Crack the Cred - Windows Password bypass

Discussions about all aspects of technology, what you're doing with it and exchange of ideas and solutions to problems you might be having.

Crack the Cred - Windows Password bypass

Postby Deathtaker27 on Wed Apr 11, 2012 8:43 pm

Hey guys,

Someone in work linked me to the following video I thought I would share:

Also mods please note this is an official supported method by microsoft that requires a paid technet account

http://www.scorpionsoft.com/videos/crackthecred/

Pretty interesting stuff, so what are everyone else's opinions on such tools, should microsoft (and other companies) bring out tools like this or should they be doing more to secure their systems from tools such as these?
Image
Thanks Podge, speccy and Tao
User avatar
Deathtaker27
Old Timer
 
Player: DT - RS
STEAM_0:1:22687060
 
Posts: 3408
Joined: Sat Mar 28, 2009 8:40 pm



Image

Re: Crack the Cred - Windows Password bypass

Postby Seven. on Thu Apr 12, 2012 6:32 pm

Thanks!
User avatar
Seven.
UKCS Sponsor
 
Player: Colonel Seven.
STEAM_0:1:3465036
 
Posts: 1551
Joined: Mon Jun 09, 2008 2:38 pm
Location: The Netherlands



Image

Re: Crack the Cred - Windows Password bypass

Postby Security on Thu Apr 12, 2012 10:01 pm

Hmm I didn't know MS had official software for this.
It does sound like the official tools are less user friendly then the alternatives which are often freeware like for example Offline NT Password Changer which simply detects all Windows installs on the different HDD's and asks which install and user you want (and it doesn't matter if it's a 32 or 64 bit install which strangely does make a difference for the MS tool).

Either way tho, this is the reason why I put a PW on the BIOS and disable booting from CD/USB after the OS install making the only real option putting the HDD in a 2nd machine. :P

As for my opinion on the tools, well there really useful and will always be made. MS or any other company releasing something like this for there own software does help make sure the tools do not contain other harmful code which is a good thing but locking it behind technet or some other subscriber system kinda neglects that whole positive side.
Image
User avatar
Security
Experienced Member
Honorary UKCS Member
UKCS iSeries Attendee
 
Player: Security
STEAM_0:0:8446840
 
Posts: 1901
Joined: Mon Oct 26, 2009 11:03 pm
Location: In the dishwasher.

Re: Crack the Cred - Windows Password bypass

Postby Deathtaker27 on Fri Apr 13, 2012 12:21 pm

Security wrote:It does sound like the official tools are less user friendly then the alternatives which are often freeware like for example Offline NT Password Changer which simply detects all Windows installs on the different HDD's and asks which install and user you want (and it doesn't matter if it's a 32 or 64 bit install which strangely does make a difference for the MS tool).


Very true, but I am a fan of using the official tools but that is due to the lack of viruses an official support number. I agree being behind a subscription makes them harder to access but it also means less people can use the tools maliciously from what I can understand.

I did enjoy watching his ILO video as I know that at some point that will happen to me (I have an ILO Server at home and I can never remember that password!) I am glad that the manufacturers are starting to understand that there are people out there who need access to systems when they are completly locked out and I know these videos will help me at least.
Image
Thanks Podge, speccy and Tao
User avatar
Deathtaker27
Old Timer
 
Player: DT - RS
STEAM_0:1:22687060
 
Posts: 3408
Joined: Sat Mar 28, 2009 8:40 pm



Image

Re: Crack the Cred - Windows Password bypass

Postby TheKrumpet on Tue Apr 17, 2012 1:04 pm

Don't see a problem with this at all. Physical access is root access, no two ways about it. If someone is already at your computer getting in to it is a very trivial thing. Microsoft is far more concerned with stopping unauthorised remote access, as they should be. Keeping people physically away from your computer is the owner's domain.

It's perfectly reasonable for Microsoft to have tools like this and there's plenty of legitimate uses. And distributing it via TechNet makes sense, it's a SysAdmin tool.

Deathtaker27 wrote:...should microsoft (and other companies) bring out tools like this or should they be doing more to secure their systems from tools such as these?

Why? Stopping physical access isn't something they can do, and it's certainly not Microsoft's job to be trying to do so. People need to understand that a simple password on an OS doesn't protect their PC from physical access :P.

