Have you never tried the boot menu on a recent motherboard? Obviously not as you would know that it is possible to boot from the FDD, HDD, NIC, CD/DVD or USB devices. At that point your OS is in control and not the host machine. This gives you complete control of the host resources, nic and hdd; allowing you to dump shadow or sam files, sniff the network or access any file on the hdd. So yes it does allow you to bypass passwords. Oh and BIOS passwords are easy to bypass, erase or guess (http://www.cirt.net/cgi-bin/passwd.pl).
Also, if a usb device is inserted to a system’s that running a windows OS, it will automount the drive and try to run an autorun script in the background (unless specifically disabled. By carefully configuring this script you can perform local privilege escalation and end up with root/admin access. I have seen just such a script at it took only 15 seconds to insert, run and to exit (having performed the exploit). Even without an exploit, how many time have you observed highly privileged accounts left unlocked or logged out? Simple plug in you usb device and run something like pwdump3 and hey presto you have the complete sam database.
I have several usb devices – CLIE, MP3 Player, USB pen drive and every single one have at least 30 mbs of hacking and network security tools – with a couple of exploits thrown in for good measure.
People can and do use usb devices to store and mount attacks from, I have seen it and I do it.
Nebs
ps @ nojetlag
RTFB - the quote said RAF not army - and the RAF had nothing to do with the generation of the intelligence Blair used to go to iraq that was the Security Service, GIC, MI5 and possibly MI6 - geez guy read the press and the postings first - or do you need your nhs prescribed glasses changed?
Now that we've thrown 'em off the trail, use the form below to get in touch with the people at Engadget. Please fill in all of the required fields because they're required.
@ Ryan
Have you never tried the boot menu on a recent motherboard? Obviously not as you would know that it is possible to boot from the FDD, HDD, NIC, CD/DVD or USB devices. At that point your OS is in control and not the host machine. This gives you complete control of the host resources, nic and hdd; allowing you to dump shadow or sam files, sniff the network or access any file on the hdd. So yes it does allow you to bypass passwords. Oh and BIOS passwords are easy to bypass, erase or guess (http://www.cirt.net/cgi-bin/passwd.pl).
Also, if a usb device is inserted to a system’s that running a windows OS, it will automount the drive and try to run an autorun script in the background (unless specifically disabled. By carefully configuring this script you can perform local privilege escalation and end up with root/admin access. I have seen just such a script at it took only 15 seconds to insert, run and to exit (having performed the exploit). Even without an exploit, how many time have you observed highly privileged accounts left unlocked or logged out? Simple plug in you usb device and run something like pwdump3 and hey presto you have the complete sam database.
I have several usb devices – CLIE, MP3 Player, USB pen drive and every single one have at least 30 mbs of hacking and network security tools – with a couple of exploits thrown in for good measure.
People can and do use usb devices to store and mount attacks from, I have seen it and I do it.
Nebs
ps @ nojetlag
RTFB - the quote said RAF not army - and the RAF had nothing to do with the generation of the intelligence Blair used to go to iraq that was the Security Service, GIC, MI5 and possibly MI6 - geez guy read the press and the postings first - or do you need your nhs prescribed glasses changed?