Hacking Windows XP SP2 Security
来源:互联网 发布:广州云计算培训 编辑:程序博客网 时间:2024/04/27 23:49
1-Introduction
2-To Hackers / Security Systems Engineers
3-Close Lock to hole
4-Dose Microsoft Know and Why!?
5-Understand the Idea
6-Get Admin Like Account (The Simple Way)
7-Crack the SAM-Know the real Admin Password and Apply Hint 8
8-Creat a Hidden User Account
9-USB Boot for FAT32, NTFS or any File System
10-Mother Boards Default Passwords and how to extract it if you are in The system
$windir$\system32\config
You will find all things and may discover some thing new, but what amazing here is that the file is available, so we can apply our idea
1-They need their software spread and all depend on it and in one day when they feel that they are the One The security will done and all money will go to One Pocket
2-They Forced/Like to Make Some Organizations Hack other systems
Proof:
They can make this File SAM Unavailable by storing the information in FAT, FAT32, NTFS Areas (Sectors reserved by The Operating SYSTEM to Store the Addresses of the files on the HardDisk File Allocation Table) So that it is hard to extract. But they don't!!!!!
The SAM file is available and the SAM file contain a Security Information, so I created a Free Windows XP SP2 Logon account (Administrator Account without password) that means when windows Lunch it Will enter directly to the system without asking about any password And windows will store this Account in The SAM file on My PC So the SAM file on My PC contain an Account will Make you enter Directly to the Windows, so I will take My SAM File and Replace (by renaming, we will need the original file to recover our way) It with the other SAM File in The Other System or Machine So When you restart It will make you enter directly to the Windows With Administrator Like Account ,do what you need and then back all things to the previous state. All These Steps will be under other system bootable DOS, Knoppiex, Windows Live CD, Because Windows XP will not make u able to copy the Files
1- Download My 2 SAM files I Include them in Downloads
2- Go to the target Machine , and try to Access it and Boot from any device CD-ROM, Floppy, NIC if it haven't any of those Read Hint 9
3- After Get Access to the Boot Command prompt c:> or Boot Live OS CD, Go to the windows folder$windir$\system32\config And Copy the SAM File and System File (we will need it later) To other folder, Then go to$windir$\repair copy SAM file
And then Rename the 2 SAM Files to SAM1 in their original places
4- Copy My SAM/config File and Paste it in the windows folder $windir$\system32\config Copy My SAM/Repair File and Paste it in the windows folder $windir$\repair (may this step not required)
5- Reboot and Make windows enter Normally
6- Yeah, No You are in The System
7- Copy the files in step 3 to Floppy Disk or Flash Stick Or Send it to your mail via Internet
8- After finish repeat step 2 and delete My SAM files and Rename Both SAM1 to SAM
9- Reboot , Congratulation you recover your way
1-L0phtcrack v4.0 (LC4 alternate name) the most famous on the NET
2-SAMInside http://www.insidepro.com/I include on the Downloads
I will explain fast SAMInside
This is the main window press Ctrl+O or by mouse click Import SAM and SYSTEM
Window will open to import the 2 files and the program will start to crack the Accounts and get them, and then display users names and their passwords
Any other tool will do the job try all and select your best I Explain here SAMInside because he give me results with 6 character only password and get it FAST
Ctrl+Alt+Delet
Give you another Access Dialog
Steps:
1-After getting Admin Password enter to the system
2-create an Account with password
3-click start - > Run - > type Regedit press Enter
4-Go to
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\ CurrentVersion\Winlogon\SpecialAccounts\UserList
5- Create a new DWORD Value on the UserList
6-Name it with Name of Account to be Hidden
7-set the Value Data of this DWORD Value to 0 to hide it /1 to appear it
8- close Regedit and Reboot
9- Press Ctrl+Alt+Delete when logon Screen Appear another login dialog appear type You hidden user name and password and press Enter
Note:
1- the account profile will be visible in \Documents and Settings, But it will be hidden from Logon Screen and User Account in the control panel
2-there is other method that Inject your Account directly to the Admin SAM without know the Admin Pass, but believe me you don't Expect the result, so if you want try it (if the password hard to get)
HP Always amazing me to do this we need 2 tools
1- HP USB Disk Storage Format Tool v 2.0.6 I include in Downloads If u want to find more go to http://www.hp.com/
2- NTFSDOS Professional Boot Disk Wizard I include in Downloads If u want to find more go tohttp://www.winternals.com/
Just connect your USB Storage
steps:
1- Prepare a Startup Disk or Startup CD , Or any Equivalent
2- In the HP tool select the Device->your USB Storage
3- Select File System FAT or FAT32
4- Check "create a DOS startup disk" checkbox and then select option "using DOS System Files Located at"
5- brows your location
6- Click Start
7- Now you have a Bootable USB Storage Device
8- Now in the NTFSDOS Professional Boot Disk Wizard follow the wizard and you will get a NTFS bootable USB Storage
Why we need NTFS ?
