lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 06 Oct 2006 02:42:53 -0500 From: "joshua@...e.ws" <joshua@...e.ws> To: Greg <full-disclosure3@...andyman.com.au> Cc: full-disclosure@...ts.grok.org.uk Subject: Re: Removing the NIC cable = EoP? *took out most of the text here* As far as what this site is saying, it *CAN* work only if there is no security in place for the local box. And only on certain version of 98 if i remember correctly. However, win 98 is full of holes, so there is not need to attack it at layer 1. If the boxes are moderen at all, they will run win xp or even better ubuntu or something of that sort. In XP mode, if they are using XP home and failed to setup an admin password, you can just go into safe mode as admin (no authentication required) and setup your local admin acct and go from there. XP pro won't let you do that. Ubuntu, well im not getting into that, but you can, and should, disable run level 1 at boot. Basicaly it boils down to this, could this have happened? Yes. If the admin has shit one clue could it happen? No. Start looking at layer 7 again kids = / Regards, J _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists