Security Basics mailing list archives
RE: Unwanted programs on Win2K
From: Gedi <gediintheuk () yahoo co uk>
Date: Tue, 4 Feb 2003 17:42:43 +0000 (GMT)
Hi Ahaly There are many ways to do get the result you want. However, the easiest is to crack the .SAM file. The .SAM file is locked under operating running conditions. If your admins are usless you may be lucky and find a backup copy in the repair folder (c:\WINNT\repair) However, the .SAM file resides in C:\WINNT\system32\config and you will need to grab a copy of this to take home and crack. For this you will need a copy of NTFSDOS (I'm assuming the file system is NTFS) You can boot from this OS and navigate to this folder take a copy and take it home to crack with a program like l0phtcrack (LC4) There are many programs that can extract hashes however I could go on forever naming them all and there different methods. Privilidge escalation via progs like user2sid etc..... The book Tim mentioned is a must read for any security admin. I also have the hacking linux, 3rd edition and web applications. Its good reading, and even great hackers can pick up a few tips. However, you can find yourself in deep trouble if you are caught doing anything mentioned or similar. If you want to be a hacker, its best to learn on your own network (until you become proficient ;) ) Gedi -----Original Message----- From: Tim Donahue [mailto:TDonahue () haynesconstruction com] Sent: 03 February 2003 19:09 To: 'ahaly () softhome net' Cc: security-basics () securityfocus com Subject: RE: Unwanted programs on Win2K I recommend the book Hacking Windows 2000 Exposed (ISBN 0072192623) it is an book that covers many vunerabilites on a Windows 2000 based computer. Tim Donahue
-----Original Message----- From: ahaly () softhome net [mailto:ahaly () softhome net]
Sent: Saturday, February 01, 2003 6:38 PM To: security-basics () securityfocus com Subject: Unwanted programs on Win2K Hey, This question is not from an admin but a end-user. I
am doing
my studies in a big university and we have many Win2K machines
in our labs and
library. Sometimes I find applications like Yahoo and MSN
Messenger
installed on these machines. I have also sometimes seen things
like Kazaa.
Technically these are not supposed to be there. As in only the
apps that
are installed by admins are supposed to be there and the above
mentioned
apps are not part of the admin list of apps. When I try to
install an
application, I get an error saying that I don't have privileges. I
know I don't have
privileges but there is someone out there who has
found a way
to bypass the restrictions. Question: How can someone bypass restrictions in
Win2k to
install software when he doesn't have proper privileges? Reason for asking question: If someone can install
Kazaa,
someone can also install a keyreader or something like that. Maybe I am paranoid, but everytime I login, maybe I
am
telling someone - hey, this is my passwrd. Ahaly
__________________________________________________ Do You Yahoo!? Everything you'll ever need on one web page from News and Sport to Email and Music Charts http://uk.my.yahoo.com
Current thread:
- Unwanted programs on Win2K ahaly (Feb 03)
- RE: Unwanted programs on Win2K Simon Taplin (Feb 05)
- RE: Unwanted programs on Win2K Tim V - DZ (Feb 05)
- <Possible follow-ups>
- re: Unwanted programs on Win2K H C (Feb 04)
- re: Unwanted programs on Win2K Jeremy Gaddis (Feb 06)
- RE: Unwanted programs on Win2K Gedi (Feb 04)
- Re: Unwanted programs on Win2K Kamran Muzaffer (Feb 05)
- Re: Unwanted programs on Win2K Pez Mohr (Feb 05)
- RE: Unwanted programs on Win2K dave (Feb 06)
- Re: Unwanted programs on Win2K Kamran Muzaffer (Feb 05)
- RE: Unwanted programs on Win2K Simon Taplin (Feb 05)
- RE: Unwanted programs on Win2K Harris Samuel W PORT (Feb 04)
- Re: Unwanted programs on Win2K Meritt James (Feb 05)
- RE: Unwanted programs on Win2K Chris Berry (Feb 04)
- RE: Unwanted programs on Win2K Mike Heitz (Feb 05)
- RE: Unwanted programs on Win2K Simon Taplin (Feb 05)
- RE: Unwanted programs on Win2K Chris Berry (Feb 05)
- Re: Unwanted programs on Win2K Meritt James (Feb 05)