BF2S Forums windows password...

joker3327 wrote:

Bertster7 wrote:

OK. Foolproof solution.

You are using a laptop at the moment, right? I assume it at least has a CD writer and you have access to a CD.

1) Get this (note the NT password recovery feature - that's what you want)
2) Burn it to CD.
3) If neccessary change the boot settings in the BIOS so the system boots from the CD before the HDD.
4) Use the Admin password reset feature
5) Reboot.
6) Log in as the Administator (which won't come up as an option on the welcome screen - unless in safe mode or if you "Hold Ctl + alt and pres delete twice." (not one I've ever tried, but sounds like it'll work)).

There you go. You are now logged on in an account that your dad is highly unlikely to ever check. Nor will it show up anywhere.

If you can't get into the BIOS to change the boot sequence (because of a password), you may need to reset your BIOS.

[VulnWatch] Blank Administrator password in DELL XP Professional install

    * To: <bugtraq@xxxxxxxxxxxxxxxxx>
    * Subject: [VulnWatch] Blank Administrator password in DELL XP Professional install
    * From: "Michael Scheidell" <scheidell@xxxxxxxxxx>
    * Date: Mon, 27 Jun 2005 13:08:07 -0400
    * Cc: <security@xxxxxxxx>, <vulnwatch@xxxxxxxxxxxxx>, <cert@xxxxxxxx>, <security@xxxxxxxx>
    * Delivered-to: mailing list vulnwatch@xxxxxxxxxxxxx
    * Delivered-to: moderator for vulnwatch@xxxxxxxxxxxxx
    * List-help: <mailto:vulnwatch-help@vulnwatch.org>
    * List-post: <mailto:vulnwatch@vulnwatch.org>
    * List-subscribe: <mailto:vulnwatch-subscribe@vulnwatch.org>
    * List-unsubscribe: <mailto:vulnwatch-unsubscribe@vulnwatch.org>
    * Mailing-list: contact vulnwatch-help@xxxxxxxxxxxxx; run by ezmlm
    * Thread-index: AcV7Osm6xFvJtGqyT6KgZctjh9FUxg==
    * Thread-topic: Blank Administrator password in DELL XP Professional install

Vulnerability in DELL Windows XP Professional - default hidden Administrator account allows local Administrator access

Systems: DELL(tm) Laptops with Windows(tm); Professional
Vulnerable: DELL Laptops with pre installed Microsoft Windows XP Professional SP2
Severity: High
Category: Unauthorized Administrator Access
Classification: Default Authentication
BugTraq-ID: tbd
CVE-Number: CAN-1999-0504
Remote Exploit: Maybe
Local Exploit: Yes
Vendor URL: www.dell.com
Author: Michael Scheidell, SECNAP Network Security
Internal Release date: May 31, 2005
Notifications: May 31, 2005, Emailed various security and cert addresses at DELL
Vendor Response: June 7, 2005: Dell Emailed and requested more information
SECNAP response: June 7, 2005: Sent Dell serial number and service tag code on test system
Additional Contact: Emailed Dell on June 14, 2005 to request status
Additional Contact: Emailed Dell on June 21, 2005 to request status, cc'd original cert and security addresses
FBI Infragard Release: June 24, 2005
Public Release Date: June 27, 2005

Problem:

DELL OEM XP Processional has a default hidden administrator account.  Use of this account will allow anyone with physical access to the computer to fully control the computer, add spyware, keystroke loggers, password stealing software and read all files, including temp files, local files, documents, and any email that has been stored locally.

DELL does not inform the installer of this account, nor give them the option of putting a password on this account. If a savvy installer finds the function to change the password for the Administrator account, they are warned that they could lose data. Security best practices REQUIRE a password on all administrative (and root) accounts.



FYI Bert        and Noob..... so your parents have set an admin password

Bertster7 wrote:

I know on Dell and IBM machines they don't set a password. Leaving the system vulnerable to local exploitation, but on machines from vendors that are less rubbish they do.

Noobpatty wrote:

Ok Bert, so if it doesn't already boot from the CD how do i change it?

Bertster7 wrote:

Who uses their Admin account? It's a security nightmare.

Last edited by jsnipy (2007-04-12 09:52:31)

jsnipy wrote:

Bertster7 wrote:

Who uses their Admin account? It's a security nightmare.

... for an idiot.I rename all my accounts, including the default Administrator account.

jsnipy wrote:

Bertster7 wrote:

jsnipy wrote:

... for an idiot.I rename all my accounts, including the default Administrator account.

Nothing to do with the naming. To do with the stuff you can access. There are things that are only accessible through the Administrator account. That is why using it is a bad idea, not because of the simple name.

For most people i guess ...

Bertster7 wrote:

jsnipy wrote:

Bertster7 wrote:

Nothing to do with the naming. To do with the stuff you can access. There are things that are only accessible through the Administrator account. That is why using it is a bad idea, not because of the simple name.

For most people i guess ...

No. For all people. It is a bad idea to use the Administator account. It's like being logged in as root in Linux (well, not quite as bad).

Last edited by jsnipy (2007-04-12 10:05:12)

jsnipy wrote:

Bertster7 wrote:

jsnipy wrote:

For most people i guess ...

No. For all people. It is a bad idea to use the Administator account. It's like being logged in as root in Linux (well, not quite as bad).

linux i dont use the root account all the time

*NO* Not all people ... how you can do any development (like services and such) if you are logged in as an admin? Maybe if your understanding is big black black cloud I could understand using a less priveldged account ... that is the same mentailty as always saying "reformat" when cannot solve an issue.