If the Partition of the Windows System is NTFS so with normal Startup you will not be able to access any files because the File System is not Recognized by MS-DOS when we install NTFSDOS Professional on the bootable disk it will allow you To Access any File Under NTFS
Note:
Make sure that the option in Mother board Setup of First Boot "USB-Hard Disk" if you want to boot from a USB
This subject is huge I try to find simple or clever way but as u know many PC's many machines many bios versions and updates so I search the net for the best and I list below ,but if this doesn’t help I recommend you to find the bios version and the motherboard and search the net on Google, yahoo, yahoo groups and other you will find some thing help u
HOW TO BYPASS BIOS PASSWORDS
http://www.elfqrin.com/docs/biospw.html
Removing a Bios - CMOS Password
http://www.dewassoc.com/support/bios/bios_password.htm
How to Bypass BIOS Passwords
http://www.uktsupport.co.uk/reference/biosp.htm
How to Bypass BIOS Passwords
http://www.i-hacked.com/content/view/36/70/
Default Password List
2006-04-30
http://www.phenoelit.de/dpl/dpl.html
Award BIOS backdoor passwords:
ALFAROME--------BIOSTAR--------KDD--------ZAAADA-------- ALLy--------CONCAT--------Lkwpeter--------ZBAAACA-------- aLLy-------- CONDO--------LKWPETER--------ZJAAADC-------- aLLY--------Condo--------PINT--------01322222-------- ALLY--------d8on--------pint--------589589-------- aPAf--------djonet--------SER--------589721-------- _award--------HLT--------SKY_FOX--------595595-------- AWARD_SW--------J64--------SYXZ--------598598 AWARD?SW--------J256--------syxz-------- AWARD SW--------J262--------shift + syxz-------- AWARD PW--------j332--------TTPTHA-------- AWKWARD--------j322-------- awkward
AMI BIOS Backdoor Passwords:
AMI--------BIOS--------PASSWORD--------HEWITT RAND-------- AMI?SW--------AMI_SW--------LKWPETER--------CONDO
Phoenix BIOS Backdoor Passwords: phoenix--------PHOENIX--------CMOS--------BIOS
Misc. Common Passwords
ALFAROME--------BIOSTAR--------biostar--------biosstar-------- CMOS--------cmos--------LKWPETER--------lkwpeter-------- setup--------SETUP--------Syxz--------Wodj
Other BIOS Passwords by Manufacturer
Manufacturer--------Password
VOBIS & IBM-------- merlin
Dell--------Dell
Biostar-------- Biostar
Compaq--------Compaq
Enox--------xo11nE
Epox--------central
Freetech--------Posterie
IWill--------iwill
Jetway--------spooml
Packard Bell--------bell9
QDI--------QDI
Siemens--------SKY_FOX
TMC--------BIGO
Toshiba--------Toshiba
Toshiba--------BIOS
Most Toshiba laptops
and some desktop systems will bypass the BIOS password if the left shift key is held down during boot
IBM Aptiva BIOS
Press both mouse buttons repeatedly during the boot
2-To Hackers / Security Systems Engineers
3-Close Lock to hole
4-Dose Microsoft Know and Why!?
5-Understand the Idea
6-Get Admin Like Account (The Simple Way)
7-Crack the SAM-Know the real Admin Password and Apply Hint 8
8-Creat a Hidden User Account
9-USB Boot for FAT32, NTFS or any File System
10-Mother Boards Default Passwords and how to extract it if you are in The system
1-Introduction
This article introduce very simple way to get Administrator like account and do the job and after finish recover your way, after that Get Admin Password later in your home by Cracking, After get the Admin Password Create a hidden user account and do all your jobs free, and Explain how to make a USB Storage Device Bootable corresponding to any system boot, and how to bypass Mother Board password by Default Passwords, and how to extract it if you are in the system2-To Hackers / Security Systems Engineers
First All must know that both Hackers / Security Systems Engineers Are 2 faces to the same coin Any way, I try this on Windows XP SP2 I want all to try it on Windows Server 2003, Windows Vista Any Windows NT and POST a Message to make all know what versions exactly this idea can apply for3-Close Look to hole
Microsoft stores all Security Information in many files but the main file is the SAM file (Security Accounts Manager)! this file contain critical information about users account you can explore the folder$windir$\system32\config
You will find all things and may discover some thing new, but what amazing here is that the file is available, so we can apply our idea
4-Dose Microsoft Know and Why!?
