In comp.os.linux.advocacy, Johan Lindquist
<spam@xxxxxxxxxxxxxx>
wrote
on Wed, 23 Aug 2006 09:36:01 +0200
<14dtr3-j9f.ln1@xxxxxxxxxxxxxxxxxxx>:
> So anyway, it was like, 09:01 CEST Aug 23 2006, you know? Oh, and, yeah,
> Roy Schestowitz was all like, "Dude,
>
>> How to hack windows XP admin password
>>
>> http://www.it.iitb.ac.in/~sudhir/Hacking/Win_XP_Hack.html
>>
>> That's the equivalent of letting any local user become root.
>
> In all fairness, if you used a file system without permissions on any
> unix-like system, it would be as easy to edit /etc/passwd to "hack"[1]
> that system, too.
Pedant Point:
/etc/shadow, nowadays, though it might depend on one's
PAM settings.
>
> A "limited account" does not get to write to files in system32 on a
> properly setup xp box with ntfs (nor 2000 or nt4 either, I'd guess),
> so you'd have to assume that the target is using a fat32 file system
> for his "hack" to work.
Oh yeah, there's a well-protected system. *smirk*
>
> Then again, this /is/ the way most factory-installed workstations are
> delivered even today, it seems.
Ick.
>
> [1] ..and I use the term loosely since none of his tricks seem very
> clever (using the /policy editor/ to turn off cd autoplay?!?)
>
--
#191, ewill3@xxxxxxxxxxxxx
Windows Vista. Because it's time to refresh your hardware. Trust us.
|
|
