What is Digg?96 Comments
- yurimxpxman, on 09/06/2008, -2/+49The title says "Recover". The article describes how to "Change" the password, which isn't interesting to me. Buried for an inaccurate description.
- 000dom000, on 09/06/2008, -1/+26Link to actual article: http://www.hackszine.com/blog/archive/2008/09/howt ...
- mohtasham, on 09/06/2008, -10/+34How long do you want to keep formatting your drive?
I guess you do:
1. Format drive C
2. Install Vista
3. Activate it
4. Install drivers (If you have the CD)
5. Install your favorite game
6. Play it for a week
7. Windows is crashed
8. Reformat drive C
9. Install Vista
10. Activate it (doesn't work anymore). Prepare a good story and convince Microsoft that your version of Vista is genuine.
11. Install drivers
12. Install games and play them.
Repeat everything for 8 years, till the new Windows is released. Your current programs that you paid a lot of money fore, don't work on the new OS anymore. You have to pay to get a version that works with the new version of windows, even though you don't see any difference with the previous version.
Conclusion:
Linux FTW. - Zaggynl, on 09/06/2008, -1/+16TL;DR: boot into single user mode, passwd, profit.
If you don't have a "recovery mode" or single user mode option in grub , use "initlevel 1", should boot into single user mode now - drakonite, on 09/06/2008, -0/+16This has been known for a very long time. Proper system administration is to set a password on grub that prevents you from changing boot options and to remove any unprotected boot options that give the user access they shouldn't have.
The problem then becomes someone using a boot disc. This is unrelated to what OS the computer is running. To secure against this you would disable booting from anything other than the hard drive, and set a BIOS password... But someone could always open the case and reset the CMOS. Padlock on the case? Bolt cutters.
In the end, someone with physical access to your computer can have root level access one way or another no matter what OS you have installed. You can prevent someone from stealing your data by encrypting your drives. This has been supported by Linux for a long time now; I believe you can encrypt at least individual files in windows on NTFS partition, though I have never looked deeply into encrypting windows drives. - highgeere, on 09/06/2008, -0/+13Recover a 'lost' Windows password -
http://ophcrack.sourceforge.net/ - Beej, on 09/06/2008, -0/+12I'd love to hear the details of this, because there's theoretically no way to reverse the hashed password without guessing the password. This is why the actual article doesn't tell you how to "recover" the password; it tells you how to "reset" the password to something else.
In other news, once a person has physical access to your computer, all bets are off--so the OPs notion of being able to boot into single user mode and change the password doesn't count as a security flaw, per se. You could also bring a liveCD over to their house, boot it up, mount their disk, and manually remove the password, for instance. - Nightlurker, on 09/06/2008, -0/+10Well, to be fair.. Can windows even run crysis? :P
- highgeere, on 09/06/2008, -0/+10init=/bin/bash
even better ^ - psion01, on 09/06/2008, -0/+9Welllllll ... single user mode requires you to be physically in front of the console -- at the keyboard and display of a server in the first place. If you're there, you have the power to do whatever you want to the hardware just by installing a new OS.
- infiniphunk, on 09/06/2008, -4/+13To all the half-wits commenting in this thread that linux is not secure because of this, get a clue. This is about having physical access to a machine. Of course, there are many measures one can take to prevent even this from being done.
1. Password protection on the bios.
2. configuring boot options to not include booting from CD-ROM or USB.
3. a lock-box. You can actually get something for your machine that basically amounts to it being in a locked safe.
I hate to state the obvious and use their own language back at them when referring to these Windows trolls, anyway, "butthurt much?" - thecheatah, on 09/06/2008, -0/+8well you must be dumb enough to use the same passwords for your login as you use on sites. He probably just asked firefox to show him your saved passwords. Easy as that. Technically speaking its close to impossible to figure out anyone's password, unless its a common word, no matter what kind of access you have to the computer.
In this case your not recovering a password, you are resetting it.
ooh what beej said, i didnt read it until now. - waydee, on 09/06/2008, -2/+8Learn to identify trolling.
- rharris, on 09/06/2008, -0/+7When I taught security, one rule of thumb was: if I can touch it, it's mine. I can gain root/admin access on any Windows, Mac, Linux, or Cisco box if I can get physical access to it.
