Oh, Oh, Oh .... ARG!

I think Soda_Popinsky did a good job at this ( while I wrote ) but I am posting anyway.

As for onewingaengel's, I am not .....

This question has a couple of branches.

First is the controversy over the alleged 30 min attack, which I won't go into except to say that it was reported to use an undisclosed exploit.

The second, and more pertinent question for this thread, is how do you get past a firewall into the LAN to use the exploit.

1) Compromise the firewall, then work from there

2) Compromise the target via email, download, etc., then have it contact back the exploiter, thus ( usually ) flying right by the firewall.

3) Compromise something else within the network using methods above, then go after the target from within.

4) just go after the target from within ( other LAN users )

As for hacking without a user account on the target box, if that is what you are asking, maybe you should ask M$ ?

Remember, everything I have read on your referenced hack was due to a reportedly undisclosed exploit. There have been no references ( so far as I have read ) to any further specifics. We will have to wait and see if the hoster of that challenge had the necessary logging set up to identify it, and the integrity to notify Apple if they find the exploit used.