lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <452608FD.20002@nave.ws>
Date: Fri, 06 Oct 2006 02:42:53 -0500
From: "joshua@...e.ws" <joshua@...e.ws>
To: Greg <full-disclosure3@...andyman.com.au>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Removing the NIC cable = EoP?

*took out most of the text here*

    As far as what this site is saying, it *CAN* work only if there is 
no security in place for the local box. And only on certain version of 
98 if i remember correctly. However, win 98 is full of holes, so there 
is not need to attack it at layer 1.

   If the boxes are moderen at all, they will run win xp or even better 
ubuntu or something of that sort. In XP mode, if they are using XP home 
and failed to setup an admin password, you can just go into safe mode as 
admin (no authentication required) and setup your local admin acct and 
go from there. XP pro won't let you do that. Ubuntu, well im not getting 
into that, but you can, and should, disable run level 1 at boot.

   Basicaly it boils down to this, could this have happened? Yes. If the 
admin has shit one clue could it happen? No. Start looking at layer 7 
again kids = /

Regards,
J

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