Computer tricks others might not know - Page 4

Xer0 · #31 05-20-2014, 07:07 PM

Quote:

Originally Posted by Yumyums Inmahtumtums [You must be logged in to view images. Log in or Register.]

Mine does too.

Does it hold a Largefarva or a litrecola?

winning

Pitborn · #32 05-20-2014, 07:30 PM

Nice thread!

r00t · #33 05-20-2014, 08:15 PM

Quote:

Originally Posted by August [You must be logged in to view images. Log in or Register.]

Isn't this logic flawed with the 'create a named pipe from something with system level privileges'? You don't need to hack a box you're on if you already have system level privileges.

A much easier method is to just use a registry blanker. It's how I got into all my dad's stuff after he died.

Should have been more clear (was saying Create because its the name of the win32 API C function). You don't actually create a named pipe, instead use an existing named pipe, usually something like \\.\pipe\x\IpHlpSvc.log

radditsu · #34 05-20-2014, 08:20 PM

Quote:

Originally Posted by August [You must be logged in to view images. Log in or Register.]

Isn't this logic flawed with the 'create a named pipe from something with system level privileges'? You don't need to hack a box you're on if you already have system level privileges.

A much easier method is to just use a registry blanker. It's how I got into all my dad's stuff after he died.

http://pogostick.net/~pnh/ntpasswd/

I got an old hiren disk that does the trick

r00t · #35 05-20-2014, 08:25 PM

Yea so many windows exploits to crack a password. Just plain awful security.

Now I'll remind refer to the time when I gave antisec members a user account on my Linux VPS and asked them try to crack root.

http://www.project1999.com/forums/sh...2&postcount=13

freez · #36 05-20-2014, 08:43 PM

ctrl shift delete ur pron

moklianne · #37 05-21-2014, 09:05 AM

Quote:

Originally Posted by Xer0 [You must be logged in to view images. Log in or Register.]

or burn ophcrack for windows to a cd and boot your system from that disc.

you basically hit a button and it finds the passwords.

If the password is secure, it will take too long to bruteforce since a dictionary attack will fail. I suppose you could use rainbow tables, but even that takes a while and you'll need to lug around a 1TB+ external drive. Its instant if you just use a password remover app.

Of course, all of this is if you have physical access or local admin access to the box. Properly secured boxes are a bit more difficult to compromise.

Rellapse40 · #38 05-21-2014, 11:25 AM

use hashcat noobs

lecompte · #39 05-21-2014, 04:09 PM

shift + right click an executable for admin options. Security through obscurity, huzzah.

moklianne · #40 05-22-2014, 11:58 AM

Quote:

Originally Posted by Rellapse40 [You must be logged in to view images. Log in or Register.]

use hashcat noobs

I prefer this for file/local recoveries because of for its ridiculously simple UI and local grid support. I grew up on command line, but I like a shiny UI to get around menial tasks.

http://www.lostpassword.com/kit-forensic.htm