We reviewed Kon Boot 1.0 last year HERE which was a great breakthrough program that allowed you to boot into a Windows machine and bypass the logon screen without entering a password. To accomplish this, Kon Boot hooks the bios on the fly subverting the Windows kernel authentication temporarily and allowing you access. Since this is a temporary process the computer is back to normal when you reboot. This allowed you to access the computer without having to take the time to reset the password or crack it, and it left the computer untouched. Now, a year later, Kon Boot v1.1 has been released with new features, such as booting from floppy,CD, or usb, privilege escalation support which allows you to gain SYSTEM privileges from ANY account on the system. For example, you can boot from Kon Boot and log in as Guest and run ‘Net User’ command to add a new user,reset admin passwords etc as SYSTEM

It also has a bunch of new bug fixes/updates.

1. – Added 64-bit environment support
2. – Added USB support tools (grldr, klmemusb)
3. – Added debugging code to make it easier to track down various compatibility problems
4. – Fixed bug in Windows 7 support failures
5. – Removed Linux support
6. – Many performance improvements to source code
7. – Improved BIOS support by reducing code size significantly

Unfortunately it is no longer free. But for a meager price of $15.99 for a personal license, it gives you free updates and support for a period of 6 months. You can still use it without restrictions after that period.
They also offer a commercial license, for $75.99 with 1 year of support and updates, allowing you to use on business environment.
To purchase Kon Boot v1. 1,visit their website http://www.kryptoslogic.com

We are also giving away 10 personal licenses this week to some lucky readers!!! More details to come!!!

A hacker named Kirllos seems to have sold close to 700,000 accounts, and has a rare deal for anyone who wants to spam, steal or scam on Facebook: an unprecedented number of user accounts offered at rock-bottom prices. Kirllos’ Facebook prices are extremely cheap compared to what others are charging. In its most recent Internet Security Threat Report, Symantec found that e-mail usernames and passwords typically went for between $1 to $20 per account — Kirllos wants as little as $0.025 per Facebook account.

This is a forensic tool to deal, in an offline way, with Microsoft Windows® protected data, using the DPAPI (Data Protection API).
A non-exhaustive list of those recoverable secrets are :

* EFS certificates
* MSN Messenger credentials
* Internet Explorer form passwords
* Outlook passwords
* Google Talk credentials
* Google Chrome form passwords
* Wireless network keys (WEP key and WPA-PMK)
* Skype credentials

Of course you need to know the user’s current password, you can recover it from the SAM.
Download Here
You can also read an excellent article on the undocumented process of recovering DPAPI passwords here

Our Post Made pretty by Kate Bingaman Burt.

This pdf document is for people who want to learn to the how and why of password cracking. There is a lot of information being presented and you should READ IT ALL BEFORE you attempted doing anything documented here. (more…)

Ophcrack Password-cracking tool was optimised to work with SSDs have achieved speeds up to 100 times faster when compared to their old 8GB Rainbow Tables for XP hashes. After optimizing its rainbow tables of password hashes to make use of SSDs Swiss security firm Objectif Sécurité was able to crack 14-digit WinXP passwords with special characters in just 5.3 seconds. A free test can be found here.

When you try to start or restart your Windows XP-based computer,
you may receive one of the following error messages:

Windows XP could not start because the following file is
missing or corrupt: \WINDOWS\SYSTEM32\CONFIG\SYSTEM

Windows XP could not start because the following file is
missing or corrupt: \WINDOWS\SYSTEM32\CONFIG\SOFTWARE

Stop: c0000218 {Registry File Failure} The registry cannot load the hive (file): \SystemRoot\System32\Config\SOFTWARE or its log or alternate

System error: Lsass.exe
When trying to update a password the return status indicates that the value provided as the current password is not correct.

Sometimes this can be corrected using chkdsk /r /f from recovery console

other times you need to boot into the recovery console using the XP install CD
and use the directions here http://support.microsoft.com/kb/307545 which involves typing a
whole bunch of commands into the console and hope that you dont make any mistakes typing.
Alot of people either lost or don’t have the XP install CD and if you do it’s a pain in
the ass to type all of that.

So the alternative would be to either:
1. boot from WindowsPE type disk and backup/copy the registry hive files to the folders
or
2. slave the drive to another computer and backup/copy the registry hive files to the folders

which is also tedious because you have to copy hive files over,back up old hives, and rename the new hives
This is where HiverestoreXP comes in handy because it automates the process for you.
It’s dead simple to use.

Download HiveRestoreXP

[downloadcounter(HiveRestoreXP)] downloads

If you are trying to use this on a slaved drive you may not have proper permissions to open the “System Volume Information” folder and the program wont show any restore points, use the instructions here to take gain access before running the program http://support.microsoft.com/kb/309531

most of the time you can run this command:
cacls "driveletter:\System Volume Information" /E /G username:F
then remove the permissions using this:
cacls "driveletter:\System Volume Information" /E /R username

It’s here ,it’s here!
Finished the third edition of our TechTools compilation and its ready for download 🙂

What is it? : TechTools is for techs and people who work on computers everyday,
and need updated programs to keep with them on their usb key.

Tech Tools uses Ketarin, which is an application downloader that
checks to see if an application has been updated and downloads it if so.
The genius in this tool is that we dont have to have you download all these
tools at one time from our website, you’re going to be downloading each file
individually from the app’s website. This helps with our bandwidth costs and
some authors of the applications, while freeware, wanted the only download of
their software to be at their own sites.

The result is a pretty menu with a crapload of tools for you to use on-site, and a very easy way to keep all of these tools up to date. 😀

I’ve compiled a list of apps that meet this simple criteria:
1. portable (no crappy installing) although we included some installs for great apps
2. free (dont have to worry about distributing & licensing issues)
3. the app works with no issues
4. useful

Download TechTools 3.0

Back in October we showed you a video on how to own a Windows domain by passing the hash from the local admin account to the domain server to add a new domain admin account. This newer version makes the task much easier using Backtrack4 and metasploit.

You know the lock-screen gesture protection used on Iphone/Android smartphones to prevent people from picking up your phone and having immediate access to all your personal information? Right, well, I hope you’re not relying on your phone’s swipe gesture protection to keep all your dirtiest secrets from falling into the wrong hands.
The next image is a good example of how easy it is to circumvent the Nexus One’s lock-screen gesture password.
(more…)