Roy Schestowitz wrote:
> Another simple hack.
>
> How to Hack a Window XP Admins Password
>
> ,----[ Quote ]
> | This is a cool little trick I've picked up in my travels and decided
> | to share it with you fine and ethical individuals.
> `----
>
> http://internetbusinessdaily.net/how-to-hack-a-window-xp-admins-password/
>
> No easy way to secure a multi-user machine. Is it at all surprising that
> the NSA chose Linux?
>
> Security-Enhanced Linux
>
> ,----[ Quote ]
> | Unfortunately, existing mainstream operating systems (MS Windows)
> | lack the critical security feature required for enforcing separation:
> | mandatory access control. The results of several previous research
> | projects in this area have been incorporated in a security-enhanced
> | Linux system.
> `----
>
> http://www.nsa.gov/selinux/index.cfm
The people responding are saying that he has to have admin access to change
the admin password so really it isn't a hack. Which is true. But none of
the responders have taken into account that many home users (and probably
buisiness users too) do not set an administrator password, because they
aren't asked to set one when they switch on their shiney new computer. But
also one of the posters said 'any admin rights' would do.
There is the ongoing problem that most users on XP do have admin rights,
because less than admin rights made it awkward for them to use due to poor
choices of what should be under the admin domain and what under the user
domain for a home computer. Also they are not given a choice when they
create their first user as the system is set up for the first time. So most
just go with what MS gave them at that time, a user with admin rights.
The odd part is that this has been known about for a long time now, some of
those vulnerabilities you have all read about where they say 'They can
cause arbitrary code to be ran on your machine' are directly concerned with
this ability where once the buffer is broken, you can then get to the
command line, then you really can take over the PC with a couple of simple
commands to ensure the user can't get you out again without wiping the
drive, then your code is free to create a tunnel to your site where your
main code is waiting to come-aboard. It doesn't matter that occasionaly the
user will have been cautious and taken protections, the hackers know the
majority have not done anything about this since the windows logo first
poped up and told them they can now use windows.
(followed by a million popups and restarts as everything else sets up
obviously).
|
|