on the UEFI firmware updates it may not be supported (newest UEFI firmware updates often prevent the bypass from working because of the revoked signed keys, in this case you need to disable the SecureBoot in BIOS manually, see section below).
Starting from 3.5 version (commercial licenses) Kon-Boot is able to bypass Secure Boot protection on PCs (excluding Apple computers, limitations apply - depending on the UEFI firmware updates). See Secure Boot Bypass for details.
In order to use Kon-Boot in UEFI mode you need to make sure that the UEFI BIOS is not configured to use Secure Boot feature. Secure Boot feature is typically disabled however in case of any problems please enter the BIOS setup and disable the Secure Boot option manually (see examples below).
Newer Windows version use Virtualization-based Security (VBS) and/or hypervisor security. This can cause BSODs (Blue Screen Of Death) during loading Windows with Kon-Boot (Kon-Boot does not support virtualization). In order to prevent this from happening go to your BIOS setup and temporarily disable virtualization support (VT/VT-x) as presented on screenshots below.
Starting from version 2.7 (commercial edition only) kon-boot allows user to run automatic powershell script just after the boot of target operating system. Powershell script of user choice is being run with full system rights. This gives excellent and very powerful opportunity for the forensics team to gather all the necessary data from the target system. Right now the feature works only in UEFI mode and on Windows 8 / Windows 10 systems (x64).
It seems rather unlikely. Legacy BIOS Kon-Boot loader is very hard to maintain, additional unscheduled constant Windows 8 / Windows 10 security updates do not make things easier. Finally UEFI is now recognized as the BIOS replacement. Check our faq for more detailed answer on this topic.
What's Sticky Keys Feature?Sticky keys is a new Kon-Boot escalation feature which allows user to spawn a console window with system admin rights before the user is logged in. Kon-Boot allows you to get console window while the Windows login screen is still active.
If you experience "password has expired and needs to be changed" error during your login attempt it simply means that your password has expired. This is caused by custom Windows password policy not a problem of Kon-Boot itself.
Personal licenses does not offer online authorization bypass on Windows 10 systems. However user can still access the system as local administrator. In fact in the kon-boot v2.5 administrator account can be added automatically, as presented in the following scenario:
If you account is an online (live) Windows 10 account and you have a commercial Kon-Boot license (commercial kon-boot licenses allow to bypass Windows 10 online/live passwords (UEFI)) you can bypass the Windows HELLO authorization as well.
As stated multiple times on our website and here as well Kon-Boot does not support enabled disk encryption (BitLocker is disk encryption software). If you see screen similar to this below it means your hard drive is encrypted.
Please note: You may only see this screen when you are booting from external media ie. Kon-Boot USB. This is because of the TPM chip (Trusted Platform Module) which will detect changes to the system boot sequence. This will lead to change in the TPM's PCR values, and in the result TPM will not unseal the VMK (Volume Master Key).
Please verify you have administrator access on the Windows installation machine, the lock error may be caused by either lack of administrator rights or different process (like antivirus) blocking access to usb device.
795a8134c1