Yes Microsoft Know all things, and done on purpose why? I always for many years ask my self why Microsoft doesn’t do real security on their systems from the CD setup to all security aspects In the system, I found(my opinion may wrong)that they need to achieve 2 strategic things1-They need their software spread and all depend on it and in one day when they feel that they are the One The security will done and all money will go to One Pocket
2-They Forced/Like to Make Some Organizations Hack other systems
Proof:
They can make this File SAM Unavailable by storing the information in FAT, FAT32, NTFS Areas (Sectors reserved by The Operating SYSTEM to Store the Addresses of the files on the HardDisk File Allocation Table) So that it is hard to extract. But they don't!!!!!
5-Understand the Idea
The Idea is simple I will explain it manually and it can then be programmed it is so easy here is the ideaThe SAM file is available and the SAM file contain a Security Information, so I created a Free Windows XP SP2 Logon account (Administrator Account without password) that means when windows Lunch it Will enter directly to the system without asking about any password And windows will store this Account in The SAM file on My PC So the SAM file on My PC contain an Account will Make you enter Directly to the Windows, so I will take My SAM File and Replace (by renaming, we will need the original file to recover our way) It with the other SAM File in The Other System or Machine So When you restart It will make you enter directly to the Windows With Administrator Like Account ,do what you need and then back all things to the previous state. All These Steps will be under other system bootable DOS, Knoppiex, Windows Live CD, Because Windows XP will not make u able to copy the Files
6-Get Admin Like Account (The Simple Way)
1- Download My 2 SAM files I Include them in Downloads
2- Go to the target Machine , and try to Access it and Boot from any device CD-ROM, Floppy, NIC if it haven't any of those Read Hint 9
3- After Get Access to the Boot Command prompt c:> or Boot Live OS CD, Go to the windows folder$windir$\system32\config And Copy the SAM File and System File (we will need it later) To other folder, Then go to$windir$\repair copy SAM file
And then Rename the 2 SAM Files to SAM1 in their original places
4- Copy My SAM/config File and Paste it in the windows folder $windir$\system32\config Copy My SAM/Repair File and Paste it in the windows folder $windir$\repair (may this step not required)
5- Reboot and Make windows enter Normally
6- Yeah, No You are in The System
7- Copy the files in step 3 to Floppy Disk or Flash Stick Or Send it to your mail via Internet
8- After finish repeat step 2 and delete My SAM files and Rename Both SAM1 to SAM
9- Reboot , Congratulation you recover your way
7-Crack the SAM-Know the real Admin Password and Apply Hint 8
There is many ways I will introduce 2 ways and explain 1 After you get the SAM File and System File there are Programs That extract the Accounts and their passwords, depending on the idea of cracking the HASH (the HASH is one way encryption method) so that The program will generate random passwords and convert them to HASH and then compare it with the HASHES in the SAM File , so it may take a long time but for fast you will pay more money for ready made HASHES with their user names and passwords the 2 program are1-L0phtcrack v4.0 (LC4 alternate name) the most famous on the NET
2-SAMInside http://www.insidepro.com/I include on the Downloads
I will explain fast SAMInside
This is the main window press Ctrl+O or by mouse click Import SAM and SYSTEM
Window will open to import the 2 files and the program will start to crack the Accounts and get them, and then display users names and their passwords
Any other tool will do the job try all and select your best I Explain here SAMInside because he give me results with 6 character only password and get it FAST
8-Creat a Hidden User Accountn
Windows NT / Windows 2000 and Windows XP has a security setting to hide accounts from the Logon Screen/Control panel users accounts
Ctrl+Alt+Delet
Give you another Access Dialog
Steps:
1-After getting Admin Password enter to the system
2-create an Account with password
3-click start - > Run - > type Regedit press Enter
4-Go to
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\ CurrentVersion\Winlogon\SpecialAccounts\UserList
5- Create a new DWORD Value on the UserList
6-Name it with Name of Account to be Hidden
7-set the Value Data of this DWORD Value to 0 to hide it /1 to appear it
8- close Regedit and Reboot
9- Press Ctrl+Alt+Delete when logon Screen Appear another login dialog appear type You hidden user name and password and press Enter
Note:
1- the account profile will be visible in \Documents and Settings, But it will be hidden from Logon Screen and User Account in the control panel
2-there is other method that Inject your Account directly to the Admin SAM without know the Admin Pass, but believe me you don't Expect the result, so if you want try it (if the password hard to get)
9-USB Boot for FAT32, NTFS or any File System
HP Always amazing me to do this we need 2 tools
1- HP USB Disk Storage Format Tool v 2.0.6 I include in Downloads If u want to find more go to http://www.hp.com/
2- NTFSDOS Professional Boot Disk Wizard I include in Downloads If u want to find more go tohttp://www.winternals.com/
Just connect your USB Storage
steps:
1- Prepare a Startup Disk or Startup CD , Or any Equivalent
2- In the HP tool select the Device->your USB Storage
3- Select File System FAT or FAT32
4- Check "create a DOS startup disk" checkbox and then select option "using DOS System Files Located at"
5- brows your location
6- Click Start
7- Now you have a Bootable USB Storage Device
8- Now in the NTFSDOS Professional Boot Disk Wizard follow the wizard and you will get a NTFS bootable USB Storage
Why we need NTFS ?
