TrackSomebody.com

october27thgroup.com pentesting, pci, red team

illmob.org

Change Vista Password From Install DVD

February 14th, 2009 by admin in News, Password Info, windows


Please take note that this handy tip is intended to recover/regain a forgotten Vista Administrator password. It is not intended to illegally hacking into a Vista system that’s not owning by users who refer this guide!! It is also intended to inform Vista users about the method by which anyone can access their private accounts by cracking passwords….Thus anyone can hack into administrator account and bypass guest user restrictions…. Lets start… Steps to hack Windows Vista Administrator account password: (more…)

View LSA Secrets On An External Drive

December 9th, 2008 by admin in Password Info, windows

The new version of LsaSecretsView from nirsoft allows you to extract the LSA secrets from an external instance of Windows operating system. This feature can be useful if you have a dead system that cannot boot anymore.
You can use this feature from the user-interface, by using the ‘Advanced Options’ in the File
menu, or from command-line, by using the /external parameter.
This feature was also added to LSASecretsDump, which is the console version of LsaSecretsView.

Be aware the currently this feature works for Windows 2000/XP/2003, but not for Windows Vista.

Saved Password Locations

November 25th, 2008 by admin in Firefox, Password Info, Trillian, windows, Yahoo

Many people ask about the location in the Registry or file system that applications store the passwords. Here is a list of password storage locations for popular applications compiled by Nir Sofer.
Be aware that even if you know the location of the saved password, it doesn’t mean that you can move it from one computer to another. many applications store the passwords in a way that prevent you from moving them to another computer or user profile. (more…)

Change XP Password With Install CD

November 9th, 2008 by admin in News, Password Info, windows

If you forgot your Windows login password which contains your most valuable data with your all favorite setting and you fear about loosing all the data and settings? Then you don’t worry about this problem, if unfortunately you have this problem. Here is the best method to restore your Windows login password provided if you have the Windows installation CD.

1. Place your Windows XP CD in your cd-rom and start your computer (it’s assumed here that your XP CD is bootable – as it should be – and that you have your bios set to boot from CD)

2. Keep your eye on the screen messages for booting to your cd Typically, it will be “Press any key to boot from cd”

3. Once you get in, the first screen will indicate that Setup is inspecting your system and loading files.

4. When you get to the Welcome to Setup screen, press ENTER to Setup Windows now

5. The Licensing Agreement comes next – Press F8 to accept it.

6. The next screen is the Setup screen which gives you the option to do a Repair.

It should read something like “If one of the following Windows XP installations is damaged, Setup can try to repair it”

Use the up and down arrow keys to select your XP installation (if you only have one, it should already be selected) and press R to begin the Repair process.

7. Let the Repair run. Setup will now check your disks and then start copying files which can take several minutes.

8. Shortly after the Copying Files stage, you will be required to reboot. (this will happen automatically – you will see a progress bar stating “Your computer will reboot in 15 seconds”

9. During the reboot, do not make the mistake of “pressing any key” to boot from the CD again! Setup will resume automatically with the standard billboard screens and you will notice Installing Windows is highlighted.

10. Keep your eye on the lower left hand side of the screen and when you see the Installing Devices progress bar, press SHIFT + F10. This is the security hole! A command console will now open up giving you the potential for wide access to your system.

11. At the prompt, type NUSRMGR.CPL and press Enter. Voila! You have just gained graphical access to your User Accounts in the Control Panel.

12. Now simply pick the account you need to change and remove or change your password as you prefer. If you want to log on without having to enter your new password, you can type control userpasswords2 at the prompt and choose to log on without being asked for password. After you’ve made your changes close the windows, exit the command box and continue on with the Repair (have your Product key handy).

13. Once the Repair is done, you will be able to log on with your new password (or without a password if you chose not to use one or if you chose not to be asked for a password). Your programs and personalized settings should remain intact.

Oracle User Privilege Escalation

October 29th, 2008 by admin in Privilege Escalation

An Oracle DB user which has been granted CREATE ANY DIRECTORY can use that system privilege to grant themselves the SYSDBA system privilege by creating a DIRECTORY pointing to the password file location on the OS and then overwriting it with a previously prepared known binary password file using UTL_FILE.PUT_RAW from within the DB.

This paper will show how the issue can be exploited and most importantly how to secure against it. This is an original vulnerability affecting current versions of the DB and please note that Oracle Corp’s Security Department have already been informed in accordance with ethical procedures and have given their permission to publish.

Proof of concept code tested on 10.1, 10.2 and 11g on both Linux and Windows and is available below.

Here is the paper.

Here is the code.

New Windows RPC Exploit

October 26th, 2008 by admin in windows

If you haven’t been auto-updated yet make sure you do. The vulnerability could allow remote code execution if an affected system received a specially crafted RPC request. On Microsoft Windows 2000, Windows XP, and Windows Server 2003 systems, an attacker could exploit this vulnerability without authentication to run arbitrary code. It is possible that this vulnerability could be used in the crafting of a wormable exploit.
http://blogs.technet.com/swi/archive/2008/10/23/More-detail-about-MS08-067.aspx

http://www.microsoft.com/technet/security/Bulletin/ms08-067.mspx

lm2ntcrack : NT Hash cracker from LM Password

October 19th, 2008 by admin in News, Password Info, windows

lm2ntcrack provides a simple way to crack instantly Microsoft Windows NT Hash (MD4) when the LM Password is known. lm2ntcrack is Free and Open Source software.
This software is entirely written in Perl, so its easily ported and installed.
(more…)

Change MSSQL2005 Password from Command Prompt

October 17th, 2008 by admin in News, Password Info, windows

SA is the administrative login for the MSSQL. To Change the MSSQL SA password please use following steps:

Step 1. Go to the command prompt of the server ( Start >> Run >> Cmd ) and type in command

osql –L


This command will list all the MSSQL servers near you.

