Windows NT security "work arounds".

Page 3 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.
Toggle sidebar Toggle sidebar
O

OliverP

Member
Sep 27, 2000
121
0
0
HEY TURF, ILL GIVE YOU A HINT, BUT YOU HAVE TO GO GET IT AND SET IT UP YOURSELF:

Ok, I do this for a living, and I also believe in Full disclosure for legal and educational purposes only, so take what I say to be accurate and true:

1) There is a version of linux out there which fits on a Floppy disk (Two disks if you want extra scsi drivers). This particular version of linux I'm talking about is bootable fom floppy with no setup. It is easily done by downloadig the Image file, and using rawwrite to create the floppy from that image. THIS VERSION IS SPECIAL: It has been designed to mount the NT drive, locate the password info (SAM file), and then allow you to manipulate ANY username and password, INCLUDING Administrator.

2) So, if you have physical access to the machine, and ur Admin has not passworded BIOS (and only the best Admins do...), or the machine can boot from floppy without changing BIOS, then YOU WILL BE ABLE TO CHANGE THE LOCAL ADMIN PASSWORD. period.

3) So then, unplug the network connection temporarily, reboot with the floppy, change the password, reboot to NT, login to the NT as administrator, and install any damn program you wish (in default profile directory, and if this confuses you, give up). Then shutdown, reconnect to network and reboot/login normally. Whalla! you stupid programs will be there...


your job: go find this "special" linux i described... it's not that difficult to find or use, and it will solve your dilemma on your personal NT box.

Note to Turf:
By reading this posted message, you agree that OliverP is not responsible for any illegal actions or any adverse consequences which may arise from your trying the security circumvention described therin.
 
A

ArkAoss

Banned
Aug 31, 2000
5,437
0
0
(begin being mofo)oliverp how bout tellin me, so i can block access to that site, and now i'll go around and set up no floppy and no bios (end being mofo)

cool oliverp i wish i had that proggy before, i had a hd at home i had setup with nt workstation and novell, but you know what, you cant get into nt workstation if your not on a server, can ya pm me the location of that proggy
 
O

OliverP

Member
Sep 27, 2000
121
0
0
ok folks, I may be a penetration tester by trade, but any idiot (not directed at anyone btw!) can type "floppy linux NT password" into Google...uhhg.. anyways, here's a few links I just looked up in 10 seconds that each point to the item I described before:

http://www.ducktank.net/tips/ntdisk.html

or

http://home.eunet.no/~pnordahl/ntpasswd/bootdisk.html


---- enjoy it...I carry these floppies around everywhere I go! ha! you never know when there's a box that needs fixin' or hackin'! and it's always nice to see someone freak out when they challenge you to hack their box and you gain admin in less than 2 minutes and then refuse to give them the new admin passwd! ----


 
T

turf

Member
Apr 17, 2000
82
0
0
OliverP,

It's a nice gesture, and "good to know" information. I am aware of the particular hack you are refering to, although as far as I knew it was a UNIX hack, (all be it Linux is pretty much the same thing). I have also heard that it is an illegal one, that may or may not be true. I'm not out to get fired or into any legal trouble here. I think I'll just stick with trying to get the privileges, I know our admin's here pretty good, (we get together and have LAN parites from time to time). I don't think it will be much of an issue to get at least SOME privileges. Though I can't say that with complete confidence. Still good info to know. I started this thread to find out if it was just something simple I was missing trying to do an install. Asking for and receiving privileges is the right thing to do, and that will be my course of action. But thank you anyway.

turf;)
 
A

ArkAoss

Banned
Aug 31, 2000
5,437
0
0
thanx burpy i mean oliverp, i wont use this for evil means, and it will probly slip into the realm of forgotten cool stuff in a day or soo
 
B

BreakApart

Golden Member
Nov 15, 2000
1,313
0
0
Turf,
Excellent reply in your last post. Best to avoid getting fired in my opinion also.

NOTE: Always remove the boot to floppy option, and password the BIOS. If you don't maybe one of your users will, then what you gunna do, call them cause you can't get in. ROFL.....!
 
B

Blackhawk2

Senior member
May 1, 2000
455
0
0
BreakApart, bwhahaha thats what I tried to do. I passworded my bios and forgot the password :eek: FDISK FORMAT C: /s reinstall windows....10hours latter....wheeew back to normal :)
 
O

OliverP

Member
Sep 27, 2000
121
0
0
Turf: ok, good answer... but yes, it is an NT hack designed to enable admins to recover boxes they lose passwd on or for forensics purposes... it IS linux, but it mounts the NTFS file system and SAM file for the purposes described above...

but good call on your decision not to screw with your work systems.. I used to admin and I'd kick your arse... then again, I'd have prevented
it...

***
note: "Burpy"?? huh?
***


 
O

OliverP

Member
Sep 27, 2000
121
0
0
Blackhawk2: ok, lol, this is becoming a session of "ask-da-hacka'"...

But just to upset you a little, you could have done 30 minutes of research and nuked your bios password from -yet another- floppy hack...

sorry for pouring salt into that wound...
 
A

ArkAoss

Banned
Aug 31, 2000
5,437
0
0
black hawk, BIOS RESET JUMPER IS YOUR FRIEND sorry for bein an @$$ thru this thread very very long day at work, and nuthin to do but camp out on threads
 
B

Blackhawk2

Senior member
May 1, 2000
455
0
0
OliverP your right, unfortunately I just didn't know about those proggies until you mentioned them. CMOS reset and blam it was all over with :(...

Sorry ArkAoss missed your post before I posted, yup reset the bios with the jumper and 10 hours of pain insued :(
 
L

Lord Evermore

Diamond Member
Oct 10, 1999
9,558
0
76
Problem with BIOS reset jumper is that maybe the motherboard doesn't have that jumper (I've never had a Dell or Compaq business machine that I opened up looking for it). But then you could always remove the battery. But then you might be caught by the case opening alarm at the next boot. But then that can also be reset in the BIOS after you've booted again... Hmmmm...doesn't seem like there's a lot of ways to keep people from getting in if they want to.

I downloaded the Linux hack. Works fine for me. It will come in handy for the half dozen or so machines that we don't have the admin passwords for, and which the LAN guy would give us but they were bought before he started the job, so he doesn't have them either (naturally nobody bothered to use any standard passwords or keep records).
 
C

Cnuke

Member
Nov 7, 2000
186
0
0
I think I can sum all of this up. Turf take a class and educate yourself. You clearly need some help. We as admins have a job just as yourself. Do not fault us for being good.

Relax and submit request to you IT department and hope that your argument is valid. If not quit your crying and do your job.

It should be clear now that you are not going to get an answer here.

Read a couple of books and maybe when you are in charge of a network and have all of the resposiblities that we have you will understand why we do what we do. Dont b*tch. To me that seems why you are waiting 2 weeks. That is what happens here. If you treat us nice you get it back, but if you dont, well I guess you are living proof of a end user that is being rude.

Good luck, people like you keep us on our toes so I do thank you!!!
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom