So anyway, it was like, 09:01 CEST Aug 23 2006, you know? Oh, and, yeah,
Roy Schestowitz was all like, "Dude,
> How to hack windows XP admin password
>
> http://www.it.iitb.ac.in/~sudhir/Hacking/Win_XP_Hack.html
>
> That's the equivalent of letting any local user become root.
In all fairness, if you used a file system without permissions on any
unix-like system, it would be as easy to edit /etc/passwd to "hack"[1]
that system, too.
A "limited account" does not get to write to files in system32 on a
properly setup xp box with ntfs (nor 2000 or nt4 either, I'd guess),
so you'd have to assume that the target is using a fat32 file system
for his "hack" to work.
Then again, this /is/ the way most factory-installed workstations are
delivered even today, it seems.
[1] ..and I use the term loosely since none of his tricks seem very
clever (using the /policy editor/ to turn off cd autoplay?!?)
--
Time flies like an arrow, fruit flies like a banana. Perth ---> *
09:25:06 up 45 days, 16:54, 2 users, load average: 3.10, 2.32, 1.33
Linux 2.6.16.18-xen x86_64 GNU/Linux Registered Linux user #261729
|
|
