[Xer0]

Quote:

Originally Posted by r00t [You must be logged in to view images. Log in or Register.]

You can hack windows rather easily without knowing the root password or stealing the hash from memory (lol windows unsalted passwords 2014)

Basically create a named pipe from something with system level privileges, impersonate the pipe, open the thread token, and then spawn a reverse shell with it.

Sources:
http://msdn.microsoft.com/en-us/libr...(v=vs.85).aspx
http://msdn.microsoft.com/en-us/libr...(v=vs.85).aspx
http://msdn.microsoft.com/en-us/libr...(v=vs.85).aspx
http://msdn.microsoft.com/en-us/libr...(v=vs.85).aspx

or burn ophcrack for windows to a cd and boot your system from that disc.

you basically hit a button and it finds the passwords.