Step 2. Copy full name of required MSSQL server and type

osql -S copied_servername –E


By this command you’ll connect to MSSQL server using Server administrator account (Windows Authentication).

Step 3. To change sa password you should execute the following query:

1> sp_password NULL,’new_password’,’sa’
2> go


Here the new_password will be the password which you want to set.

Now try to login to MSSQL using new password.

Another quick way:

OSQL -S MyServer -E -Q "EXEC sp_defaultdb 'sa', 'master'"
OSQL -S MyServer -E -Q "EXEC sp_password NULL, 'NewPassword', 'sa'"

Logon Automatically and lock computer

October 11th, 2008 by admin in News, Password Info, windows

So your the only user on your computer and you want to have the security of your own password, but you don’t want to have to wait for all your startup programs to launch when you first boot up. You wish there was just some way to have your computer startup, load all your programs, but be secure so that it does it all in the background of the login screen and you don’t have to wait for it.

Paying something like $50 for a program such as Tweak UI is just out of the question, wouldn’t you agree? Well, luckily for you, you can do this for free! Just follow the next couple of steps in this post and you will have your dream in no time.
(more…)

KeyCarbon USB Keylogger

October 8th, 2008 by admin in Apple, Linux, News, windows

I had a chance to review the Keycarbon USB Home Mini this week. I’ve been wanting to try one of these to see how they would compare to a PS/2 keyboard logger, PS/2 is still pretty popular as far as cheaper keyboards but the shift in technology is going more towards USB keyboards. I was pretty impressed by the quality of the keylogger and its simple installation.




Who would need a device like this?

  • Business owners needing to monitor employees
  • Parents needing to monitor children
  • People who might need backups of things they type (writers etc)
  • Private investigators, law enforcement, hackers, James Bond 🙂

Why would someone want a hardware keylogger as opposed to a software based one? Well this question has it’s pros and cons:

The pros are:

  • It’s dead simple to install , just unplug the keyboard,plug this device in , and plug the keyboard into the device ,that’s it!
  • No need for root/admin level permissions to install
  • It can be installed on any system that has a USB port (Windows,Mac,Linux etc)
  • Since it’s hardware-based it wont be detected by antivirus/malware programs ever
  • It picks up EVERYTHING typed, even bios password passwords and log-ons

The cons are:

  • Since it doesn’t interact with the operating system it can’t get the name of windows where the text was typed so it makes it a chore to scan the logs for the juicy information
  • Easy to prevent logging by just removing the logger form the computer (which most people won’t be aware of anyhow, who actually crawls behind their computer everyday?)
  • Recovery of logs might be more difficult because they are stored physically on the device and not sent to a remote location. But if you were able to install it in the first place , then recovering it shouldn’t that much harder.
  • If the person has a PS/2 keyboard you can’t use an adapter because the device needs power from the USB port to work

Recovering the logs from the device can be done on any computer even though they offer the software to recover the logs faster, it’s not needed which makes this device a good tool to have in your arsenal. To recover the logs alls you you need to do is open any text editor (notepad etc…) and type in the password (default password is phxlog) and the device goes into menu mode, where you have a few options to choose
you have open so it’s best to open notepad or wordpad or any *nix/MAC equivalent before typing this. This menu will give you various options for the device ,which are:

  1. Partial/Full Log download
  2. Erase logs (quick or thorough)
  3. Setting the default password (alphanumeric only,under 17 chars)
  4. Firmware upgrade
  5. Diagnostics
  6. Speed (that the logs are typed)

Once you choose read the logs it starts auto typing the logs onto whatever window is open has the main focus (which is why you need to open a text editor).  If you don’t like to wait for it to auto-type (you might have days of saved logs) you can get the software to download it in one swoop. The only problem with the software that as of now it’s only compatible with windows.

Detection of the Device:

Because the device doesnt install into the operating system its pretty much insvisible to the normal user. Only a trained computer expert would notice the device it because the only sign it’s there is that it is seen as a USB hub by the OS. It shows up as a “generic 4 port hub Vid_0451&Pid_2046” Vendor id of 0451 and a product id of 2046, which comes up as a generic Texas instruments device which wont raise many eyebrows. Because it’s a USB 1.1 hub it is possible that it may be discovered if someone plugs a USB 2.0 keyboard inline with it. (They might get a warning message telling them that their device can perform at a higher speed if they use a different port.) But the chances are slim of someone needing to replace their keyboard.

All in all this device is a stable tool to use, it logged with no problems at all with every keyboard/OS i used with it.  Although the price is a little high for most people, it’s well priceless for businesses who need to keep an eye on employees, or a parent who needs to monitor their children’s internet activity. I want to thank Keycarbon for giving me the opportunity to review and test this device. Check out their site for other devices they offer that I didn’t get to review , but are another great alternative to stealth hardware logging.

« Previous ArticleNext Article »