Jump to content

Lock computer (Ctrl+Alt+Del),can be accessed by other than admin


zillah

Recommended Posts

Friend of mine has got two computers (Laptop and Desktop) connected to each other via cross over cable (networked), both computers have got OS win2003 SP2. Normally he accesses both computer via administrator accounts

When he does not use them , he locks them by pressing (Ctrl+Alt+Del), some times he found his son accessed his laptop, he told me that he did not tell his son about the password for the username administrator.

There is no other accounts were created beside administrator account under “Local Users and Groups”.

I have checked by myself the “Add or Remove Programs”, I could not find suspicious program.

Is there away to access a locked PC without knowing the password ?

Some time his dad let his son use the computer when the computer is unlocked. Can the son find out the password for the administrator in some how ?

Edited by zillah
Link to comment
Share on other sites


It depends upon how complicated a password it is. The longer and more convoluted the password is the less likely the son could crack the HASH. It's not easy but it can be done. Also depends upon how technical the son is, there are instructions online but not for the noob.

Link to comment
Share on other sites

  • 2 weeks later...

I seem to recall reading something about being able to craft a USB device which would unlock a workstation when plugged in.

Can't find the details now (my google-fu is weak today) - and it was about 3yrs ago, so if it really was possible, I would imagine it's been patched now.

Best I can find is: http://www.eweek.com/c/a/Security/USB-Devi...-Crack-Windows/

- which stops a little short of saying it will 'unlock the workstation' - only that it allows the attacker to 'take control'. Not sure how you can unlock session 0 (console) when running as LocalSystem in the context of a driver. Perhaps if you had impersonate rights and enumerated the currently logged on user... or killed winlogon and aborted the shutdown (don't think that's possible in the same way as it is to abort when lsass.exe dies).

Link to comment
Share on other sites

Is there away to access a locked PC without knowing the password ?

NO, but in most cases a relative can guess it, no need for "social engineering", the knowledge of habits, passions, hates, birthday dates, names of dear ones, etc., etc. should be common between the members of a same family.

Some time his dad let his son use the computer when the computer is unlocked. Can the son find out the password for the administrator in some how ?

You joking, right? :w00t:

The point is NEVER, NEVER, and I mean NEVER allow access to a PC you want to keep private, if you do, do it only under your direct and attentive surveillance, otherwise it may well happen that, in the short turn of five minutes:

ALL YOUR PASSWORDS ARE BELONG TO US!

:P

jaclaz

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...