Re: locked out of XP, need file access

From: Brian Dunbar (brian.dunbar_at_plexus.com)
Date: 12/29/03

  • Next message: Glenn Pearl: "RE: compromised network" 
    Date: Mon, 29 Dec 2003 11:51:42 -0600
To: security-basics@securityfocus.com

    On Dec 29, 2003, at 11:05 AM, JGrimshaw@ASAP.com wrote:

    > To preface, I apologize if I am wrong.  I also expect to be bashed for
    > being harsh, but sometimes reality stings.

    I'll try not to bash. Your points are valid, Sir.

    > A question that I have, is that if the box is his, and those files are
    > his
    > (and are important), how did he suddenly just "forget" the admin
    > password?

    I've had users (at a client site) who built their own box, used the
    machine for months with their domain account, then forgot what they set
    the local admin password to. Since they never allowed the domain
    admins to be local admins they were sorta stuck. Oops.

    <snip>

    > Responding in the positive to his request akin to offering a burglar a
    > set
    > of lockpicks and detailed picking instructions because he "lost" his
    > keys
    > to his car. 

    You have a valid point yet ... the lockpicks are easily available to
    anyone with enough brains to launch a google search and download the
    Nordahl utility. You can't keep that stuff secret; our original poster
    was more than able to find this stuff out on his own.

    This reminds me (no offense) of the Security Officer at a client site.
    Knowing they were sensitive to this type of hack, yet wanting to save
    the end user the pain of having to jack around with mounting disk
    drives, or (worse) reinstalling his box (and loosing his data) I
    brought this to his attention. He okayed the use, but swore me to
    secrecy as to the method. Which was futile; the end user had found the
    tool on his own while I spent hours getting the operation approved.

    Brian

    ---------------------------------------------------------------------------
    ----------------------------------------------------------------------------

  • Next message: Glenn Pearl: "RE: compromised network"

    Relevant Pages

    • Re: Resetting local administrator password
      ... a local admin password without having local admin rights to that box? ... to reset the local admin password via My Computer>Manager and command prompt. ... The Domain Account could have rights to change a local admin password. ...
      (microsoft.public.windowsxp.general)
    • Re: Changing the local admin password base on the computers OU
      ... allowing us to cahnge local admin passwords pretty ... 'Change the local admin pwd for OU TEST1 ... 'Change the local admin pwd for OU TEST2 ...
      (microsoft.public.scripting.vbscript)
    • Changing the local admin password base on the computers OU
      ... allowing us to cahnge local admin passwords pretty ... 'Change the local admin pwd for OU TEST1 ... 'Change the local admin pwd for OU TEST2 ...
      (microsoft.public.scripting.vbscript)
    • Re: cracking local admin account
      ... problem is if gains access to the local admin passwords and every computer ... eboot disk order but don't forget to password protect access to the BIOS. ... If the user is logging into the computer as the local administrator there is ... > he can reset the local admin password and do many other things. ...
      (microsoft.public.security)
    • Re: Changing the local admin password base on the computers OU
      ... 'Change the local admin pwd for OU TEST1 ... 'Change the local admin pwd for OU TEST2 ...
      (microsoft.public.scripting.vbscript)