If the Partition of the Windows System is NTFS so with normal Startup you will not be able to access any files because the File System is not Recognized by MS-DOS when we install NTFSDOS Professional on the bootable disk it will allow you To Access any File Under NTFS
Note:
Make sure that the option in Mother board Setup of First Boot "USB-Hard Disk" if you want to boot from a USB
10-Mother Boards Default Passwords and how to extract it if you are in The system
This subject is huge I try to find simple or clever way but as u know many PC's many machines many bios versions and updates so I search the net for the best and I list below ,but if this doesn’t help I recommend you to find the bios version and the motherboard and search the net on Google, yahoo, yahoo groups and other you will find some thing help u
HOW TO BYPASS BIOS PASSWORDS
http://www.elfqrin.com/docs/biospw.html
Removing a Bios - CMOS Password
http://www.dewassoc.com/support/bios/bios_password.htm
How to Bypass BIOS Passwords
http://www.uktsupport.co.uk/reference/biosp.htm
How to Bypass BIOS Passwords
http://www.i-hacked.com/content/view/36/70/
Default Password List
2006-04-30
http://www.phenoelit.de/dpl/dpl.html
Award BIOS backdoor passwords:
ALFAROME--------BIOSTAR--------KDD--------ZAAADA-------- ALLy--------CONCAT--------Lkwpeter--------ZBAAACA-------- aLLy-------- CONDO--------LKWPETER--------ZJAAADC-------- aLLY--------Condo--------PINT--------01322222-------- ALLY--------d8on--------pint--------589589-------- aPAf--------djonet--------SER--------589721-------- _award--------HLT--------SKY_FOX--------595595-------- AWARD_SW--------J64--------SYXZ--------598598 AWARD?SW--------J256--------syxz-------- AWARD SW--------J262--------shift + syxz-------- AWARD PW--------j332--------TTPTHA-------- AWKWARD--------j322-------- awkward
AMI BIOS Backdoor Passwords:
AMI--------BIOS--------PASSWORD--------HEWITT RAND-------- AMI?SW--------AMI_SW--------LKWPETER--------CONDO
Phoenix BIOS Backdoor Passwords: phoenix--------PHOENIX--------CMOS--------BIOS
Misc. Common Passwords
ALFAROME--------BIOSTAR--------biostar--------biosstar-------- CMOS--------cmos--------LKWPETER--------lkwpeter-------- setup--------SETUP--------Syxz--------Wodj
Other BIOS Passwords by Manufacturer
Manufacturer--------Password
VOBIS & IBM-------- merlin
Dell--------Dell
Biostar-------- Biostar
Compaq--------Compaq
Enox--------xo11nE
Epox--------central
Freetech--------Posterie
IWill--------iwill
Jetway--------spooml
Packard Bell--------bell9
QDI--------QDI
Siemens--------SKY_FOX
TMC--------BIGO
Toshiba--------Toshiba
Toshiba--------BIOS
Most Toshiba laptops
and some desktop systems will bypass the BIOS password if the left shift key is held down during boot
IBM Aptiva BIOS
Press both mouse buttons repeatedly during the boot
License
0 0
- Hacking Windows XP SP2 Security
- Access Windows XP SP2 Security Center via WMI
- Access Windows XP SP2 Security Center via WMI铪铪铪
- Windows XP SP2完全攻略
- Windows XP SP2 服务详解
- Windows XP SP2的设置
- Windows XP SP2之初体验
- 【分享】Windows XP SP2 Build 2177 Nfo
- 激活您的Windows XP SP2
- DIY自己的windows xp SP2安装盘.
- Windows xp sp2工作站间DCOM设置
- 解决Windows XP SP2乱码补丁
- (转载)Windows Xp Sp2溢出保护
- 【分析】Windows Xp Sp2溢出保护
- 自定义浏览器(Updated for Windows XP SP2)
- anti Windows XP SP2 firewall trick
- Windows XP SP2防火墙的设置
- Windows xp sp2上安装iis出错
- 影视之我看——写自己的剧本
- QT学习1.环境搭建,入门相关
- 快速排序之算法导论实现
- linux系统启动流程一览
- IOS开发学习的好资料大搜藏
- Hacking Windows XP SP2 Security
- ZOJ Monthly, October 2010 ABEFI
- carrierwave + magickimage实现图片切割上传
- wenwen.sogou.com/z/q583938121.htm
- 初识ClassLoader
- MessageBox的使用
- 2014年7月7日晚笔记
- jkkkkkkkkkkkkk
- 耻