- dawndaemon, on 09/06/2008, -0/+7A GNU/Linux, when set up properly, is not prone to these types of abuse. Properly set systems ask for password even in runlevel 1 (single user). And on properly set systems you don't even have the chance to ask to boot in runlevel 1 if you first don't enter a password.
- AlericB, on 09/06/2008, -0/+7If you actually want to RECOVER your password and not CHANGE it, you might try a program called Ophcrack. It works on Linux, Windows, and OS X.
And for those of you concerned about this as a security issue, remember if someone has physical access to the machine, they have full access to the machine. - psion01, on 09/06/2008, -1/+8I can play real games on my Playstation, but I wouldn't use it for serious computing.
- Skooma714, on 09/06/2008, -0/+6with physical access. Plus server ops generally know how to close it.
- hoogie, on 09/06/2008, -0/+6I don't understand.
- spectre_25gt, on 09/06/2008, -0/+5Dude, have you ever heard of physical security? There's a certain point where you can't expect the OS to do everything for you.
- MWeather, on 09/07/2008, -0/+5You seldom have to reinstall, but fixing the problem seldom takes less time than reinstalling.
- infiniphunk, on 09/06/2008, -0/+5Yeah but how long would that take, given a good strong password?
- dood, on 09/06/2008, -0/+4A lot of people make boatloads of money using Linux servers.
- Virgule, on 09/06/2008, -1/+4ditto
- dannyboy3020, on 09/06/2008, -2/+6...or you can use the OS that suits you best and not bitch about others.
- TheLoneWolf071, on 09/06/2008, -0/+4Doesn't Always work on good systems. Most Main stream enterprise distro's, IE Redhat or CentOS, have this ability disabled for this purpose. Plus if you already have physical access to a machine, you can just pop in knoppix and reset or recover, though you'd have to still decrypt the MD5
- bullox, on 09/06/2008, -1/+5"I have no intelligent comment to make"
Right about that. - vade79, on 09/06/2008, -0/+4Are you retarded? it's not even a good "technology" article...it's something every admin/*nix person already knows...for the rest of your rant of fodder, get the sand out of your vagina and learn what real propaganda is.
- raydeen, on 09/06/2008, -0/+4It requires physical access though. I don't think it's something that could be done remotely (although someone probably knows how). Similar tricks in OS X as well, although it's even easier there. There's one file to delete and after a reboot, the machine thinks it's fresh out of the box and asks you to set up an admin account. A few of the smarter kids at the school where I work found this little trick and started passing it around. Didn't harm the network in anyway, just made them masters of their own domain for a while.
- sg7791, on 09/06/2008, -0/+3Shut the ***** up. What if I don't want to play games?
- jannefoo, on 09/06/2008, -1/+4death to blog spam
- javaroast, on 09/06/2008, -0/+3massaks comments are trash, otherwise they wouldn't be free.
- inactive, on 09/06/2008, -0/+2this is nothing new, I recall almost 20 years ago having a friend send me a disk to edit the password file (left the pw blank to make it easy) because he didnt have install media for his SGI so he couldnt do it any other way. People have used knoppix and other live CDs and mounted the partition so that they could do this as well (I have on boxes that I no longer have the password for).
In my opinion its just common sense. - yurimxpxman, on 09/07/2008, -0/+2honestly, it could be plain text for all I care. Just as long as it's only available to root. If someone has physical access to the machine, they could just copy the shadow file and crack it somewhere else, so it doesn't really matter how good the encryption is. Just make sure no one on the network can access it.
- inactive, on 09/06/2008, -0/+2The security of the encryption in Windows (in XP at least, not sure about Vista) is depended on your Windows password. All one needs to do is burn a bootable copy of Ophcrack, boot up the system and crack all the passwords it finds in the SAM file. Once you have the passwords the encrypted files are no longer secure. The free tables that are provided by the site will only get you alpha-numeric passwords. Adding non-alpha numeric characters to your password should stop the free tables from getting your password. But you can pay money for the non free tables to have ophcrack work with non alpha-numeric symbols. Point being, the encryption is only as good as the technology that protects the password and the password the user chooses.
