PC cracking, why not?
Here's the deal. I have a PC. I have a bet, to prove a point. The password has been changed. My contention is that someone with absolutely minimal networking/software knowledge (Me), could, so long as they have access to the machine, defeat the password and gain permanent access in such a way as to keep the user completely unaware, using nothing more than widely available web knowledge and/or tools.
Steps so far, all learned in one morning of scanning the web.
First, F8, login safe mode.
create new account.
Install cain and able
need to:
search for SAM file for the other admin account. The goal (on XP) is to learn the password of the main account so that it can be accessed without alteration, and then erase the newly created account so that no one would be the wiser. You'd just login using the other users password
Right now I'm stuck, can't get cain and able to work right, mostly cause I don't know where to look for the other users login. Do I need to temporarily deactivate their password and find it using that same account?
But still, it's pretty scary. I know nothing, and I could have easily gained access to this computer, especially if I didn't add the extra level of difficulty of trying to learn the password basically without molesting that account. Granted, it's my computer, but I'm sure anyone with a modicum of knowledge would access it straight away.
Scary... Do PC's suck? Are macs this easy to defeat? Because when I say no knowledge, I mean nothing, I'm literally just typing in dumb questions in Google and trying stuff out. Not bad for someone with almost 2 hours of experience with this sort of thing!
I figure a post here fits my criteria of "web resources only"
Any pointers?
Any comments?
PS. Matsu hugs powerbook.
Steps so far, all learned in one morning of scanning the web.
First, F8, login safe mode.
create new account.
Install cain and able
need to:
search for SAM file for the other admin account. The goal (on XP) is to learn the password of the main account so that it can be accessed without alteration, and then erase the newly created account so that no one would be the wiser. You'd just login using the other users password
Right now I'm stuck, can't get cain and able to work right, mostly cause I don't know where to look for the other users login. Do I need to temporarily deactivate their password and find it using that same account?
But still, it's pretty scary. I know nothing, and I could have easily gained access to this computer, especially if I didn't add the extra level of difficulty of trying to learn the password basically without molesting that account. Granted, it's my computer, but I'm sure anyone with a modicum of knowledge would access it straight away.
Scary... Do PC's suck? Are macs this easy to defeat? Because when I say no knowledge, I mean nothing, I'm literally just typing in dumb questions in Google and trying stuff out. Not bad for someone with almost 2 hours of experience with this sort of thing!
I figure a post here fits my criteria of "web resources only"
Any pointers?
Any comments?
PS. Matsu hugs powerbook.
Comments
How to search for users in cain.
A couple more steps and my theory might be proved
SOmeone get in here and tell me that a mac is harder to crack.
If you have an open firmware password, however, your Mac is locked from this.
If you have a Mac OS X install cd, I believe there is the 'reset password' option as well.
I've now got cain to see the other users, not sure what the next step is...
pointers?
now performing a brute force attack on the password. May take hours...
If you put a good, long password into BIOS, lock the box in a closed cabinet, and take care that the password cannot be stolen by keylogger or suitably placed video camera, at least then the attacker has to hack/crack it to gain access. Or crowbar the cabinet.
If you want protection for the case where the hardware can't be protected, you need to encrypt the HD. It would also be a good idea to take care the key does not linger in swap on the disk after power is cut. For instance, the OS X password is easy to find if you know it (duh), I haven't tried if it's easy to find when you only know the username though.
Any way to speed this up?
I'm not even sure what I did, but I did it. That's the scariest part. Yeah, the tools aren't the greatest, but for someone with very little conceptual knowledge, and NO theory whatsoever, to crack a computer, even with physical access...
Step two, I'm going to make an attempt via my airport network. -- which I'll be turing off whenever I'm not home from now on!
And then to really scare myself, I might make an attempt to get at my home machine from work during the holiday. To keep it fair, I'll have to get my brother to select a new password. He could hardly believe it when I called at work 5 minutes ago.
This really puts security back in perspective for me.
On the bright side, somebody owes me a beer.
Scary... Do PC's suck? Are macs this easy to defeat? Because when I say no knowledge, I mean nothing, I'm literally just typing in dumb questions in Google and trying stuff out. Not bad for someone with almost 2 hours of experience with this sort of thing!
All you need to do to crack a mac is boot from a mac os x CD I think
I thought it would be good to know a bit about the nuts and bolts. Nothing like hands on learnin'.
Originally posted by applenut
All you need to do to crack a mac is boot from a mac os x CD I think
You can disable that through Open Firmware, though if you have physical access to the Mac, you can usually defeat the protection in OF by simply changing the hardware configuration (eg: RAM).
Originally posted by King Chung Huang
You can disable that through Open Firmware, though if you have physical access to the Mac, you can usually defeat the protection in OF by simply changing the hardware configuration (eg: RAM).
If you have physical access* you can just yoink the hard drive out of it, take it home and do what you will with it. Open Firmware won't mean a thing if the drive is then put into another Mac or an external case.
Now, if your stuff is all encrypted if you used FileVault, then you're safer. Unless you used a shitty password.
Aside: Remember to change your password after you sent your Mac in for repair. Because "they" have it in their system now, where God knows who could get it, along with your physical address.
* you can then, of course, do anything.