Over this past week I had a job come in the shop of a Sony Vaio laptop that had a bad motherboard. I had searched on Ebay for a cheap buy and settled on someone who had the same motherboard for about $100 less than anyone else. When I received the motherboard I promptly installed it , upon powering it up I was faced with a password prompt. Dammit! The motherboard had a BIOS password that wasn’t mentioned in the auction. Now being that I know most known methods for bypassing BIOS passwords, Sony has no known method of removing the password. I talked to a few friends and was forwarded to http://spunlock.com .

I was a bit weary at first about paying for a service , but the customer needed their laptop back that day to go on a trip. So getting the customer’s O.K. I purchased the BIOS cracking service.In order to get the correct challenge response BIOS code for most laptops you needs to enter the password incorrectly 3 times, after the third time , the BIOs should spit back a challenge code, this is what they need in order to crack the code.

After sending the payment and challenge code,much to my amazement 1 1/2 hours later I was opening an email with my code to remove the BIOS password. I punched it in and I was now watching Windows starting up. Spunlock has BIOS cracking support for many laptop brands like Dell,Fujitsu,Sony (of course) and more. So for you Techs and others who got burned on ebay, or people who simply forgot their password , give them a shot, you have nothing to lose, Don’t forget to mention whatsmypass.com in your email to them 🙂

ACER:SOME
ADVENT:SOME
ASUS:SOME
COMPAQ:SOME
DELL:ALL + 2A7B
E-SYSTEM:SOME
FUJITSU SIEMENS:ALL
HP:SOME
PACKARD BELL:SOME
PHILLIPS:SOME
SAMSUNG:SOME
SONY VAIO:ALL
TOSHIBA:SOME

Software makers elmcomsoft were denied use of their PGP cracking wallpaper on their exhibit by Reed Exhibitions supposedly from complaints by PGP

Via: blog.crackpassword.com

Somebody hacked the ESPN.com site to accept the Konami code:
(↑ ↑ ↓ ↓ ← → ← → B A) and then to start adding unicorns and rainbows to the page every time you hit ENTER.

Someone from 4Chan has hacked the MobileMe account of actress Salma Hayek
and posted the account details on their Anonymous board.

The poster who began the thread (the O.P.) posted the following factoids for all to see and use to access Salma Hayek’s MobileMe e-mail account.

Her email address is [email protected]
Go to me.com, forgot password, type [email protected]
Her birthday is Sept. 2
Answer to change password question is: frida

Like Kon-boot we talked about in our last post VBootkit 2.0 is an updated code from 2007 that hasnt hit the internet yet , but is pretty much the same idea, modify the bootmgr and you essentially can modify the security checks on the fly to let you do anything you wanted on the system as any user without knowing the password. Read more from there authors site ::HERE::

VBootkit 2.0 is a follow-up to earlier work that Kumar and Kumar have done on vulnerabilities contained in the Windows boot process. In 2007, Kumar and Kumar demonstrated an earlier version of VBootkit for Windows Vista at the Black Hat Europe conference.

The latest version of VBootkit includes the ability to remotely control the victim’s computer. In addition, the software allows an attacker to increase their user privileges to system level, the highest possible level. The software can also able remove a user’s password, giving an attacker access to all of their files. Afterwards, VBootkit 2.0 restores the original password, ensuring that the attack will go undetected.

Accessing a Windows computer without knowing the password is fairly simple with this free tool called Kon-Boot .There are alternatives like Ophcrack etc, but those rely on grabbing the SAM hashes and cracking those. What sets Kon-Boot apart is that is modifies the kernel on-the-fly while booting (everything is done virtually – without any interferences with physical system changes) and allows you to log into any account without entering a password. All you have to do is insert a boot (cd or floppy) disk burned with Kon-boot software(110kb) in to the computer and boot up.
(more…)

via: handlewithlinux.com

A good password has the problem of being difficult to remember. And sometimes you might need to get in to a system where the root password is long forgotten (or left with the system administrator before you).
Luckily there are ways of getting access to systems without having the password. This is of course in a sense also a security risk. That’s why you should always be aware that having unattended physical access to a computer system means the same as having root access to the operating system. Unless the information on a system is encrypted, it’s only as save as the room it’s in.

The method to use to reset the password if you lost the root (or only) password depends on the configuration of your system. But it mostly comes down to two separate tasks:

– get write access to the root partition

– change the password/circumvent control

Here are some things you can try from easy to more complicated. (more…)

This python script generates master passwords which can be used to unlock the BIOS passwords of most Fujitsu Siemens laptops (Lifebook, Amilo etc.) http://dogber1.googlepages.com/pwgen-fsi.py