Home page logo

basics logo Security Basics mailing list archives

Re: locked out of XP, need file access
From: Brian Dunbar <brian.dunbar () plexus com>
Date: Mon, 29 Dec 2003 11:51:42 -0600

On Dec 29, 2003, at 11:05 AM, JGrimshaw () ASAP com wrote:

To preface, I apologize if I am wrong.  I also expect to be bashed for
being harsh, but sometimes reality stings.

I'll try not to bash.  Your points are valid, Sir.

A question that I have, is that if the box is his, and those files are his (and are important), how did he suddenly just "forget" the admin password?

I've had users (at a client site) who built their own box, used the machine for months with their domain account, then forgot what they set the local admin password to. Since they never allowed the domain admins to be local admins they were sorta stuck. Oops.


Responding in the positive to his request akin to offering a burglar a set of lockpicks and detailed picking instructions because he "lost" his keys
to his car. 

You have a valid point yet ... the lockpicks are easily available to anyone with enough brains to launch a google search and download the Nordahl utility. You can't keep that stuff secret; our original poster was more than able to find this stuff out on his own.

This reminds me (no offense) of the Security Officer at a client site. Knowing they were sensitive to this type of hack, yet wanting to save the end user the pain of having to jack around with mounting disk drives, or (worse) reinstalling his box (and loosing his data) I brought this to his attention. He okayed the use, but swore me to secrecy as to the method. Which was futile; the end user had found the tool on his own while I spent hours getting the operation approved.



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]