Quote:
Originally Posted by r00t
[You must be logged in to view images. Log in or Register.]
This can be a remote exploit that is more effective than brute force (and why bother when you could just pass the hash). Also allows you to steal domain level credentials instead of just local. But yea cracking the passwords on a local machine is easy since they use the same crappy hashing algorithm they did 20 years ago. Windows "security" truly is a nightmare and it is yet another reason most infrastructure runs on the superior *nix based operating systems. |
Yup but who is going to load linux for a bunch of idiot end users in a production environment.
Also if some hacker asshole has access to the equipment most likely they already have won. Thats why you hire people who are not assholes.