Re: locked out of XP, need file access

["Adam Hawliczek" <quoza () wp pl>]

Damn,... I think i need to agree with both of You ...
I just cannot imagine to just "forget" my pass ... or to remember just 2
letters ... but if it's true ... Get yourself Johnny the Ripper ... Create a
possible word list launch it and viola ... There's also an option of system
recovery console , which you should have on XPcd (a little :-) M$ bug ..)
and there is also a possibility that you didn't change pass for built-in
admin account.if you didnt launch it in a emergency and log as a
admin(supervisor or whatever..) but if it's YOUR computer you shuldn't have
any problems of making those things ... and if it's not yours you should
learn many things before starting such thigs ...

Please forgive me my poor english .. I'll improove it in some time ...


----- Original Message -----
From: "Joey Peloquin" <jpelo1 () jcpenney com>
To: <JGrimshaw () ASAP com>
Cc: <security-basics () securityfocus com>
Sent: Monday, December 29, 2003 7:32 PM
Subject: RE: locked out of XP, need file access


> Grimshaw,
>
> [snip]
> ->To preface, I apologize if I am wrong.  I also expect to be
> ->bashed for
> ->being harsh, but sometimes reality stings.
>
> On the contrary, I'm surprised someone, including myself, hasn't brought
> this up before.  Or recently, at least, if it has been brought up before.
>
> ->A question that I have, is that if the box is his, and those
> ->files are his
> ->(and are important), how did he suddenly just "forget" the
> ->admin password?
> -> What has he been using to log in on a daily basis?  Why isn't the
> ->password for this box the same as the other local admin
> ->passwords on the
> ->network?  Why is he administrating an XP box and then throwing up
> ->comparisons to Windows 98 PWL files?  Why not connect to the
> ->network and
> ->log on with domain administrator rights?  If he does not have
> ->the access,
> ->why not call their helpdesk and have one of the
> ->administrators do this?
>
> ALL very valid questions.
>
> Naturally, it is very possible he _did_ forget his password ... We've all
> done it.  However, it's also entirely possible the scenario Grimshaw laid
> out below is right-on.
>
> What I'd like to know is why someone is using the Admin account on a WinXP
> box (or ANY multi-user box, for that matter) as if it was a regular user?
> Do you realize the power you're giving away when an exploit yields
> privileges *of the logged-on user*?
>
> By the way, I would caution against setting every local admin password the
> same, network-wide.  It could be the difference between cleaning up one
> "owned" server, as opposed to dealing with a data center *full* of "owned"
> boxes.
>
> ->While I agree that sharing of wisdom is vital to the growth of this
> ->mailing list, the temperance of such wisdom should be considered.  I
> ->shared this email with my co-workers, and we all thought a
> ->laptop fell out
> ->of the back of a truck into the requestor's lap.
> ->
> ->Perhaps it is because I do not trust email's originating from
> ->a hotmail
> ->address asking for a hack.   Anyone can get a hotmail address
> ->with any
> ->information provided.
>
> This is precisely why I typically don't answer these types of questions.
> [snip]
>
> Thanks for saying what I'm sure a lot of us were thinking.
>
> Joey Peloquin


----------------------------------------------------------------------------
----


> The information transmitted is intended only for the person or entity to
> which it is addressed and may contain confidential and/or privileged
> material.  If the reader of this message is not the intended recipient,
> you are hereby notified that your access is unauthorized, and any review,
> dissemination, distribution or copying of this message including any
> attachments is strictly prohibited.   If you are not the intended
> recipient, please contact the sender and delete the material from any
> computer.


----------------------------------------------------------------------------
----


> --------------------------------------------------------------------------
-
> --------------------------------------------------------------------------
--


---------------------------------------------------------------------------
----------------------------------------------------------------------------