-
January 28th, 2004, 03:05 PM
#1
login using support_388945a0 account in XP
anybody knows how you can use the support account of windows xp??
i can't login using the normal login window, so how else can this be possible?
Also i'd like to know how much rights the account has ( that's the reason i want to log in in the first place).
i've found out that the helpassistant account is a guest account, if you have the password you can login with it in the normal loginscreen.
thanks for reacting,
it's highly appreciated!
-
January 28th, 2004, 05:21 PM
#2
Member
I haven't played with the hidden accounts in xp yet, but try resetting the password on the command line, you should be able to login then.
[gloworange]
find /home/$newbie -name *? | www.google.com 2>/dev/null
[/gloworange]
-
January 28th, 2004, 07:57 PM
#3
the problem is that the support_388945a0 account, doesn't have a password for it...
if you use a proggie like pwdump2 with an empty account, then you'll see that the hash of the empty account is the same as the hash for the support_388945a0 account, therefore the pw is *blank*.
maybe i don't understand what you mean, but i don't see why that would help?!
also, i've found another weird account : SYSTEM.
when you start the schedular for a taskmanager, then everything you open in the TASKMAN is run as system, so if you open the explorer.exe in the TASKMAN then you will see that you are system when you goto start.
but not possible to login with this account!
any ideas?
-
January 28th, 2004, 09:12 PM
#4
Junior Member
[i]
also, i've found another weird account : SYSTEM.
when you start the schedular for a taskmanager, then everything you open in the TASKMAN is run as system, so if you open the explorer.exe in the TASKMAN then you will see that you are system when you goto start.
but not possible to login with this account!
any ideas? [/B]
The System is not an account that you can log in as. It is an account that runs most of the processes that windows require and are started automatically. It is found in 95-XP M$ OS. The System permission is also needed on many files and folders for the workstation or server to function properly. For example, try removing the system permission from all of your folders and files and try to run a Symantec Antivirus scan, as of SAV 8.0, the scan will run but since it uses the system credentials it won't have access to any folder or file. Many pieces of software use the system credentials. Likewise, most virus coding use the system credentials, since by default the system has unlimited access. So you may now ask how to keep your system account from being abused.
1) Partition your hard drive in at least 2 parts. Load the OS on 1 and the rest of your files on the other. this is good practice anyway.
2)Decide which folders have to have the system permissions, in reality, you don't have to have the system permission on any, but then we get back to the SAV part above.
3)Stay current on your OS security patches.
Its good to be at the top of the network food chain.
-
January 28th, 2004, 10:47 PM
#5
Member
What message do you get when you try to log on with a blank password? Try setting a password then logging in. What error messages do you get?
If your interested in the account explore. I don't have access to an xp box right now.
[gloworange]
find /home/$newbie -name *? | www.google.com 2>/dev/null
[/gloworange]
-
January 28th, 2004, 10:55 PM
#6
Actually, SYSTEM must have permissions for allmost everything on a Windows system, because the kernel uses the SYSTEM account. Many critical services, such as netlogon, also run under this account. If the system account doesnt have access to certain things, such as %systemroot%, %winnt%\system32, or the registry, you will have tons of problems.
Also, the Windows Logon Screen runs as SYSTEM. Disabling the account has almost the same effect as stopping the Security Accounts Manager service, so that's also a no go. What you need to do is change the permissions on all the folders and files, as well as registry keys so that the following are the only default accounts with any type of access.
Adjust the account names if you are running in a Domain.
Administrator (or the renamed default admin account)
Administrators Group
SYSTEM
Local Service
Authenticated Users
Remove EVERYONE....Nobody likes to have to deal with Null Sessions.
Also, if you can do without it, disable the "Help and Support" Service...that will further secure the SYSTEM account. And yes, you can change the password for SYSTEM to make it even more secure.
-
January 29th, 2004, 09:04 AM
#7
i think you all got me wrong!
i know what the system account does and what it is used for,
but when you start explorer as system, then you'll see in the start menu that you are system.
also it is possible with this account to access the sam strings and securitystrings in the registry that you can't access as a normal administrator .
but i didn't know you can change the system account password, how do you do that? just open explorer and press ctrl-alt-del for change password?
but what i thought was: maybe it is possible somehow to login using the normal loginscreen with the system account, since there is not a password set by default.
and for the helpassistant and support account, those are the first accounts i disable when i install windows xp or 2000.
but i was just curious how you can use the support account, cause when we can, someone else can too!!!
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|