PaulDotCom mailing list archives

Kon-Boot on a USB

From: bradmcmahon at gmail.com (Bradley McMahon)
Date: Tue, 7 Jul 2009 13:17:08 -0400

wondering how people plan on adding this to their USB toolkit. I use Billix
to boot my tools from a single usb, yet since it's all built on assembly
there are no files to copy over to a usb drive.

Bradley McMahon



On Tue, Jul 7, 2009 at 9:17 AM, Michael Douglas <mick at pauldotcom.com> wrote:

KON can't do it all, and hard disk crypto seems to be the one thing
that stops this fun little tool cold.  I think from a white hat
perspective, it makes for an amazing demo of why FDE is needed.

I'll be at DEFCON tho! :D
not that anyone cares ;)


BS! we care!  :-) be sure to look us up!
- Mick


On Mon, Jul 6, 2009 at 11:44 PM, John Navarro<jnavtx at gmail.com> wrote:

That was one of the reasons I wanted to test Kon-boot, however I couldn't
take it too far since I was testing it on a work laptop to see if I could
defeat the partial disk encryption (with permission of course!). Of

course I

could dump everything from linux anyways, but still couldn't gain access

to

the one encrypted drive :(

I'll be at DEFCON tho! :D
not that anyone cares ;)

On Mon, Jul 6, 2009 at 7:13 PM, Robin Wood <dninja at gmail.com> wrote:


2009/7/7 Adrian Crenshaw <irongeek at irongeek.com>:

Ok, tested a few things on my Vista 32 box:

1.Can't access network resources(prompted for password), but that's
expected.
2. I Can dump the real password hashes.
3. EFS is not bypassed.
4. Could change my password, but had to use MMC because the default

user

accounts interface was confused.
5. Rebooted into normal mode, logged in with new password but still
could
not get to the EFS files.
6. Change password back, logged in/out and then could get to my EFS
file.


That would be because the EFS couldn't be decrypted when you first
logged in so changing the password on it wasn't possible.

Robin
_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com



_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090707/192209af/attachment.htm

Current thread:

Kon-Boot on a USB Adrian Crenshaw (Jul 06)
- Kon-Boot on a USB Michael Douglas (Jul 06)
  - Kon-Boot on a USB Adrian Crenshaw (Jul 06)
  - Kon-Boot on a USB John Navarro (Jul 06)
    - Kon-Boot on a USB Robin Wood (Jul 06)
    - Kon-Boot on a USB Adrian Crenshaw (Jul 06)
    - Kon-Boot on a USB Robin Wood (Jul 06)
    - Kon-Boot on a USB John Navarro (Jul 06)
    - Kon-Boot on a USB Michael Douglas (Jul 07)
    - Kon-Boot on a USB Bradley McMahon (Jul 07)
    - Kon-Boot on a USB infolookup at gmail.com (Jul 07)
- <Possible follow-ups>
- Kon-Boot on a USB Grymoire (Jul 07)
- Kon-Boot on a USB Dr Adapter (Jul 07)
  - Kon-Boot on a USB Dr Adapter (Jul 07)
  - Kon-Boot on a USB Tim Mugherini (Jul 07)
    - Kon-Boot on a USB Adrian Crenshaw (Jul 07)
    - Kon-Boot on a USB Adrian Crenshaw (Jul 07)
    - Kon-Boot on a USB Nils (Jul 08)
    - Kon-Boot on a USB Adrian Crenshaw (Jul 08)
    - Kon-Boot on a USB Adrian Crenshaw (Jul 08)

(Thread continues...)