Penetration Testing mailing list archives
Re: Stealing Password from BIOS
From: Marcus Vinicius <marcovvinicius () gmail com>
Date: Mon, 29 Jun 2009 10:37:04 -0300
Hey Jon, This maybe help. http://www.piotrbania.com/all/kon-boot/ Very Cool Tool ; ) Password Crackers, Inc. escreveu:
-----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Jon Kibler Sent: Friday, June 26, 2009 6:30 AM To: pen-test () securityfocus com Subject: Stealing Password from BIOS -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, A couple of years back I saw a tool illustrated at a conference that would pull the encoded password from BIOS. However, Google fails to show any such tool. Note that I am not trying to clear/reset the password. What I want to do is to recover a BIOS password during a pen-test so I can reboot the box at will without making any changes to the box. Any pointers greatly appreciated. JonTry searching for CMOS password on Google. There were many results including cmospwd. Bob Weiss President Password Crackers, Inc. http://www.pwcrack.com/ ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
-- LPIC-1 -- Linux Certified http://bi0os.blogspot.com http://www.ping.eti.br "I like when the my box said: All ports Are filtred :)" The Pledge of the Network Admin: This is my network. It is mine, or technically, my employer's; it is my responsibility, and I care for it with all my heart. There are many other networks a lot like mine, but none are just like it. I solemnly swear that I will not mindlessly paste from HOWTOs. ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Stealing Password from BIOS Jon Kibler (Jun 26)
- Re: Stealing Password from BIOS Sandeep Cheema (Jun 26)
- Re: Stealing Password from BIOS Tim (Jun 26)
- Re: Stealing Password from BIOS Jerome Athias (Jun 26)
- RE: Stealing Password from BIOS Password Crackers, Inc. (Jun 26)
- Re: Stealing Password from BIOS Marcus Vinicius (Jun 29)