Hack my PC
My Dell Windows XP PC had a sticker on it that say "Please hack me".
Well, I didn't see the sticker. Not for a while. I read a very basic article on hacking by Roger Grimes at Infoworld. He talked about passwords sniffed from wireless networks. Their encryption broken in a matter of seconds. I thought it was too easy, it couldn't be. I had to try it myself. I hopped over to insecure.org downloaded Cain & Abel installed it and was ready to go. Cain is a sniffer + cracker. I had to see for myself.
It took me less than five minutes to sniff the traffic on my private network, send it to the cracker and launch a dictionary attack on the SMB traffic collected. I found two vulnerable accounts, "Administrator" and "Guest". Both accounts had *no* passwords. The Administrator account was especially worrisome - it never showed up under the account list in my XP control-panel. I never even knew it existed. I had never logged into it (XP offers to create a user account with administrator privileges at install-time). The Administrator account is also my system 'root', pardon my reliance on Unix jargon.
Dissapointed in myself, I quickly peeled the sticker off by disabling the two accounts. Maybe I can fix the vulnerability comprehensively by eliminating my dependence on Windows entirely.
Well, I didn't see the sticker. Not for a while. I read a very basic article on hacking by Roger Grimes at Infoworld. He talked about passwords sniffed from wireless networks. Their encryption broken in a matter of seconds. I thought it was too easy, it couldn't be. I had to try it myself. I hopped over to insecure.org downloaded Cain & Abel installed it and was ready to go. Cain is a sniffer + cracker. I had to see for myself.
It took me less than five minutes to sniff the traffic on my private network, send it to the cracker and launch a dictionary attack on the SMB traffic collected. I found two vulnerable accounts, "Administrator" and "Guest". Both accounts had *no* passwords. The Administrator account was especially worrisome - it never showed up under the account list in my XP control-panel. I never even knew it existed. I had never logged into it (XP offers to create a user account with administrator privileges at install-time). The Administrator account is also my system 'root', pardon my reliance on Unix jargon.
Dissapointed in myself, I quickly peeled the sticker off by disabling the two accounts. Maybe I can fix the vulnerability comprehensively by eliminating my dependence on Windows entirely.
posted by santosh at
11:39 PM
2 Comments:
I suggest we dissolve the amorous travesty of the continually bum -f**ked race of the personal computers by creating a digital aura of the 6th kind.
By
Anonymous, at 11:19 AM
wow really nice experience....
come to my blog when u have time...
By
pramod, at 5:13 AM
Post a Comment
<< Home