Vulnerability Development mailing list archives
Re: Windows: Local Security Workarounds-DD
From: hdm () SECUREAUSTIN COM (H D Moore)
Date: Sat, 8 Apr 2000 13:04:33 -0500
Diedra Holley wrote:
Is there a way to get around someone using cmoskill on a system...I recently had a friend that bought a laptop from a friend of his, the friend didn't give him any of the passwords...specifically the supervisor password I needed to disable one of the programs to allow me to get in try and fix it....I don't recall the name of the program now but it allowed you to' backtrack' to another "boot sequence" to possibly fix the problem...I couldn't get back far enough to reboot before the password was enabled....I used the cmoskill and it got rid of ALL the passwords on the system, not just the bios password...it was entirely too easy...surely there must be a way around it....
I recently picked up an IWILL BS100 motherboard that has some cool security options, like making the floppy read only and making the bios un-flashable. While this wont stop a hacker with a paerclip (cmos battery short) or anyone with some free time and physical access, it does protect you against the run-of-the-mill idiots.
Also, when I was playing around with my own system, I found that when I system with softice on it goes down and you try to reboot that the debugger will kick in on reboot and begin 'trying to hack itself' and will therefore lock the system....I have my boot from disk enabled and tried to use it, but I had the same problem. As soon as the disk was in, softice kicked in again and started doing its thing....I do not have softice set to load on startup....
Got me.
One last thing....I have Cain1.0...it is a password recovery program...I have been using it to try and delete users from my ICQ list that have used my system and put their information on it...it would seem that Cain will not pick up web based passwords and will only pick up sys passwords after they have been used once....is there another program I can use to get rid of this info from my system?
Search the registry for pass hashes/etc for those programs, also try deleting *.pwl in the windows directory. Netscape keeps easily-decrypted password hashes in preferences.js for each user profile AND in the registry. -HD
Current thread:
- Windows: Local Security Workarounds - Other operating systems? WHiTe VaMPiRe (Apr 06)
- Windows: Local Security Workarounds-DD Diedra Holley (Apr 07)
- Re: Windows: Local Security Workarounds-DD Bluefish (Apr 08)
- Re: Windows: Local Security Workarounds-DD H D Moore (Apr 08)
- Windows: Local Security Workarounds-DD Diedra Holley (Apr 07)