Cracking passwords in Windows 7, Child's play


Recommended Posts

Owen W

Agreed. Every technology has its own weaknesses but why not use BitLocker which is readily available on your machine? I guess if one is not happy with the available encrypting methods, they can always lock their laptop in a bank vault.

Yeah, but Microsoft left a backdoor in bitlocker too. Easy to bypass and unencrypt data, even if the PC is off.

Link to post
Share on other sites
hdood

Yeah, but Microsoft left a backdoor in bitlocker too. Easy to bypass and unencrypt data, even if the PC is off.

This is just libelous unless you're being sarcastic or can actually provide concrete evidence.

Link to post
Share on other sites
Growled

Yeah, but Microsoft left a backdoor in bitlocker too. Easy to bypass and unencrypt data, even if the PC is off.

How can they access your data with your computer turned off?

Link to post
Share on other sites
+LogicalApex

Overall Linux distributions have a less complex design that is easier to understand. It doesn't have anything to do with security. Windows is simply more complex, convoluted and hard to understand.

:blink:

Err wha? Linux is simple and easy? I'm not sure what distro you have been running, but I think you're quite a bit mistaken. Maybe you are thinking about the *nix derived (via BSD) Mac OS X stuff?

I know Linux has gotten a LOT better over the last 10 years and I now have family I've convinced to run it as their primary OS in many cases, but I would't say it is easier than Windows at all. Of course, comparing the two on ease of use in many areas can be like comparing apples and oranges, but I don't think many people find the command line easy. Us geeks maybe, but not the majority of society.

Link to post
Share on other sites
RealFduch

blablabla

I have much more important news for you! Do you know that every person who has ever installed Linux will die?

(sometime)

Link to post
Share on other sites
+LogicalApex

How can they access your data with your computer turned off?

You didn't get the memo? BitLocker forces the HDD to print all of its contents in braille on the bottom. So easy even a blind man can steal the data! (sarcasim)

Link to post
Share on other sites
hdood

Err wha? Linux is simple and easy? I'm not sure what distro you have been running, but I think you're quite a bit mistaken. Maybe you are thinking about the *nix derived (via BSD) Mac OS X stuff?

No, I am not saying that Linux is "simple and easy" to use (although that all depends on what you mean by Linux), I am saying that it has a less complex design where it is easier to understand how things work and fit together. Windows is reasonably user friendly on the surface, but once you start digging a little it is arguably the most complex operating system on the market. I would say that it is both the most difficult to understand and the most difficult to develop for. I didn't think this was a controversial statement.

Link to post
Share on other sites
Owen W

This is just libelous unless you're being sarcastic or can actually provide concrete evidence.

See: http://cryptome.org/ (This link probably won't be around for long). There's a PDF there with information.

Link to post
Share on other sites
+warwagon

I reset peoples password all the time. They bring them too my office and don't tell me what the windows password is. So I just wip out the boot cd and blank it out. Then tell then when i'm done that they have to go in and reset the password.

Link to post
Share on other sites
murkurie

See: http://cryptome.org/ (This link probably won't be around for long). There's a PDF there with information.

I read that 107 page power point :wacko: and it doesn't seem easy and those "backdoors" don't seem to help unless you can get the pin from someone. From what I understand you need the pin so you can access the drive to get the password, or use a hardware attack on the TPM to get access. And the only person who knows the pin is the person who's computer it is, or it;s on the usb drive for booting

Link to post
Share on other sites
hdood

See: http://cryptome.org/ (This link probably won't be around for long). There's a PDF there with information.

There is no information about any backdoors there.

Link to post
Share on other sites
Owen W

There is no information about any backdoors there.

I'll see if I Can find the other FTK article too :)

Link to post
Share on other sites
hdood

I'll see if I Can find the other FTK article too :)

Or you can just recognize the fact that Microsoft is a serious company and does not leave backdoors in Windows. Unless you have the key, you cannot decrypt BitLocker. This is on page 1 of any forensic guide.

