dionjuan2004 try running "net use X: \\remotepc\c$ <pass> /user:<username>" in the command prompt. This way you specifiy the username. Now the drive "X:" should appear in my computer. Just use that to access his hardrive.
Printable View
dionjuan2004 try running "net use X: \\remotepc\c$ <pass> /user:<username>" in the command prompt. This way you specifiy the username. Now the drive "X:" should appear in my computer. Just use that to access his hardrive.
I'm really confused here. There is no super administrator account on a Win2k system that is created by MS. Are you smoking what you are cooking?Quote:
Distiguish tween the administrator account that you own and the hidden admin account that you have no real access to, cept for when you go into safe mode. They are two different accounts.
In a domain enviroment, a domain admin can access other people hard drives using the \\computername\C$Quote:
Originally posted here by mohaughn
I'm really confused here. There is no super administrator account on a Win2k system that is created by MS. Are you smoking what you are cooking?
CXG- I know that. What I was questioning is what methcook is saying about there being a "hidden" administrator account that only MS has access to. That information is false.
"Someone got local admin rights remotely on my pc thru the hidden admin account that MS creates. That admin accont overrides the admin account that we all use. He had the control of the most powerful account on my OS, which happened to be hidden from me. Needless to say, I was at his mercy and eventually ended up being completely locked out of even simple user accounts."
There is no higher permissions on a system than full administrator and by default there is only one administrator account, which is named, by default, administrator. There are no other "hidden" accounts on an NT system that have admin rights. I also understand that you cannot restrict permissions from a domain administrator as they can always undo whatever things you do to try and restrict them from having rights on your system. However, a domain administrator getting access to a machine is not an issue as they have a legitimate right to have access to the machine. I was reading it that methcook was saying somebody took over his machine meaning that they were an attacker, not somebody who had legitimate access rights to begin with.
I think Methcook meant the Administrator account, which isn't visible in the default logon screen. If he didn't put a password on it anybody can walk into his pc. Removing admin shares doesn't help here. Setting a proper password on the Administrator account (and all the other accounts) is the only way to keep other people out.
Mohaughn: The only account that has more privileges then (Domain) Administrator is the NT AUTHORITY\SYSTEM account. But you cannot use it like a 'regular' account.
SirDice- By default that is true, but given that you can very easily go into the local security policy MMC and give the administrator account, or any other account, all of the same permissions as the localsystem account it does not make it more powerful.
True. It only makes it easier if a service running on SYSTEM gets nuked. As SYSTEM you can do almost anything :D If you can you should run any service you need on a normal user account. Unfortunatly this does mean fiddling around alot.Quote:
Originally posted here by mohaughn
SirDice- By default that is true, but given that you can very easily go into the local security policy MMC and give the administrator account, or any other account, all of the same permissions as the localsystem account it does not make it more powerful.