Cracking passwords in Windows 7, Child's play

[ilev]

Cracking passwords with Windows 7 is no different or more difficult than it was with Windows XP

As a result, a lost or stolen Windows 7 laptop is no more secure than a lost or stolen Windows 2000-based system. All anyone has to do is run the Ophcrack tool to recover many, if not all, passwords. (Just make sure you have a good set of NTLM hash tables, like the ones at Free Rainbow Tables.) If Ophcrack doesn't work -- or you want to go a different route -- then try Elcomsoft System Recovery, which can crack basic passwords, reset the local administrator account and more

http://searchenterprisedesktop.techtarget.com/tip/0,289483,sid192_gci1406621,00.html

[XerXis]

meh, once a hacker has physical access to your machine it's game over anyway. The only way to really protect your data would be using bitlocker or truecrypt.

[ilev]

meh, once a hacker has physical access to your machine it's game over anyway. The only way to really protect your data would be using bitlocker or truecrypt.

It won't help you at all if you use Microsoft's COFEE

[XerXis]

It won't help you at all if you use Microsoft's COFEE

yes it does (as you would have known if you read the leaked documents about it). There is no way cofee can break a bitlocker or truecrypt encryption. And people thinking there are backports in the used encryption algorithms like AES or RSA need to put their tinfoil hats on. In fact, if you use a truecrypt hidden volume there is no way to even proof that it is there, let alone break it

[fehuris]

meh, once a hacker has physical access to your machine it's game over anyway. The only way to really protect your data would be using bitlocker or truecrypt.

Agreed. Every technology has its own weaknesses but why not use BitLocker which is readily available on your machine? I guess if one is not happy with the available encrypting methods, they can always lock their laptop in a bank vault.

[murkurie]

It won't help you at all if you use Microsoft's COFEE

Umm COFEE is just a command line tools, so you need to be logged in on said computer to use it. Even better would be bitlocker with boot password?

[Berserk87]

It won't help you at all if you use Microsoft's COFEE

COFFEE doesn't un-encrypt your files, its a tool that copies files from commonly used folders.

[hdood]

It won't help you at all if you use Microsoft's COFEE

COFEE is a collection of scripts that runs some fairly standard utilities to save various volatile information (network connections, processes, and so on) on a system that is lost when it's powered off. It cannot crack BitLocker or anything else. It's simply a utility for saving evidence at the scene. It is not some magical tool, despite what people believe. There are absolutely no backdoors in BitLocker or any other part of Windows at all. A machine that has a BIOS and hard drive password set, and has the drive encrypted with BitLocker (or whatever else) is going to be completely secure, the only vulnerability being the key strength you use and any possible bugs or design weaknesses in the implementation.

[fehuris]

++1

[Roger H. Veteran]

If you have physical access to the machine then there's no point in wasting time trying to crack a password, just take the HDD out and put it into another system and bypass it totally. You'll have full access to all the data on that drive

(unless it's encrypted of-course but who does that other than some of us geeks, most of us don't even bother!)

[ad!k1337]

It won't help you at all if you use Microsoft's COFEE

ever heard about DECAF? :whistle:

[Renshaw]

ever heard about DECAF? :whistle:

Well there are more advance tools that can get around passwords but this would be more govermental and law enforcment level.

but decaf is meant to prevent cofee working.

[Raa]

Just get NTPASSWD boot cd. It's free :p

Man this has been out for ages, not news at all... lol

[techbeck]

Big whoop....anyone wants control of their system, they will get it...its not hard. I am sure OSX/LINUX/CHROME can be hacked/cracked as well and probably has been.

The smartest people dont work for the software companies...they live in dark sheds surviving on chips and soda....

[Panacik]

I have a boot USB device that has a load of apps on it. I have about 3 different programs for cracking the passwords locally on ANY Windows machine and they all work flawlessly.

Seriously, Windows is known for having shoddy password security.

As others pointed out, two things, having phsical machine access trumps pretty much all security and if you really want to to stop someone, even when physical access is obtained, use truecrypt or some type of encryption on your drive.

[Rohdekill]

Hmm... I was under the impression that the discussion of circumventing security is against forum rules.

[t_r_nelson]

How many times are stolen laptops really mined for the data that's on it? Don't most people that steal them either want them for personal use or to sell them? In that case, I'd just wipe the drive and install an OS and...BANG...new laptop for me! (not that I'd ever steal a laptop :rolleyes: )

If there are people that actually want to mine for data for malicious use, they'll get it if they want.

[Prince Charming]

Seriously, revershing hashes using rainbow tables is meant to imply some kind of massive breach of security? This thread is made of fail.

[boogerjones]

Seriously, revershing hashes using rainbow tables is meant to imply some kind of massive breach of security? This thread is made of fail.

I don't think the thread implies a "massive breach of security." It claimed that weak passwords are easy to crack, even without the old LM hash storage. No system is secure without physical quarantine; that's old news. And I thought we were done with this "fail" stuff; maybe it's still making the rounds in middle school.

I'm a little surprised Microsoft didn't introduce a stronger key-derivation function for password storage in Windows Vista/7, but they probably determined that it wouldn't make much of a difference in the big picture.

[Motoko.]

Big whoop....anyone wants control of their system, they will get it...its not hard. I am sure OSX/LINUX/CHROME can be hacked/cracked as well and probably has been.

The smartest people dont work for the software companies...they live in dark sheds surviving on chips and soda....

Can Linux be hacked if the hacker had physical access?

[LiquidSolstice]

Unless you use an advanced Biometric system which replaces the windows login altogether :D

[JoeyF]

If you have physical access to the machine then there's no point in wasting time trying to crack a password, just take the HDD out and put it into another system and bypass it totally. You'll have full access to all the data on that drive

(unless it's encrypted of-course but who does that other than some of us geeks, most of us don't even bother!)

Even that is too much effort when you could just use a live CD and get to the data without even opening the case.

[hdood]

Can Linux be hacked if the hacker had physical access?

Yes, no trouble at all. You could even argue that it's easier, as Linux is not as complex as Windows. This really holds true for any OS that doesn't use full-drive encryption.

[markwolfe Veteran]

Yes, no trouble at all. You could even argue that it's easier, as Linux is not as complex as Windows. This really holds true for any OS that doesn't use full-drive encryption.

I can't see how you would say that Linux was "less complex" (did you mean less secure in account & password handling? because "complex" is vague) unless one were a cheerleader for the Redmond team. ;)

Linux has shadowed passwords. NT uses a SAM file.

Local access to either is an owned box. Both offer encryption, which although a local malicious person could see, they will not be able to decrypt.

This is me, failing to see how either one would be easier.

[hdood]

I can't see how you would say that Linux was "less complex" (did you mean less secure in account & password handling? because "complex" is vague) unless one were a cheerleader for the Redmond team. ;)

Overall Linux distributions have a less complex design that is easier to understand. It doesn't have anything to do with security. Windows is simply more complex, convoluted and hard to understand.

This is me, failing to see how either one would be easier.

Easier in the sense that you can in most cases easily get access to a plain old root console during the boot. No need for any special tools or discs. Just change the password and away you go (or whatever else you want to do). Now, this isn't something inherent, but it is the way most distributions are set up.