Ok, for most of you out there in the IT fields you have probably come across a situation where you needed access to a machine and the password was not available for on of millions of weird reasons.
Originally I used a suite of tools called the PC Doctor (not to be confused with The Computer Doctor) which resets the password parameter.
I also used OphCrack (bootable CD or as part of Backtrack 3 & 4) which cracked the Hash with pre-configured rainbow tables. This could take between 5 - 15 minutes depending on the targets processor.
I finally found a new tool, thanks to Snubbs at HAK5, which is fast and undetectable.
The tool is called Kon-Boot which is deployed as a bootable CD or Floppy.
Instead of cracking a password or changing the password, it temporarily changes the kernel so you just press enter and you get into the local machine. The only downside is this is for local machine use only and does not log you into Active Directory (to my knowledge).
Another plus is that this disk can be used for both Microsoft as well as some Linux Distros. Just insert the disk, boot up, press any key when the screen comes up and press enter when asked for the windows password. (see the website for Linux instructions)
According to the website this disk works on Windows XP, Vista, 7, Server 2003, Server 2008, and with Grub 0.97 Gentoo, Ubuntu, Debian and Fedora.
Attention all bored hackers. If anyone can test this program on the following systems and report back, i'll re-edit this post and credit your find. Windows 95, 98, NT workstation, 2000, ME, XP CE, XP SE, NT server and server 2000. Also Kubuntu, Edubuntu, Mepis, OpenSuse, and any other mainstream Linux Distros.
No comments:
Post a Comment