Gaining System-Level Access To Vista
An anonymous reader writes "This video shows a method by which a user can use a Linux distro called BackTrack to gain system access to Windows Vista without logging into Windows or knowing the username or password for any accounts. To accomplish this, the user renames cmd.exe to Utilman.exe — this is the program that brings up the Accessibility options for users without sight or with limited vision. The attack takes advantage of the fact that the Utility Manager can be invoked before the user logs into the system. The user gains System access, which is a level higher than Administrator. The person who discovered this security hole claims that XP, 2000, 2003 and NT are not vulnerable to it; only Windows Vista is."
Allow full root access
Cancel or Allow...
A conversation amongst the developers: Dev 1: "You see - we can just rename the exe and then get the job done!" Dev 2: "Is there a risk?" Dev 1: "How? Users without sight or with limited vision will have a hard time getting to cmd.exe to rename it - dumbass!"
Right... They should think of some system where the BIOS will only load code that was digitally signed somehow, so these atrocities are no longer possible. Personally, I will only feel safe when I know that Microsoft completely controls what goed on on my PC!
I think we can all agree that any hack involving a time machine is newsworthy.
It's much much harder with Linux. First of all you have to work out how to lure the user out of their basement and away from their computer.
I use a 26 char password on a laptop that locks every 5 minutes.
Once you get used to it, it's not too annoying at all.
What if Tetris was invented by Nazis?
No, it's
qwertyuiopasdfghjklzxcvbnm
but good guess!