I am not sure if you quite understand the devastating consequences any backdoors would have for Microsoft.

Link to post
Share on other sites
Panacik

Hmm... I was under the impression that the discussion of circumventing security is against forum rules.

Nope. Posting articles relating to exact methods that can be used to circumvent it is.

Can Linux be hacked if the hacker had physical access?

Possibly. I wouldnt think its any harder than Windows, so long as you have the right tools and knowledge, however, the questions you should ask is actually this:

Can a machine be hacked locally regardless of the OS installed on it?

The answer would usually be yes. Unless the person is clever enough to place a BIOS and HDD password on the machine along with only having the primary HDD as the only boot device, they will likely not be able to hack it, or at least not easily.

Or you can just recognize the fact that Microsoft is a serious company and does not leave backdoors in Windows. Unless you have the key, you cannot decrypt BitLocker. This is on page 1 of any forensic guide.

I am not sure if you quite understand the devastating consequences any backdoors would have for Microsoft.

Ah, but they do, quite often, either intentionally or un-intentionally... It has hasent had any devistating consiquences on them yet and they usually patch it quickly when they are found. The only consiquence it does have, is that the Linux community of hardcore users, will use it to "further prove Linux security is far better" etc etc.

Seriously hdood, try calming down on the rudeness. It wont win you many friends. A simple, i think you are wrong because of x, y and z, would have been enough, rather than saying, "or you can just recognise". It makes you sound awfully self opinionated and stuck up.

  • Like 1
Link to post
Share on other sites
hdood

Possibly. I wouldnt think its any harder than Windows, so long as you have the right tools and knowledge

More often than not you don't even need any tools. You can simply boot to a root console and change the password, giving you full access. Does this mean that Linux is insecure? No, it just means like you say that all bets are off when someone has physical access to the machine.

Ah, but they do, quite often, either intentionally

Since I don't think you actually believe this, I will come right out and call it a lie.

or un-intentionally...

A backdoor is something that is intentionally added to allow security measures to be bypassed. There is no such thing as an "unintentional" backdoor. That is called a bug or a design flaw/limitation, and is a separate issue. Now, you could argue that they added backdoors concealed as bugs, but I think there is a separate section of the forum dedicated to conspiracy theories.

It has hasent had any devistating consiquences

It hasn't because they do not exist.

Seriously hdood, try calming down on the rudeness. It wont win you many friends. A simple, i think you are wrong because of x, y and z, would have been enough, rather than saying, "or you can just recognise".

It's an extremely serious accusation (in fact, one of the most serious you can make), and when someone makes a claim of this magnitude, the onus is on them to prove it. No one else even have to explain why they "think" it's wrong. You can't sit there and claim that something that is even sold as a security product to foreign governments has backdoors without having the evidence. If you have this, you should be able to produce it virtually from memory. Saying that "you think you read it somewhere" doesn't cut it.

Link to post
Share on other sites
OxideNOS

For all you who think encryption cannot be evaded, check this out:

1024-bit RSA encryption cracked by carefully starving CPU of electricity

University of Michigan claims they can break the encryption simply by tweaking a device's power supply. By fluctuating the voltage to the CPU such that it generated a single hardware error per clock cycle, they found that they could cause the computer to flip single bits of the private key at a time, allowing them to slowly piece together the password.

Source: http://www.engadget.com/2010/03/09/1024-bit-rsa-encryption-cracked-by-carefully-starving-cpu-of-ele/

Link to post
Share on other sites
Fred Derf

Hmm... I was under the impression that the discussion of circumventing security is against forum rules.

Giving (or linking to) detailed instructions on how to crack a secure system would be against the rules. I gather that the purpose of this thread is to inform people that the Windows account passwords are not a secure system (never were and still aren't) and that they should not rely on it for security. Several people have posted more secure methods of protecting their data. The purpose of this thread would seem to be how to enhance security rather than how to defeat it and thus it is not against the rules.

Link to post
Share on other sites
Panacik

More often than not you don't even need any tools. You can simply boot to a root console and change the password, giving you full access. Does this mean that Linux is insecure? No, it just means like you say that all bets are off when someone has physical access to the machine.

Quite. Because its simple to boot to a root and change a password, when you dont already have the root password to begin with :rolleyes:

Since I don't think you actually believe this, I will come right out and call it a lie.

I wouldnt have said it if i hadnt been sure. Dont assume anything and dont tell me what i do and dont think\believe.

A backdoor is something that is intentionally added to allow security measures to be bypassed. There is no such thing as an "unintentional" backdoor. That is called a bug or a design flaw/limitation, and is a separate issue. Now, you could argue that they added backdoors concealed as bugs, but I think there is a separate section of the forum dedicated to conspiracy theories.

I was aiming toward both of what you are saying. Both intentional "bugs" and un-intentional...

I reffer to Windows and\or Office 2007 "phoning home". I believe at first there where undocumented methods of gaining access to someones machine by re-routing the call to a remote server, so that the attacker could launch there attack\gain access to the machine.

It hasn't because they do not exist.

See my above quoted post... it clearely does\has.

It's an extremely serious accusation (in fact, one of the most serious you can make), and when someone makes a claim of this magnitude, the onus is on them to prove it. No one else even have to explain why they "think" it's wrong. You can't sit there and claim that something that is even sold as a security product to foreign governments has backdoors without having the evidence. If you have this, you should be able to produce it virtually from memory. Saying that "you think you read it somewhere" doesn't cut it.

Yes yes and blah blah evidence and blah blah you provide it and blah blah.

Seriously mate. You are so original. You even contradict yourself within a couple of words of your stuck up posts. Lets see shall we:

You say in one post - "It hasnt because it doesnt exist" <-- note the lack of proof in this claim. Also notice how you expect people to take your word as god, as though you know EVERYTHING far more than most of the truely technical people on here, such as Budman.

Now, within your very same post you say this - "when someone makes a claim of this magnitude, the onus is on them to prove it" <-- That is a direct contradiction of your sentence only a few lines above.

Now, im not saying that i have supplied proof on everything i have ever said, as no-one ever could. However, if you are going to bang on at people about providing "proof" when ever you are challenged, then make sure you are going to or even do provide proof when you challenge someone... Or is it a case that you are more superior to everyone else and dont need to prove... ANYTHING!? :rofl: :rolleyes:

Link to post
Share on other sites
Fred Derf

You can prove that something exists. You cannot prove that something doesn't exist.

Link to post
Share on other sites
hdood

Quite. Because its simple to boot to a root and change a password, when you dont already have the root password to begin with :rolleyes:

Yes it is.

I reffer to Windows and\or Office 2007 "phoning home". I believe at first there where undocumented methods of gaining access to someones machine by re-routing the call to a remote server, so that the attacker could launch there attack\gain access to the machine.

That would be a remote vulnerability, not a backdoor.

See my above quoted post... it clearely does\has.

It does not. All you appear to be saying is that Windows has had its share of remote vulnerabilities over the years. While true, these are not backdoors. A backdoor is a piece of code intentionally placed there to allow someone to circumvent security. This is extremely serious, so I'd like you to document it so I can forward the information to the proper authorities in my country so that a criminal investigation can be launched. If any local branches of Microsoft are involved, this might even constitute acts of treason. This is not a joke, I really will do this.

Also notice how you expect people to take your word as god

"My word?" You mean my claim that Windows contains no backdoors? I'd so it's a pretty damn well substantiated claim, considering there is absolutely zero evidence of it, despite the fact that Windows has been widely audited, is the biggest target of attacks, and that its source code is available to tens of thousands of people.

as though you know EVERYTHING far more than most of the truely technical people on here, such as Budman.

I have no idea who Budman is or what I claim to know that he doesn't. Maybe I know more than him about something, maybe I don't. I don't see any posts by him so I am not sure what you are referring to.

Now, within your very same post you say this - "when someone makes a claim of this magnitude, the onus is on them to prove it" <-- That is a direct contradiction of your sentence only a few lines above.

Stop trying to twist this around. Please provide your evidence that Windows contains backdoors. I do not have to disprove this, you have to prove it.

However, if you are going to bang on at people about providing "proof" when ever you are challenged, then make sure you are going to or even do provide proof when you challenge someone...

If there is something specific you want me to document, then say so, otherwise you are simply trying to weasel out of having to provide evidence for your accusation. Even if you think I'm an idiot and a hypocrite, you can show that you're better than me by doing this.

Link to post
Share on other sites
+BudMan

Quite. Because its simple to boot to a root and change a password, when you dont already have the root password to begin with :rolleyes:

What are you trying to say here? That you can not boot to a root console if you don't have the root password? This is not true, its called single usermode - and can be booted into quite easy depending on the OS and if they support it or not.

It could be as simple halting your boot loader (lilo,grub,etc) and then entering this command

linux single

Just do a google for recover root password or single user mode, etc. Its quite easy to, as stated quite often without any tools.

Does not matter what OS -- if you have physical access to the machine, you can pretty much throw out any OS level username or passwords. Be it you can boot something like single user mode, or boot some tool to reset the password.. Or for that matter just boot some other OS and mount the file system and gain access to what files you want.

So unless your hardware has limitation to prevent boot from other sources, or your HDD is encrypted, etc.. If you have physical access to the computer you can pretty much throw out security all together.. Even if the machine will not boot - I could just pull the drive and access it.. Passwords set on the HDD can be bypassed.

example of hdd and bios recovery methods/services

http://www.pwcrack.com/harddisk.shtml

http://www.biospasswordrecovery.com/

http://www.notebookpasswords.com/

etc.. etc.. Now are all of these sites legit?? Not sure have never had need to test them.. But it seems unlikely that none of them work.. There was a thread a while back talking about HDD passwords set and that they could not be removed.. I don't recall the companies posted in that thread -- but just google you will find lots of them that can either just reset the password so you can use the disk, or quite often recover it so that you gain access to the data.

In a nutshell - if you they have physical access to the equipment.. And they want access to the data, its possible -- unless you actually encrypted the data with say bitlocker or truecrypt, etc. and they do not have access to the KEY.. Most users that use EFS don't follow best practice and leave the key on the machine -- if so then that too can be accessed and your data recovered, etc. But without the KEY your pretty much screwed!!

I don't even want to get into the backdoor nonsense -- IMHO its tinfoil hat conspiracy nutjob talk.. If there was such backdoors in bitlocker and truecrypt, etc.. Then that would be HUGE news and would be all over the net and on CNN, etc. Can you find discussions about it - sure they are all over.. Just like you can find info about how the moon landing was faked, and how we blew up the towers, etc.. And that JFK was hit by the CIA, etc..

The overall point being if they have physical access to your data, your data is not secure unless its "encrypted" with a secure method. As to the threads topic -- yeah it is child play to access a windows machine if you have physical access.. It sure is nothing new, and there have been password crackers available ever since there has been passwords ;) And there has been ways to circumvent security from the beginning..

my 2cents ;)

Edited by BudMan
Link to post
Share on other sites
Panacik

Yes it is.

Stopped reading there.

What are you trying to say here? That you can not boot to a root console if you don't have the root password? This is not true, its called single usermode - and can be booted into quite easy depending on the OS and if they support it or not.

It could be as simple halting your boot loader (lilo,grub,etc) and then entering this command

linux single

Just do a google for recover root password or single user mode, etc. Its quite easy to, as stated quite often without any tools.

Does not matter what OS -- if you have physical access to the machine, you can pretty much throw out any OS level username or passwords. Be it you can boot something like single user mode, or boot some tool to reset the password.. Or for that matter just boot some other OS and mount the file system and gain access to what files you want.

So unless your hardware has limitation to prevent boot from other sources, or your HDD is encrypted, etc.. If you have physical access to the computer you can pretty much throw out security all together.. Even if the machine will not boot - I could just pull the drive and access it.. Passwords set on the HDD can be bypassed.

example of hdd and bios recovery methods/services

http://www.pwcrack.com/harddisk.shtml

http://www.biospasswordrecovery.com/

http://www.notebookpasswords.com/

etc.. etc.. Now are all of these sites legit?? Not sure have never had need to test them.. But it seems unlikely that none of them work.. There was a thread a while back talking about HDD passwords set and that they could not be removed.. I don't recall the companies posted in that thread -- but just google you will find lots of them that can either just reset the password so you can use the disk, or quite often recover it so that you gain access to the data.

In a nutshell - if you they have physical access to the equipment.. And they want access to the data, its possible -- unless you actually encrypted the data with say bitlocker or truecrypt, etc. and they do not have access to the KEY.. Most users that use EFS don't follow best practice and leave the key on the machine -- if so then that too can be accessed and your data recovered, etc. But without the KEY your pretty much screwed!!

I don't even want to get into the backdoor nonsense -- IMHO its tinfoil hat conspiracy nutjob talk.. If there was such backdoors in bitlocker and truecrypt, etc.. Then that would be HUGE news and would be all over the net and on CNN, etc. Can you find discussions about it - sure they are all over.. Just like you can find info about how the moon landing was faked, and how we blew up the towers, etc.. And that JFK was hit by the CIA, etc..

The overall point being if they have physical access to your data, your data is not secure unless its "encrypted" with a secure method. As to the threads topic -- yeah it is child play to access a windows machine if you have physical access.. It sure is nothing new, and there have been password crackers available ever since there has been passwords ;) And there has been ways to circumvent security from the beginning..

my 2cents ;)

A few, "if this" and so long as this happens etc, but once again, a good, point proven post Budman, unlike some members on Neowin :) (Y)

Link to post
Share on other sites
HawkMan

For all you who think encryption cannot be evaded, check this out:

1024-bit RSA encryption cracked by carefully starving CPU of electricity

University of Michigan claims they can break the encryption simply by tweaking a device's power supply. By fluctuating the voltage to the CPU such that it generated a single hardware error per clock cycle, they found that they could cause the computer to flip single bits of the private key at a time, allowing them to slowly piece together the password.

Source: http://www.engadget.com/2010/03/09/1024-bit-rsa-encryption-cracked-by-carefully-starving-cpu-of-ele/

The encrypted drive needs to be logged in and active when this "hack" is applied though

Link to post
Share on other sites
+BudMan

Sure there are always a lot of if this or that scenarios when evaluating risks to your data. You need to evaluate the level of the risks, and the costs your willing to pay to mitigate those risk.. Cost being in actual hard $ or in software cost in extra steps required to access data, secure it when done with it, etc.. Be it having to plug in a usb dongle with a key on it, or put in an extra password to unlock a truecrypt volume, etc. etc.. There is always going to be costs involved with security.. Be it in performance of the machine when using an encrypted drive, or extra steps a user has to take to access the data, etc.. And don't forget the added risk your taking when you encrypt of actually locking yourself out of your own data.. There are lots of threads here of users not understanding EFS, not adhering to best practice on securing/backup up the keys - next thing you know they locked themselves out of their own data ;) When in most of these cases the user had no legit reasons to be using EFS in the first place.

You need to understand who/what your protecting your data from before you implement a security option. In many cases a good windows password and setting ntfs permissions correctly will be more than enough to secure your data from other users at your home or business, etc. Sure bypassing windows security is childs play to those that understand it and have local access - but to most users it might as well be 256bit AES encrypted data -- since they don't have a clue on how to bypass it ;)

Link to post
Share on other sites
hdood

Stopped reading there.

Why?

A few, "if this" and so long as this happens etc, but once again, a good, point proven post Budman, unlike some members on Neowin :) (Y)

That posts says I'm right and also implies that the people who believe there are backdoors are crazy and wrong. It's the complete opposite of what you're saying, so why would you thumbs up it? Am I to understand that you're retracting your false accusations?

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.