The Password Exploitation Class was put on as a charity event for the Matthew Shoemaker Memorial Fund . The speakers were Dakykilla, Purehate_ and Irongeek.

Lots of password finding and crack topics were covered. Hashcat, OCLHashcat, Cain, SAMDump2, Nir’s Password Recovery Tools, Password Renew, Backtrack 4 R1, UBCD4Win and much more.
(more…)

Accessing a Windows computer without knowing the password is fairly simple with this free tool called Kon-Boot .There are alternatives like Ophcrack etc, but those rely on grabbing the SAM hashes and cracking those. What sets Kon-Boot apart is that is modifies the kernel on-the-fly while booting (everything is done virtually – without any interferences with physical system changes) and allows you to log into any account without entering a password. All you have to do is insert a boot (cd or floppy) disk burned with Kon-boot software(110kb) in to the computer and boot up.
(more…)

via: handlewithlinux.com

A good password has the problem of being difficult to remember. And sometimes you might need to get in to a system where the root password is long forgotten (or left with the system administrator before you).
Luckily there are ways of getting access to systems without having the password. This is of course in a sense also a security risk. That’s why you should always be aware that having unattended physical access to a computer system means the same as having root access to the operating system. Unless the information on a system is encrypted, it’s only as save as the room it’s in.

The method to use to reset the password if you lost the root (or only) password depends on the configuration of your system. But it mostly comes down to two separate tasks:

– get write access to the root partition

– change the password/circumvent control

Here are some things you can try from easy to more complicated. (more…)

This is a generic how to, working for all Linux distributions, not only for Ubuntu or Debian or Centos etc etc.

I see a lot of howto’s what are based on the same “story”: boot in “single mode” and type passwd to change the password, but are some systems like Debian and probably others what doesn’t let you get in single mode if you don’t know the root password … so the single mode solution it will not work.

First I will describe you the single mode solution, because the start of this solution is very similar with the next solution what I will present you in the end.
(more…)

Losing your root password isn’t the end of the world, though. You’ll just need to reboot into single user mode to reset it. Here’s how to do it on a typical Ubuntu machine with the GRUB bootloader:

Boot Linux into single-user mode

1. Reboot the machine.
2. Press the ESC key while GRUB is loading to enter the menu.
3. If there is a ‘recovery mode’ option, select it and press ‘b’ to boot into single user mode.
4. Otherwise, the default boot configuration should be selected. Press ‘e’ to edit it.
5. Highlight the line that begins with ‘kernel’. Press ‘e’ again to edit this line.
6. At the end of the line, add an additional parameter: ‘single’. Hit return to make the change and press ‘b’ to boot.

(more…)

From Pauldotcom:

winlockpwn is a memory analysis tool released by Adam Boileau of storm.net.nz. This utility exploits firewire’s direct memory access. The operating system allows firewire devices to directly read/write memory without having to go through the processor. Sounds handy right? (more…)