Re: Gaining Administrator Access to Windows XP Professional SP2 System

stephen-robertson wrote:
I downloaded software from http://ebcd.pcministry.com that allowed
me to gain Administrator access to my PC by blanking the
administrator password. I could also use this software to change
the password of any user that has a local account on the computer.
The software does this by modifying the password hashes in the SAM
hive of the registry.

I have set policies that require complex passwords, and passwords
must be at least eight characters. However, this seems to only
affect creating or setting passwords within Windows. Apparently,
these settings aren't applied when at the logon prompt, so anyone
who has physical access to the computer using this software could
gain complete access to the system.

This is a definite weakness in the Windows security model and
should be corrected. Ideally, the logon process should not allow a
user to enter a password that doesn't meet the policies set in
Local Computer Policy, even if the password is the valid password
for the account.

Physical access + time + know-how, no matter the operating system - is
owning the machine and all non-encrypted data within fairly easily. That's
why the first rule in system security is still physical security.

--
Shenan Stanley
MS-MVP
--
How To Ask Questions The Smart Way
http://www.catb.org/~esr/faqs/smart-questions.html


.