Results 1 to 6 of 6

Thread: cracking bios passwords and bypassing win 98 login password

  1. #1

    cracking bios passwords and bypassing win 98 login password

    hai

    I am giving this as I got lot of negative points and I want to revert back with some good things

    I will now give you some ways of cracking your own system BIOS passwords.

    These following methods are useful when you forgot your passwords or for some similar situations.

    There are two methods of cracking Award Bios. They are:

    1) Clearing the CMOS by opening the PC
    2) Clearing the CMOS without opening the PC.

    Before we start resetting the BIOS we can learn something about BIOS.

    BIOS, it has the basic settings on your computer, such as how many kinds of disk drives you have, which one’s are enabled and which one’s are disabled and which one’s are used for booting etc. These settings are held in a CMOS chip on the motherboard. A tiny battery keeps this chip always running so that whenever you turn your computer off, it still remembers its instructions.

    To enter BIOS you can press DEL key or CTRL+ALT+ESC keys all at once or CTRL+ESC keys at once at bootup.
    Most of the computers have a BIOS which can be configured to ask for a password as soon as the computer is switched on. If the “Ask password at startup” option is enabled, then as soon as the PC is switched on, a dialog box welcomes you and asks you for the password. You cannot override this and there is no way of disabling this because to enter the BIOS, you need to know the BIOS password. So what do you do now?
    disable it by hacking into the BIOS setup. But there’s a catch. To disable the BIOS password, you need to enter the BIOS. But as soon as you enter the BIOS, the BIOS ask for a password. The most common method of overriding this password prompt is by trying out some default BIOS passwords. Some of them are j262, AMI, BIOS, bios, setup, AWARD_PW etc. The best way to find the default passwords of various BIOS is to search at http://astalavista.box.sk, which is the best search engine for security-related matter. Before you start finding the default password, you should first note the company name and version number of the BIOS which is displayed on the screen each time the system boots.
    If the default passwords did not work, then get ready for some serious hacking, try to reset the BIOS to its default settings so that it asks for no password at all.
    To achieve this, try the appropriate method selecting from the following cases.








    CASE 1: If no dialog box welcomes you by asking a password while booting, then follow this procedure to remove BIOS previous password and reset BIOS to its default settings (clearing the CMOS without opening the PC).
    Type the code that follows as it is at the DOS prompt and then restart your system. Now no dialog box appears asking you to type the password, you have to reconfigure your BIOS settings from default to your required values.
    The code follows:

    DEBUG hit enter
    -o 70 2e hit enter
    -o 71 ff hit enter
    -q hit enter
    exit hit enter

    Restart the computer.

    It works on most versions of AWARD BIOS. If it does not work, then search at http://astalavista.box.sk for the debug command for your BIOS version.

    TIP: If you really want to learn more, then play around with the windows system files and try out new things. There is no way anything can happen to windows if you keep your backup files and your startup disk ready. I am sure if you try new things out yourself, you stand a better chance of learning new things.



    CASE 2: If some dialog box appears at bootup asking you password to give access to the system, then do in the following way. (clearing the CMOS by opening the PC).

    Open the computer and then look for a round lithium battery, it probably looks like a silver coin. So, remove the battery and after 30 second or so put it back. Some computers may also require you to reset the jumper, so look for a 3-pin jumper and reset it. For example, on most machines you will find a three-pin device with pinsone and two jumpered. If you move the jumper to pins two and three and leave it there for over five seconds, it will reset the CMOS.


    KEEP IN MIND: Messing with the CMOS chip and the jumper is more dangerous than editing system files. So, do everything with utmost caution.












    Now you had cracked the BIOS password and you encounter the windows login password dialog box.

    Bypassing Windows 98 login dialog box:

    Now I will tell you how to hack and bypass windows98 login dialog box.
    Reboot your system and wait for the message…

    “Starting Windows 9x …… “

    When you see this on the screen, press F8.



    The boot menu will come up. Select option 7, to boot into DOS. Then go to the windows directly by typing the following at the dos prompt,

    C:
    Cd windows

    (Here “C” is the drive in which windows is installed)


    TIP: Keys that will affect the boot up process are F4, F5, F6, F8, SHIFT+F5, CTRL+F5, and SHIFT+F8. Try them out and see what happens!!!


    Then rename all files with the extension .pwl by typing the following command at the prompt:

    C:
    Cd windows
    Ren *.pwl *.xyz

    This above process will rename all the files with .pwl extension into files with .xyz extension.

    You can also delete the files with .pwl extension by typing the following at the dos prompt:

    C:
    Cd windows
    Del *.pwl

    Now, when the windows password login pops up, you can write anything in the place where the password has got to be typed. As you have renamed (or deleted, although renaming them would be better as the victim will not know that his PC has been tampered with) the password files, windows cannot find that file. So it just takes the password you have typed as the original password.

  2. #2
    Banned
    Join Date
    Jul 2002
    Posts
    877

    Yawn...

    Though your posts were... umm... !LAME! I was still cool with it intil I saw this thread. I've seen 100 post exactly like this one on other boards so I beleave its a bit C&P... not only that but geting rid of your bios password isn't really cool man. Changeing or reseting it is somewhat cool though... but a password is set there for a reason ya know. Why get rid of it?

  3. #3
    Senior Member roswell1329's Avatar
    Join Date
    Jan 2002
    Posts
    670
    Ya know, I'd be interested in a tutorial like this if it demonstrated how to defend against this sort of attack (ie, bolting the case shut, or enforcing policies and profiles from a domain controller), but just showing people how to break things isn't very productive. Furthermore, this isn't even a very delicate way of defeating these counter-measures. If you reset the BIOS password, someone will know you were there. If you delete the PWL files, someone will know you were there. In addition, this information is a bit antequated. Counter-measures for these exploits have been established (namely the use of an NTFS version of Windows for any kind of networked environment). I can't think of any network administrator with a brain who would consider Windows 98 a viable networking OS worthy of protecting any valuable data. This information has very little use, and will likely just get one of our newbie members in trouble. In the future, please put a little more thought into a post like this. It serves very little purpose.
    /* You are not expected to understand this. */

  4. #4
    Junior Member
    Join Date
    Mar 2003
    Posts
    3
    I started out on Windows, and the first thing I got to was the BIOS password screen. I just removed the CMOS chip and everything was kool. I didnt really have problems with it. I couldnt find the default password for my comp though.


    *I wonder if there is a way to hack LIFE*

  5. #5
    Antionline's Security Dude instronics's Avatar
    Join Date
    Dec 2002
    Posts
    901
    roswell1329 said:

    Ya know, I'd be interested in a tutorial like this if it demonstrated how to defend against this sort of attack (ie, bolting the case shut, or enforcing policies and profiles from a domain controller), but just showing people how to break things isn't very productive. Furthermore, this isn't even a very delicate way of defeating these counter-measures.
    and also:

    This information has very little use, and will likely just get one of our newbie members in trouble.
    I dunno what to say. You took the words right out of my mouth. Those quotes are the best thing in this thread.

    Cheers.
    Ubuntu-: Means in African : "Im too dumb to use Slackware"

  6. #6
    Bios pw set. Boot sequence set correct
    Windows restricted in F8 or CTRL.
    Proper password protection.
    The only option is to screw the box open, short circuit the MB or remove the battery.
    But since you have the box screwed open why not steal the harddrive and put in in a *nix box.
    Sorry to say but your post is lame.
    I am giving this as I got lot of negative points and I want to revert back with some good things
    Since this is a security board.......bleh

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •