Preserved Topic: more ideas needed! (Page 1 of 1) $Pages that link to <a href="https://ozoneasylum.com/backlink?for=16424" title="Pages that link to Preserved Topic: more ideas needed! (Page 1 of 1)" rel="nofollow" >Preserved Topic: more ideas needed! <span class="small">(Page 1 of 1)</span>\$

lallous Paranoid (IV) Inmate From: Lebanon Insane since: May 2001	posted 03-25-2002 11:27 hello, i'm trying to hack a win2k server.... here is what i have and what I don't: 1.do NOT have access to admin pass 2.have access to a normal User 3.the file system is NTFS 4.the system only boots from HDD (no Floppy, no CDROM) 5.the system's setup/bios is password protected 6.i cannot open up the case and remove the motherboard's battery! 7.I cannot write to the disks's boot sector, nor edit boot.ini file 8.do not have access to winnt\system32\config folder heck!!! do i have chances to gain admin privilige/pass other than using my own psychological game on the admin?! I tried master passwords on the AWARE bios setup and it worked (i entered the setup), but only managed to do so for once...I tried it again but I couldn't enter there again!
Ducati Paranoid (IV) Inmate From: in your head Insane since: Feb 2001	posted 03-25-2002 12:23 Well...I think you are SOL my friend... I got a solution for ya... ops.. nevermind.. you can't open the case.. MAX
Pugzly Paranoid (IV) Inmate From: 127.0.0.1 Insane since: Apr 2000	posted 03-25-2002 14:54 That system appears to have been properly setup. SOL for you.... Sorry.
GRUMBLE Paranoid (IV) Mad Scientist From: Omicron Persei 8 Insane since: Oct 2000	posted 03-25-2002 14:55 cant think of a solution right now, but did you check neworder.box.sk already?
Ducati Paranoid (IV) Inmate From: in your head Insane since: Feb 2001	posted 03-25-2002 15:23 Put the hammer to it! MAX
warjournal Maniac (V) Mad Scientist From: Insane since: Aug 2000	posted 03-25-2002 15:59 Can you make boot from floppy by giving it a few false starts?
DocOzone Maniac (V) Lord Mad Scientist Sovereign of all the lands Ozone and just beyond that little green line over there... From: Stockholm, Sweden Insane since: Mar 1994	posted 03-25-2002 18:35 I think you mentioned the correct approach, known as "social engineering", the oldest hacking trick in the book, and the most reliable! Weasel the passowrd out of the admin, or hire a hooker or learn to watch the keyboard and remember keystrokes. Human beings are almost always the weakest link! (I won't even go into the ethical concerns, I assume you have your reasons, hmm?) Your pal, -doc-
warjournal Maniac (V) Mad Scientist From: Insane since: Aug 2000	posted 03-25-2002 19:24 Yeah. Good old fashioned social engineering. "Tales of a Super Hacker" has got a pretty good discussion on social engineering. If you are going to shoulder surf, might want to scout the area for a good spot for a camcorder. Sounds like a mock login is out of the question. The computers where I used to work had a major security flaw. I gained access to the harddrive via IE > View Source > Notepad : common dialoge(dll). Access to all the scripts and what-not. I could even browse the majority of the network.
Skaarjj Maniac (V) Mad Scientist From: :morF Insane since: May 2000	posted 03-25-2002 23:50 Yeah...our network used to have a thing called the drop box...you could put files there, and if you created a folder called startup...whenever the server started up, so would any programs in that folder. God only knows why they did it, but I remember one of the students disguising a keylogger in there, and set it to record anything after the SysAdmin's login was used, and email it out through the school's server to his own email, so he gained himself temporary login to the server , until the SYsAdmin changed his password again (he changed it every week). But in that time he setup his own Admin account, and slightly downgraded the SysAdmin's account so that he couldn't be deleted. Oh the tales of School Hacking
InI Paranoid (IV) Mad Scientist From: Somewhere over the rainbow Insane since: Mar 2001	posted 03-26-2002 12:58 The poster has demanded we remove all his contributions, less he takes legal action. We have done so. Now Tyberius Prime expects him to start complaining that we removed his 'free speech' since this message will replace all of his posts, past and future. Don't follow his example - seek real life help first.
CPrompt Maniac (V) Inmate From: there...no..there..... Insane since: May 2001	posted 03-26-2002 14:03 I just get this feeling of a Kevin Mitnick case coming along. Later, C:\ ~Binary is best~
kretsminky Maniac (V) Inmate From: A little lower... lower... ahhhhhh, thats the spot Insane since: Jun 2000	posted 03-26-2002 14:08 The answer is so simple.... Walk up behind him while he is logged on and bludgeon him with a heavy object. Voila! Access to his system.
lallous Paranoid (IV) Inmate From: Lebanon Insane since: May 2001	posted 03-26-2002 15:59 guys, it is not a big deal believe me....even if I got the admin pass, I will only be able to add more users and profiles on the same PC that's it... I gain nothing by this more than personalized settings. A small fake program that pops up suddenly w/ a freaky text asking for admin password, will force him to type the password for me!
BeeKay Bipolar (III) Inmate From: North Carolina mountains Insane since: Dec 2000	posted 03-26-2002 16:52 I am also locked out from being able to change any personal settings on my work computer. What's so wrong about wanting some desktop wallpaper?! Sheeeeesh!
CPrompt Maniac (V) Inmate From: there...no..there..... Insane since: May 2001	posted 03-26-2002 17:02 Gotcha. At my fiancee's office they are locked out of everything. They have internet access but if they go to certain sites, like Eddie Bauer or something, and are there for more than 5 minutes they are redirected to the intranet. She can't even load a freaking Excel sheet that I did for her because it has macros, nor can she install anything or change a wallpaper! Kind of silly really. Later, C:\ ~Binary is best~
DocOzone Maniac (V) Lord Mad Scientist Sovereign of all the lands Ozone and just beyond that little green line over there... From: Stockholm, Sweden Insane since: Mar 1994	posted 03-26-2002 18:32 Hmm, I'm starting to think that instead of hacking into your one computer, perhaps you should start a petition amongst your co-workers to gain back some of the basic controls of your own machines? It's not just a morale thing, if you have the freedom to set up your own computer your own way, you'll be more productive! Might be worthwhile working through the system to get these benefits for everyone, it makes sense. Your pal, -doc-

Preserved Topic: more ideas needed! (Page 1 of 1) $Pages that link to <a href="https://ozoneasylum.com/backlink?for=16424" title="Pages that link to Preserved Topic: more ideas needed! (Page 1 of 1)" rel="nofollow" >Preserved Topic: more ideas needed! <span class="small">(Page 1 of 1)</span>\$

lallous
Paranoid (IV) Inmate

From: Lebanon
Insane since: May 2001

posted 03-25-2002 11:27

hello,

i'm trying to hack a win2k server....

here is what i have and what I don't:

1.do NOT have access to admin pass
2.have access to a normal User
3.the file system is NTFS
4.the system only boots from HDD (no Floppy, no CDROM)
5.the system's setup/bios is password protected
6.i cannot open up the case and remove the motherboard's battery!
7.I cannot write to the disks's boot sector, nor edit boot.ini file
8.do not have access to winnt\system32\config folder

heck!!!

do i have chances to gain admin privilige/pass other than using my own psychological game on the admin?!

I tried master passwords on the AWARE bios setup and it worked (i entered the setup), but only managed to do so for once...I tried it again but I couldn't enter there again!

Ducati
Paranoid (IV) Inmate

From: in your head
Insane since: Feb 2001

posted 03-25-2002 12:23

Well...I think you are SOL my friend...

I got a solution for ya... ops.. nevermind.. you can't open the case..

MAX

Pugzly
Paranoid (IV) Inmate

From: 127.0.0.1
Insane since: Apr 2000

posted 03-25-2002 14:54

That system appears to have been properly setup.

SOL for you....

Sorry.

GRUMBLE
Paranoid (IV) Mad Scientist

From: Omicron Persei 8
Insane since: Oct 2000

posted 03-25-2002 14:55

cant think of a solution right now, but did you check neworder.box.sk already?

Ducati
Paranoid (IV) Inmate

From: in your head
Insane since: Feb 2001

posted 03-25-2002 15:23

Put the hammer to it!

MAX

warjournal
Maniac (V) Mad Scientist

From:
Insane since: Aug 2000

posted 03-25-2002 15:59

Can you make boot from floppy by giving it a few false starts?

DocOzone
Maniac (V) Lord Mad Scientist
Sovereign of all the lands Ozone and just beyond that little green line over there...

