The art of gaining local access

By Phantasm66 ยท 9 replies
Oct 12, 2002
  1. Here's a nice article I found, its not very detailed but its quick and easy and gives some good pointers for beginners. Just don't tell your system admins at school / college that I pointed you towards this stuff....

  2. ranger0001

    ranger0001 TS Rookie

    I have a copy of NTFS Boot disk "read only" and a win98 boot disk, Is there a way I can give myself administrator access with windows 2000, or at least power user access without paying too much, (maybe like even free). I dont want to screw up my system too bad. I think once I've got myself more privledges I would change the administrator account back to the original. Well can I ....can I ?
    I would like to add privledges for myself without changing the current administrator password. This company went a little overboard with their NT/2000 locking people out. I or anyone else within the company can't do anything other than use the loaded programs on our local computers, no direct downloads, no software or hardware installs, :blackeye:
    Any help would be appreciated
  3. jobeard

    jobeard TS Ambassador Posts: 11,166   +986

    Caveat Emptor:
    Then we could always do a backup-copy of the password file and copy it back when we are ready. If the administrator does not check dates this method should work fantastically well out on a Linux-machine.​
    That's a primary feature of any IDS system. These are 'primarily' found on server machines.
  4. s3xynanigoat

    s3xynanigoat TS Rookie Posts: 94

    WTF... everyone knows physical security is the biggest part of network security. My Servers have their CD's/Floppy's/USB's either locked through GPO or covered by the server door which is locked. Plus they are in a restricted area that you can't just walk into.

    So if they get local access to a client? This could be problematic, depending on their intentions. All files are on a network drive though so I'm not so sure what they would be gaining. Sensitive files are only allowed to be accessed by a particular IP adress specific to that machine.

    gaining access to your work PC is going to get you nothing more than fired. These large companies that lock their computers down tight usually have an audit/inventory wizard which see exactly what you are running. So, if you want to circumvent the security system that they have most likely spent thousands of dollars on so you can load AIM and get a virus to destroy their computer system that they have spent hundred's of thousands of dollars on be my guest. Just don't be surprised when you're hit with a pink slip / fine.

    Now if you wanted to test this stuff on your home PC for your own knowledge then more power to you. I'm all for knowing how hacking works and what motivates people who hack.... Plus it's always good to keep up with this type of stuff.
  5. Nodsu

    Nodsu TS Rookie Posts: 5,837   +6

    Heh. If I was walking around in some company looking for a way to steal information, I'd go and sit behind the computer that has the username/password written on a post-it not on the monitor. Take the files I want, write them to a USB disk or upload to some FTP site.

    Really. If you have people walking around looking for ways to steal stuff, then the computer local security is not the real problem. They might as well grab random documents off peoples desks, steal wallets, steal security passcards.. Heck, I could just grab a SFF PC of the desk of a higher ranking employee and take it home.
  6. toffeapple

    toffeapple TS Rookie Posts: 152

    Its a complete nonsense...."get your self hired" yeah like you just walk up and go "giz a job mate"
    and they say " yeah no the way how do you fancy working after hours unsupervised with access to other peoples pc's...and it pays overtime!"

    anyway you can download a linux boot disk that can crack a local admin password in windows...if the systems admin is anyway savvy there will be nothing stored locally on the PC...I know i don't allow it.
  7. ender

    ender TS Rookie Posts: 94

    Unfortunately, the scenario is not completely crazy. Just think of a college where students have access to computers but only get limited accounts. Any of them might want to get root/administrator access. You can hardly imagine how many wannabe crackers can be found in schools, especially in CS classes. :rolleyes:

    Big problem in this case is that they're students and they're supposed to have local access. And yet there's a simple and stupid way of preventing any of the scenarios that Phantasm66 has figured. You set the first boot device to be the local harddrive (or whatever holds the OS) and you password protect the BIOS. :D
  8. SultanGris

    SultanGris TS Booster Posts: 158

    reset bios jumper, remove battery, bios password gone.
  9. Nodsu

    Nodsu TS Rookie Posts: 5,837   +6

    That also includes "open up the possibly padlocked computer case possibly in front of dozens of people only to find out it is a decent corporate workstation with no easy way to remove the BIOS password".
  10. Jesse_hz

    Jesse_hz TS Maniac Posts: 545

    If you want to steal something from a persons home computer (not a company/school owned computer), running XP Home Edition, just boot into safe mode, and logon the admin account (that most people leave unprotected beacuse they don't know it's there. :)
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...