Security wrote:Either way tho, this is the reason why I put a PW on the BIOS and disable booting from CD/USB after the OS install making the only real option putting the HDD in a 2nd machine.

Simply taking the hard drive out and plugging it in somewhere else sounds like a lot less fucking around that building this recovery USB pen tbf :P.
i7 920 @ 4GHz / ASUS P6TD X58 / 6GB Corsair Dominator DDR3 / Gainward Phantom GTX570 / Corsair HX650W
Titan Fenrir / Samsung Spinpoint F3 1TB / Cooler Master HAF 922 / Dell U2412M / HP w2007v
User avatar
TheKrumpet
UKCS Sponsor
UKCS iSeries Attendee
 
Player: Krumpet @ i49 BS-D4
STEAM_0:0:32223044
 
Posts: 39
Joined: Tue Mar 27, 2012 8:12 pm
Location: York, UK



Image

Re: Crack the Cred - Windows Password bypass

Postby Decoy^ on Tue Apr 17, 2012 2:35 pm

+1 to what TheKrumpet said. There is no way to protect your computer if someone has physical access to it. Full disk or individial file encryption is the closest you can get to such security, and even that is theoretically breakable, just not practically with todays computing power. It is just a question of time though, not about whether it can be done. Encryption needs to be upgraded to keep up with the growth in computing power, as we've seen in the past. And how can you do that if someone had physical access to your disk and took a 1:1 image of it? They can keep that image until sufficient computing power exists to crack it. It's all hypothetical, but still a realistic scenario for any data that warrants the effort.

BIOS passwords and OS passwords are zero security against people with physical access. Also, I have had legitimate access to the Locksmith tool, but never used it professionally. Why? Because those Linux bootdisks that the guy in the video so quickly put down as "something we don't want to do", is what I prefer. They are just as fast and they work regardless of Windows edition or architecture, so why waste time on creating a dozen different boot images with Microsoft's tool then?

Bottom line, don't ever make the mistake of thinking you can have bulletproof security. And especially not if the system can be accessed physically. Put your computer in a concrete block, bury it and never use it again if that's what you are looking for. :geeky:
In Soviet Russia, decoy shoots you!


Image

User avatar
Decoy^
Regular Member
 
Player: Timberwolf
STEAM_0:0:1496730
 
Posts: 139
Joined: Wed Nov 07, 2007 9:19 am
Location: Nordland, Norway



Image

Re: Crack the Cred - Windows Password bypass

Postby Deathtaker27 on Sat May 05, 2012 10:31 am

New video is up by the guy, and wow its kinda scary what you can do with physical access to a machine
Image
Thanks Podge, speccy and Tao
User avatar
Deathtaker27
Old Timer
 
Player: DT - RS
STEAM_0:1:22687060
 
Posts: 3408
Joined: Sat Mar 28, 2009 8:40 pm



Image

Re: Crack the Cred - Windows Password bypass

Postby Security on Mon May 07, 2012 6:58 pm

Deathtaker27 wrote:New video is up by the guy, and wow its kinda scary what you can do with physical access to a machine

There isn't anything you can't do at that point. :P
Image
User avatar
Security
Experienced Member
Honorary UKCS Member
UKCS iSeries Attendee
 
Player: Security
STEAM_0:0:8446840
 
Posts: 1901
Joined: Mon Oct 26, 2009 11:03 pm
Location: In the dishwasher.

Re: Crack the Cred - Windows Password bypass

Postby TheKrumpet on Fri May 25, 2012 9:57 am

Security wrote:
Deathtaker27 wrote:New video is up by the guy, and wow its kinda scary what you can do with physical access to a machine


There isn't anything you can't do at that point.


This. Physical access = root access. Doesn't matter what security you've got running.
i7 920 @ 4GHz / ASUS P6TD X58 / 6GB Corsair Dominator DDR3 / Gainward Phantom GTX570 / Corsair HX650W
Titan Fenrir / Samsung Spinpoint F3 1TB / Cooler Master HAF 922 / Dell U2412M / HP w2007v
User avatar
TheKrumpet
UKCS Sponsor
UKCS iSeries Attendee
 
Player: Krumpet @ i49 BS-D4
STEAM_0:0:32223044
 
Posts: 39
Joined: Tue Mar 27, 2012 8:12 pm
Location: York, UK



Image


Return to PC World, Technology and Gadgets

Who is online

Users browsing this forum: CommonCrawl [Bot] and 1 guest