From: Stockholm, Sweden
Insane since: Mar 1994

posted 03-25-2002 18:35

I think you mentioned the correct approach, known as "social engineering", the oldest hacking trick in the book, and the most reliable! Weasel the passowrd out of the admin, or hire a hooker or learn to watch the keyboard and remember keystrokes. Human beings are almost *always* the weakest link! (I won't even go into the ethical concerns, I assume you have your reasons, hmm?)

Your pal, -doc-

warjournal
Maniac (V) Mad Scientist

From:
Insane since: Aug 2000

posted 03-25-2002 19:24

Yeah. Good old fashioned social engineering. "Tales of a Super Hacker" has got a pretty good discussion on social engineering.

If you are going to shoulder surf, might want to scout the area for a good spot for a camcorder.

Sounds like a mock login is out of the question.

The computers where I used to work had a major security flaw. I gained access to the harddrive via IE > View Source > Notepad : common dialoge(dll). Access to all the scripts and what-not. I could even browse the majority of the network.

Skaarjj
Maniac (V) Mad Scientist

From: :morF
Insane since: May 2000

posted 03-25-2002 23:50

Yeah...our network used to have a thing called the drop box...you could put files there, and if you created a folder called startup...whenever the server started up, so would any programs in that folder. God only knows why they did it, but I remember one of the students disguising a keylogger in there, and set it to record anything after the SysAdmin's login was used, and email it out through the school's server to his own email, so he gained himself temporary login to the server , until the SYsAdmin changed his password again (he changed it every week). But in that time he setup his own Admin account, and slightly downgraded the SysAdmin's account so that he couldn't be deleted.

Oh the tales of School Hacking

InI
Paranoid (IV) Mad Scientist

From: Somewhere over the rainbow
Insane since: Mar 2001

posted 03-26-2002 12:58

The poster has demanded we remove all his contributions, less he takes legal action.
We have done so.
Now Tyberius Prime expects him to start complaining that we removed his 'free speech' since this message will replace all of his posts, past and future.
Don't follow his example - seek real life help first.

CPrompt
Maniac (V) Inmate

From: there...no..there.....
Insane since: May 2001

posted 03-26-2002 14:03

I just get this feeling of a Kevin Mitnick case coming along.

Later,
C:\

~Binary is best~

kretsminky
Maniac (V) Inmate

From: A little lower... lower... ahhhhhh, thats the spot
Insane since: Jun 2000

posted 03-26-2002 14:08

The answer is *so* simple....

Walk up behind him while he is logged on and bludgeon him with a heavy object.

Voila! Access to his system.

lallous
Paranoid (IV) Inmate

From: Lebanon
Insane since: May 2001

posted 03-26-2002 15:59

guys, it is not a big deal believe me....even if I got the admin pass, I will only be able to add more users and profiles on the same PC that's it...

I gain nothing by this more than personalized settings.

A small fake program that pops up suddenly w/ a freaky text asking for admin password, will force him to type the password for me!

BeeKay
Bipolar (III) Inmate

From: North Carolina mountains
Insane since: Dec 2000

posted 03-26-2002 16:52

I am also locked out from being able to change any personal settings on my work computer. What's so wrong about wanting some desktop wallpaper?! Sheeeeesh!

CPrompt
Maniac (V) Inmate

From: there...no..there.....
Insane since: May 2001

posted 03-26-2002 17:02

Gotcha. At my fiancee's office they are locked out of everything. They have internet access but if they go to certain sites, like Eddie Bauer or something, and are there for more than 5 minutes they are redirected to the intranet.

She can't even load a freaking Excel sheet that I did for her because it has macros, nor can she install anything or change a wallpaper!

Kind of silly really.

Later,
C:\

~Binary is best~

DocOzone
Maniac (V) Lord Mad Scientist
Sovereign of all the lands Ozone and just beyond that little green line over there...

From: Stockholm, Sweden
Insane since: Mar 1994

posted 03-26-2002 18:32

Hmm, I'm starting to think that instead of hacking into your one computer, perhaps you should start a petition amongst your co-workers to gain back some of the basic controls of your own machines? It's not just a morale thing, if you have the freedom to set up your own computer your own way, you'll be more productive! Might be worthwhile working through the system to get these benefits for everyone, it makes sense.

Your pal, -doc-