- Macuyiko, on 09/06/2008, -1/+3Okay. Then what do you think about free-dom? Tsk tsk.
- Culyt, on 09/06/2008, -0/+2Google "John the Ripper" password cracker. That will be able to break the password encryption in use in /etc/shadow but it will take a while. Possibly rainbow tables can be used to do it instantly but I think salting is supposed to bypass that?
Although I find it strange that we are still using salted md5 sums and not something more secure, but I guess if it works and I assume that the people responsible for the login manager are security conscious. Although there is the possibility of them being backwards compatible zealots and telling people they should be using a different login program or PAM module or whatever if they want security.
☢ - Loornadune, on 09/06/2008, -0/+2Way to submit the actual method mentioned in the title, and not a blog linking to the tutorial.
- MWeather, on 09/07/2008, -0/+2Suit yourself. The Cell is awesome for serious computing.
- rharris, on 09/06/2008, -1/+3/etc/shadow is available if you're root or you can run commands as root via sudo
- inactive, on 09/06/2008, -0/+2The tables that are free for download for Ophcrack only cover alpha-numeric passwords. If you include non-alphanumeric symbols in the password that should take care of the free tables. Of course you can always pay for the non free tables that do cover non alpha-numeric symbols.
I don't know why scabbers is being dugg down. He was right in his comment. Using 3rd party encryption is a much more safer bet then the Windows built in "security". No amount of physical access is going to get you access to files protected by truecrypt, not counting that "key in ram from cold boot" trick. - yurimxpxman, on 09/07/2008, -0/+1u iz returded
- vetal17, on 09/06/2008, -0/+1not really
I've tried that on FC4 and it boots wit hread only filesystem - kaph, on 09/07/2008, -0/+1If you have physical access to the machine, the only prevention method that would work is number 3.
- secrity, on 09/06/2008, -0/+1Solaris, Red Hat, and HP-UX do not ask for root password to boot into single user mode, you are presented with a root prompt after it boots.
- inactive, on 09/06/2008, -0/+1That has changed then, I stopped using solaris about rev 2.6 and it always asked. HPUX 11 also asked, as did irix and aix of the same vintage. This was mid 90s or so. But then again /sbin was *static* binaries not superuser binaries, useful in case your /lib or /usr/lib partitions cant be mounted, that too is corrupted with people changing the way it used to work into something that is somewhat inferior.
- k0gaion, on 09/07/2008, -0/+1boot with kernel param "init=/bin/sh" ; after you-re dropped in the shell "mount / -o remount,rw" ; "passwd" ; reboot and you-re done.
- djangoxl, on 09/06/2008, -0/+1Dude, you are so cool, man! I like this painting:
............................................________
....................................,.-‘”...................``~.,
.............................,.-”...................................“-.,
.........................,/...............................................”:,
.....................,?......................................................,
.................../...........................................................,}
................./......................................................,:`^`..}
.............../...................................................,:”........./
..............?.....__.........................................:`.........../
............./__.(.....“~-,_..............................,:`........../
.........../(_....”~,_........“~,_....................,:`........_/
..........{.._$;_......”=,_.......“-,_.......,.-~-,},.~”;/....}
...........((.....*~_.......”=-._......“;,,./`..../”............../
...,,,___.`~,......“~.,....................`.....}............../
............(....`=-,,.......`........................(......;_,,-”
............/.`~,......`-...................................../
.............`~.*-,.....................................|,./.....,__
,,_..........}.>-._...................................|..............`=~-,
.....`=~-,__......`,.................................
...................`=~-,,.,...............................
................................`:,,...........................`..............__
.....................................`=-,...................,%`>--==``
........................................_..........._,-%.......`
..................................., - trogdoor, on 09/06/2008, -0/+1All that does is give the false illusion of security, if a person has physical access to a machine the best you can do is encrypt what you don't want them to see. They can do whatever they want beyond that. And BTW, to do this in OSX just hold down command + S at boot.
- secrity, on 09/06/2008, -0/+1It is not a trick, it is simply the way it works. Windows is no more secure against this sort of operation. This is why physical access to boxes needs to be tightly controlled.
-
Show 51 - 97 of 97 discussions
© Digg Inc. 2009
— Content created and posted by Digg users is