.comment-link {margin-left:.6em;}

Pupil

Monday, November 07, 2005

Hack my PC

My Dell Windows XP PC had a sticker on it that say "Please hack me".

Well, I didn't see the sticker. Not for a while. I read a very basic article on hacking by Roger Grimes at Infoworld. He talked about passwords sniffed from wireless networks. Their encryption broken in a matter of seconds. I thought it was too easy, it couldn't be. I had to try it myself. I hopped over to insecure.org downloaded Cain & Abel installed it and was ready to go. Cain is a sniffer + cracker. I had to see for myself.

It took me less than five minutes to sniff the traffic on my private network, send it to the cracker and launch a dictionary attack on the SMB traffic collected. I found two vulnerable accounts, "Administrator" and "Guest". Both accounts had *no* passwords. The Administrator account was especially worrisome - it never showed up under the account list in my XP control-panel. I never even knew it existed. I had never logged into it (XP offers to create a user account with administrator privileges at install-time). The Administrator account is also my system 'root', pardon my reliance on Unix jargon.

Dissapointed in myself, I quickly peeled the sticker off by disabling the two accounts. Maybe I can fix the vulnerability comprehensively by eliminating my dependence on Windows entirely.

2 Comments:

  • I suggest we dissolve the amorous travesty of the continually bum -f**ked race of the personal computers by creating a digital aura of the 6th kind.

    By Anonymous Anonymous, at 11:19 AM  

  • wow really nice experience....
    come to my blog when u have time...

    By Blogger pramod, at 5:13 AM  

Post a Comment

Links to this post:

Create a Link

<< Home