I doubt this can even qualify as an exploit, but here is a way to obtain admin access for windows xp in less than 5 minutes. 1. Restart the computer in safe mode 2. When the computer boots up you will be at the user's screen. All users will be displayed here, and one extra should appear at the top of the screen 'Admin'. 3. Use the Admin user, it doesnt require a password. Here you can do anything you can normally do as admin, change user restrictions, create users...the works.
Almost everyone here probably know this, but for those who dont...have fun.
Notice from m^e:
Topic title edited to reflect nature of post content in a better way.
what..i mean..seriously.. isnt that only if the administrator has put a password on it...
if that would work it would be like saying that if you press ctrl+alt+delete at the user screen and then typing admin and no password then it would login...
unless this is somthing special about being in safe mode.
This is for Windows XP Home users, and this is if they have not set the Administrator password. Which when you take it out of the box and turn it in you have the option to set the password or skip.
I have seen this before but it is for Windows XP Home users.
yea hes right, this can only be achieved if an administration password hasnt been set! gr8 fun getting onto m8s pcs tho - the average user most probably wouldnt have set an admin password - so u can get into their pcs muhaha
what..i mean..seriously.. isnt that only if the administrator has put a password on it...
if that would work it would be like saying that if you press ctrl+alt+delete at the user screen and then typing admin and no password then it would login...
unless this is somthing special about being in safe mode.
Yep, it only works in safe mode. But, while your in Safe Mode, you could create another admin account to use normally. Restart your computer and then login as that admin account.
Nice tip - that solves a lot of questions regarding lost admin passwords on the XP genre. That's a really cooool tip - as long as you've got direct access to the XP box. But anyways, as long as you;ve got direct access to the machine in concern, you can, somehow or the other, manage to get in - even if it was linux that we were talking about (which is about 'n' million times more secure than any version of Windows will EVER BE)....
OMG who doesn't set an administrator password?!? Well to answer my own question I suspose more than I would like to admit. This post was actually a surprise to me and I do security work for hobby. I have never installed XP Home and I always assumed that it was like Pro in that you had to set the administrator password during setup. How could Microsoft be so hair brained to leave an open administrator account. This is going to make me look at XP Home in a completely new way - a new toy to exploit.
On a similar note, you do not have to be at the physical computer to take advantage of a blank admin password. You can connect using null accounts. You may look into some tools such as superscan 4 http://www.foundstone.com/index.htm?subnav...c/superscan.htm or enum (can't remember the site)
Damn, I'm going to start scaning for XP Home right now.........
This isnt shocking at all, not really an exploit. When someone has physical access to a computer, all securety goes out the window.
Even in Linux with an encrypted root partiton, ayone could get to the hard disk, and alter the only partiton thats not encryptied (the boot partiton) and root the kernel.
computer securety only assumes nobody has physical access to the machine.
This isnt shocking at all, not really an exploit. When someone has physical access to a computer, all securety goes out the window.
Even in Linux with an encrypted root partiton, ayone could get to the hard disk, and alter the only partiton thats not encryptied (the boot partiton) and root the kernel.
computer securety only assumes nobody has physical access to the machine.
like i said, its not an exploit. and although i agree security assumes nobody has physical access to the machine...and exploit usually DOES assume you have access to the box.
Hello everyone. I have a dell desktop running windows xp home edition. AVG virus checker found an
exploit in Firefox's application database in My Documents. I moved it to the "vault" in AVG.
I have several clients to check the safety of my computer and it seems like my machine is secure,
however, there is one problem. My DHCP-cable modem is directly hooked to my computer. However,
even when the computer is idle, the "Send/recieve" LED's (lights) constantly blink. Do I still
have the exploit or somehow I can't catch the "Trojan" the exploit installe....
There's a vulnerability in MS Windows that may cause serious problems related with the module
csrss.exe . Here below is listed vulnerable systems: QUOTE Microsoft Windows XP Tablet PC
Edition SP2 Microsoft Windows XP Tablet PC Edition SP1 Microsoft Windows XP Tablet PC Edition
Microsoft Windows XP Professional SP2 Microsoft Windows XP Professional SP1 Microsoft Windows XP
Professional Microsoft Windows XP Media Center Edition SP2 Microsoft Windows XP Media Center Edition
SP1 Microsoft Windows XP Media Center Edition Microsoft Windows XP Home SP2 Microsoft Wind....
I am trying to figure what is wrong with this one copy of Windows that has slowed to crawl since I
installed sp2. I certainly hope that sp2 is not the cause so I am searching for malicious software
undetected by spybotS&D, avast, and AdAware. My troubles with ZoneAlarm has left my computer
unprotected by any firewall at times and then the efforts to fix my DSL connections had me
connecting directly to the modem rather than through the router as I usually do. So it is possible
that something has gotten through. I am particularly suspicious of the services I cannot s....
