Win2k Logon Hacks

[robzilla]

u dont, u change your permissions so you can change password after that  

[Scorcher2005]

quote:Originally posted by VoidMain:


copy over LOGON.SCR with CMD.EXE "copy cmd.exe logon.scr".

well i tried to, and it asks are you sure you want to overwrite and i said yes.  it then said Access Denied, 0 files copied.  I guess Storm Windows blocks that........got any other ways around this(changing admin and mgr passwords)???

[voidmain]

There is another thread on these boards that discuss a Linux boot disk that allow you to change the Administrator password on NT and Win2K that is definately easier. If you do have your machine set up securely (in that normal users can't copy over LOGON.SCR) then you will have to go through another step which makes the process more time consuming.

If you have forgotten your Administrator password and want to use the LOGON.SCR/CMD.EXE trick and do not have permissions to copy over the LOGON.SCR as a normal user you will have to get your Windows NT or 2K CD and do a minimal OS install to a directory other than where the original copy of Windows was installed (without formatting the drive). For instance, NT and 2K normally installs to C:\WINNT. Install a new copy into C:\WINNT2. log in to the new copy of Windows as Administrator, "copy C:\WINNT\SYSTEM32\CMD.EXE C:\WINNT\SYSTEM32\LOGON.SCR".

Reboot into the original install of the OS, wait 15 minutes, get the CMD prompt and run User Manager to reset the original Administrator's password, delete the second copy of NT/2K.

[ May 04, 2002: Message edited by: VoidMain ]

[sporkme]

to hack it you just have to go to linuxiso.org

then, set the computer on fire

no one will eeeevvvveeeerrrr kkkknnnnoooowwwwwww

[Scorcher2005]

so will the boot disk work with this SECURE set up of the computer?

[voidmain]

Yes it will because when you boot from a different OS (even NT or Win2K) you bypass the security when accessing the original file system. Unless of course you are using the encrypted file system in Win2k (hopefully you don't, as you will have much bigger problems if your OS becomes unbootable for any reason. What are the chances of that ever happening???    ).

[ May 04, 2002: Message edited by: VoidMain ]

[Stryker]

very old thread... but perhaps this is why we (or at least used to a few months ago... before the change in the network section) always got people asking how to hack windows and such. I don't think this type of thread is really good on this forum... but when did the change happen? or was it one of those things that just happened and nobody notices? probably before my time.

[mobrien_12]

To use this floppy requires physical access to the machine, and the BIOS to be set to allow boot from floppy.  There is no difference between this and the use of Tom's rootboot disk to clear a forgotten linux root password.  

And if you have this kind of access to the machine you could always reinstall windows on it which is another way to bypass the root/admin password.

[ July 09, 2003: Message edited by: M. O'Brien ]

[Fett101]

So, obviously, physical acess to any machine can be a great security risk. And can be easily prevented by disabling boot from CD or floppy and passwording the BIOS. Seems like somethnig a good admin would do anyway.

[mobrien_12]

quote:Originally posted by Fett101:
So, obviously, physical acess to any machine can be a great security risk. And can be easily prevented by disabling boot from CD or floppy and passwording the BIOS. Seems like somethnig a good admin would do anyway.

Yes, physical access to any machine is a large security risk.  There is an IT maxim that says there is NO way to truly secure a system that people have physical access to.  

Locking out boots from anything but the primary hard disk and passwording the BIOS is a good idea (and is what I do for all my boxes, whether Windows or Linux is installed).  However, it can't really secure the box, because anyone can override the bios password by opening the case and setting a BIOS clear jumper or yanking the battery for 5 minutes.  

This is one of the reasons I lament the fact that the thin-client approach has died as a common desktop solution.  That and the fact that its so much easier to patch one beefcake server than dozens or hundreds of little independent machines.