Exploit allows command prompt to launch at Windows 7 login screen

Nope... to windows users, anything which means that the OS allows them to do stupid things, is an "exploit" or "vulnerability"...

To everyone else an exploit is something like a buffer overrun...
 
Funny, I use this hack all the time to break passwords. People often lock themselves out of their computers, and the fastest way for me to get past them is using Sticky-Keys. I plug in their drive to a second computer, rename SETHC.exe (the Sticky Keys executable), and copy CMD.EXE. Turn the computer back on, and voila.

And once you've got the command prompt open, it's just a matter of "net user %username% *" to blank the password.
 
So Like the next computer I buy will be required to run windows 8 for security purposes and it's already been cracked. I guess I will have to get to now my bank teller, tax accountant, and any other official business type personally again. Since my ability to do secure transactions by computer is now controlled by the most insecure company.
AlleyTrotter
 
"So Like the next computer I buy will be required to run windows 8 for security purposes and it's already been cracked. I guess I will have to get to now my bank teller, tax accountant, and any other official business type personally again. Since my ability to do secure transactions by computer is now controlled by the most insecure company.
AlleyTrotter"

Amazing! Have you read the comments? This "hack" or "exploit" requires admin access and in this case, physical access to the computer. If you can't even lock your own computer and allow someone to do what they need to with your computer, it's your own damn fault. It does not matter whether it's Windows, Linux, or MacOS.

Anyways with that said, I hope Windows can do something about this.
 
"So Like the next computer I buy will be required to run windows 8 for security purposes and it's already been cracked. I guess I will have to get to now my bank teller, tax accountant, and any other official business type personally again. Since my ability to do secure transactions by computer is now controlled by the most insecure company.
AlleyTrotter"

Actually the "bad guy" does not even need to use this exploit. Since he have admin access and/or physical access, he might as well just install a trojan or a keylogger and secretly disable any antivirus or firewall. Voila! Who cares about this exploit when you can do so much more with the admin access and/or physical access.
 
You must log in or register to reply here.

Similar threads

Z
Windows Insiders can now use Sudo just like they do on Linux
Replies
3
Views
185
bviktor
B
Cal Jeffrey
Researchers prove they can exploit chatbots to spread AI worms
Replies
3
Views
157
Cal Jeffrey
Cal Jeffrey
A
Google OAuth secrets exposed as account-hijacking MultiLogin vulnerability discovered
Replies
4
Views
250
Jme Kerul
J

Latest posts

Back