I decided today that i was sick of my filter at school. Usually i would abide the rules but today
the fillter whent too far, looking for people who cheated in the Olympic games and it wouldn't
even let me search the topic. Bypassing was the only way. it just pisses me off that the tool that
they have given us is so restricted that it is usless. So im sending a big F you /mad.gif"
style="vertical-align:middle" emoid=":angry:" border="0" alt="mad.gif" /> to the people who made
Bess. If you have a good unblocked proxy list it here.....
Well recently one of my good girl that is a friend got a laptop from her dad. Her dad does websites
so the laptop was new and worked fine, but needed to be defraged. The one problem, her nor her dad
knew the admin password. I told her to post her question on Trap 17 and it got answered with in
minutes. All you have to do is these few steps: 1. Reboot 2. Before the windows logo comes up press
F11 (Just start clicking it over and over again until the windows logo comes up.) 3. Just sit and
let it do it's thing and when the login screen comes up click on the Admin icon....
Ugggg, I just found out (from my computer!) that my Operating System (XP Pro) isn't
genuine /mad.gif" style="vertical-align:middle" emoid=":angry:" border="0" alt="mad.gif" /> I
got a great deal on a used computer from a Swap Meet a few months ago. Will Microsoft accept a
letter or something, along with a little toy cash register receipt and give me a license key, or
will I have to buy a new copy? Dang, I should have known better, from now on, I'm building my
own systems (I've been studying!) ....
Dear Members As you all may be aware of the spywares, trojan horses,viruses which are troubling us.
I have found out a descent way of protecting owr PC's from these harmful stufs. I run a cyber
cafe and use windows xp home version. I am describing my way of protecting pc's:- 1. Frist of
all I have downloaded the windows XP service pack 2. 2. Then I have downloaded Avg Free. 3. Lastly
I have downloaded Windows Defender. 4. What I do is that, I have created two accounts in my
computer. One Admin which have Administrator rights another guest account. I use the ....
Microsoft Windows XP logon script has (had) a fatal bug in it- When you see the new
(funky) Windows XP Logon screen, it shows all the available users. 1. Press Ctrl+Alt+Del twice so
that the formal (earlier Windows) logon dialog box pops up. 2. Then, select Administrator as the
username and enter Any password greater than 32 chracters in the password field. 3. Windows will
give you a buffer overflow error. Click OK or Cancel and you're looged-in as administrator!!!
Well, this exploit was corrected my Microsoft in SP1 and SP2. Three cheers! -Omkar....
A new worm has been detected by multiple antivirus and security specialists. It's called ZOTOB
and is exploiting security holes that have been earlier highlighted in Microsoft Security Bulletin
MS05-039 . The worm affects Win2000 systems and newer. Win 98, ME etc. are not currently thought to
be at risk although, one must always keep the holes plugged. Details regarding what it does exactly
and removal instructions can be found at Symantec's site and also at Microsoft's ZOTOB
Advisory page The hole allowing Zotob to infect and spread can be fixed by i....
When I was shocked when I saw this QUOTE MICROSOFT'S bid to refuse access to updated
versions of Windows has been foiled by hackers. The Vole had demanded that those who wanted Windows
updates, other than security improvements, had to download an Active X program that sniffed their
operating system to see if their OS had been pirated. It took about 24 hours for hackers to come up
with a solution involving IE script, the hackers claim. source:
http://www.theinquirer.net/?article=24961 If I am not wrong, Microsoft spent more than one year to
build up this....
Unbelieveable but true - ever since I've reinstalled windows, I've been getting this message
from windows security centre in a dialogue box that my computer is not properly protected and blah,
blah.... and it asks me whether i want to learn how to protect my computer (as if i don't know)
if i click yes, it opens firefox and takes me to this site which obviously is not a microsoft
site. also, many times i get a baloon with a similar message. when i click it, norton says that a
"trojan horse" was detected and deleted. so is this how microsoft protects my comp....
Okay, so I was talking to my friend on IM yesterday and then she sends me a message saying OMFG LOOK
AT HER or something like that and then a link. I stupidly opened it and then two seconds later she
IMs me telling me not to cause it seems to be a virus. Usually I don't accept those kind of
things but it was from her so I let my guard down. Apparently she had got it from another one of her
friends. It's a .pif virus I know that much but it doesn't do much, I can still open AIM
and my task manager with no weird things but when I reboot my computer, my C:\WIN....
From SecurityFocus http://www.securityfocus.net/archive/1/395...10/2005-04-16/0 There is a _New_
exploit which affects the MSHTA (Microsoft HTML Application Host), using a simple program it's
possible to create file from a *.hta with a _strange_ extenstion(*.foo *.ghgh *.asd) and this file
will be executed by the MSHTA so if u put some malicious Vbs or JS in the *.hta the risk is very
high.... http://www.frsirt.com/exploits/20050414.ms05016.php this is the source of the program
to create the malicious files I've tested it on Xp Sp1 and Xp SP2 and both sy....
Looking for windows, xp, simple, obtaining, admin, access
