Oh and for the skiddies like me - speaking on the whosthere - life is a tad eaiser now. Well for the professionals anyway.
http://seclists.org/pen-test/2008/Mar/0005.html
Printable View
Oh and for the skiddies like me - speaking on the whosthere - life is a tad eaiser now. Well for the professionals anyway.
http://seclists.org/pen-test/2008/Mar/0005.html
I'm sorry, but I have to agree with Nokia here. I believe there are more uses to this than you say nihil. There is the real possibility of knowing someone who forgot a password to windows who may have had important data in their Documents folder or whatnot that is locked behind that username. There is also the possibility of them wanting to know their passwords that they have forgotten, and this is not a felony if it is their computer and you have permission. Having rainbow tables for LM hashes is simply convenient. Even if you are only using it for legal purposes.
I'm glad that I raised the EFS topic in the first place. Of course, many software tools can be used for legal or illegal purposes - inbuilt utilities like telnet have been used to penetrate systems in the past (yes, I know that this is well known now).Quote:
Originally Posted by metguru
As an analogy, what if I have been to a hardware store to buy a large kitchen knife? I have to carry it home and could be stopped by the police. Yes, I might use it to murder someone but my actual intention is to prepare a meal for friends.
Metguru - this is in response to you. To all the readers, be advised this is in NO way agreeing with Nihil - in fact I believe he should apologize to the OP for his most *U*N*P*R*O*F*E*S*S*I*O*N*A*L* response...but anyway to the topic:
Re: password resets for windows - this can be done by a simple removal of the 'password' jumper on the motherboard, fully unlocking both system and operating system for all to use as administrator, allowing for deletion of the old unknown password, shutdown, replacement of said jumper, and reboot to set a new password (if the forgetful (l)user wants another one). It's quite a simple procedure really, taking all of 3 minutes time and has made me a lot of $$ in the past from forgetful clients.
In all my time teching, I never once had to mess with rainbow tables - but I got to know them out of sheer curiosity. In the article archives on this very site (unless they've been deleted) there are posts regarding how to get into them and edit them - you might have to dig quite a bit though...
Luck to yas!
|ce
HI Ice,
Resetting the jumper on the MoBo will only reset the CMOS setting, hence the BIOS password and possibly any hard drive level password that needs to be entered before the BIOS can hand over to the OS, depending on the chip-set. It won't reset any Windows passwords, such as the admin account etc as it is physically impossible. (not sure if I am misreading your post though but you seem to be implying this.... apologies if I've misread it)
There are a multitude of third party tools that will reset a windows password, usually involving booting to a live CD or a DOS prompt - however if something like EFS is in use this will then render every encrypted file useless, unless the proviso's mentioned above can be used - if EFS is used then the way forward is to recover the passwords and usually the only way to do that is to crack it - the best way to crack it is by using rainbow tables.
(My company often gets employed by SME's to recover a forgotten local admin password that is in use on multiple non-domain work stations - it would be pretty expensive to reset each and every one, but by cracking one admin account, all local admin accounts become accessible that use the same password)
Pen testers use rainbow tables extensively - as do malicious users - but this can be said about almost anything I suppose.
Ah yes - forgot about my xp live disk that I used to use to do winblows passes. Thanks for the correction Nokia.
Yes, I know about password resets. My point was that there is the possibility of the need to know the password.Quote:
Originally Posted by |3lack|ce