If you're trying to break into a Windows
computer—whether you've forgotten your password or are hatching a more
sinister plan—you have quite a few options. Here's how to do it, and how
to keep your own computer protected.
This classic post has been republished is part of our Evil Week
series at Lifehacker, where we look at the dark side of getting things
done. Knowing evil means knowing how to beat it, so you can use your
sinister powers for good. Want more? Check out our evil week tag page.
There are a few methods to breaking into a computer, each with their
own strengths and weaknesses. Here, we'll go through three of the best
and most common methods, and nail down their shortcomings so you know
which one to use—and how to exploit their weaknesses to keep your own
computer secure.
The Lazy Method: Get at the Files with a Linux Live CD
If you don't need access to the OS itself, just a few files, you don't
need to go through much trouble at all. You can grab any Linux live CD
and just drag-and drop files onto a USB hard drive, as you would in any
other OS.
How It Works: Just download the live .iso file for any Linux distribution (like the ever-popular Ubuntu)
and burn it to CD. Stick it in the computer you want to access and boot
up from that CD. Pick "Try Ubuntu" when it comes up with the first
menu, and it should take you right into a desktop environment. From
here, you can access most of the hard drive just by going to the Places
menu in the menu bar and choosing the Windows drive. It should see any
NTFS drives just fine.
Note that depending on the permissions of some files, you might need
root access. If you're having trouble viewing or copying some files,
open up a terminal window (by going to Applications > Accessories
> Terminal) and type in
sudo nautilus, leaving the password blank when prompted. You should now have access to everything.
How to Beat It: This method can give you access to the
file system, but its main weakness is that the malicious user still
can't access any encrypted files, even when using
sudo. So, if the owner of the computer (or you) has encrypted their files (or encrypted the entire OS with Truecrypt or BitLocker ), you won't get very far.Break Into Windows, Method One: Clear the Password with the Trinity Rescue Kit
If you need access to the operating system itself, the Linux-based
Trinity Rescue CD is a good option for breaking in. You'll need to do a
bit of command line work, but as long as you follow the instructions
closely you should be fine.
How It Works: Just download the ISO file from the Trinity Rescue web site and burn it to disc. Boot from the disc
and wait for everything to load. When you get to the main menu, choose
the "Windows Password Resetting" option, and go to "Interactive
Winpass."
Next, just follow the onscreen instructions. Choose the partition you
want to edit, select "Edit User Data and Passwords," type in the name of
the user you want to edit, and choose option 1: "Clear (Blank) User
Password" (option 2 did not work for me). When you're done, you can type
an exclamation point (!) to quit that menu, then press q to quit the
Winpass menu. Restart your computer and you should be able to enter
Windows password-free.
How to Beat It: Once again, the weakness of this
method is that it still can't beat encryption. Wiping the password will
disallow you access to those encrypted files, which, if the user has encrypted their entire OS with TrueCrypt or BitLocker,
makes this method pretty useless. If they've only encrypted a few
files, though, you'll still be able to access all the unencrypted stuff
without a problem. This method also doesn't work with Windows 8 PCs that
use Microsoft accounts to log in, though it will work on local
accounts.
Break Into Windows, Method Two: Crack the Password with Ophcrack
Where the other methods are vulnerable to encryption, this method will
give you full access to everything the user can access, including
encrypted files, since this method relies on finding out the user's
password instead of bypassing it. It also works on Windows 8 computers
even if the user in question authenticates with a Microsoft account.
How It Works: All you need to do is download and burn the Ophcrack Live CD
(use the Vista version if you're cracking a Windows 7 or 8 PC) and boot
from it on your computer. It'll take a little bit of time to boot, but
eventually it will bring you to a desktop environment and start
attempting to crack passwords (if it doesn't, try choosing "Text Mode"
from the original menu). This may take a while. You'll see the passwords
pop up in the top pane of the window, though, when it finds them (or,
if it doesn't find them, it'll notify you). You can then reboot and log
in to Windows using those passwords.
How to Beat It: Ophcrack uses Rainbow Tables to crack the password directly. So, while this method works on encrypted OSes, it can't crack every password out there. To increase your chance of having an uncrackable password, use something complicated and greater than 14 characters. The stronger your password, the less likely Ophcrack will be able to figure it out.
There are a lot of methods to break into a Windows computer (in fact, we've featured some of them before),
but these are a few of the best and most widely useful. Try it for
yourself on your own machine—you'll be shocked at how easy it is for
someone to get into your machine. The takeaway? Encrypt your data and
use a long, strong password if you want to keep yourself protected, or
you could be vulnerable to the above tricks.
No comments:
Post a Comment