Re: article from codeproject: Hacking Windows XP SP2 Security



There is really nothing new in the article, except perhaps the large
compilation of manufacturers' defaults for BIOS passwords/bypass.

If a machine is not physically secured it is not secured. What is
outlined is basically what has been done for a long time, whether
against Windows with the SAM or Unix after grabbing the shadow
file. If you can have your way with the physical machine, no matter
what it is, then you can subvert anything that is there to protect it
(except maybe full disk encryption with external key).

The technique as outlined is not of use for domain credentials
(you asked, what of a DC).

--
Roger Abell
Microsoft MVP (Windows Server : Security)

<mtczx232@xxxxxxxxx> wrote in message
news:1151067539.473757.153000@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
article from codeproject descripe hay Hacking Windows XP SP2 Security!
have sombody try it?
and what about win2003 DC?



.