How to break into almost any Laptop (or pc) and gain admin

D.O.A.

These are great days we're living, bros
How to break into almost any Laptop (or pc) and gain admin

So anyway I acquired a business laptop that had some HP Protecttools crap on it with a fingerprint reader and other fancy stickers. HP Protecttools Password protected BIOS, stored in flash memory on the motherboard rather then the cmos, so the fucker wont reset by pulling the little round battery out. Flashing the bios required a password and a forced one could fry it, it's marketed as a 'secure' business laptop, it won't run Crysis. So anyway no boot from windows DVD either. Essentially a paperweight to the untrained eye :lulz:

Opened the fucker up, lol a SATA hard drive. 5 minutes later I plug it into a spare tower PC and boot from a linux live CD, Ubuntu does the job for me. You could use any OS though like xp and browse the files on the laptop drive, but my spare tower had no OS installed. So now I'm browsing the laptop drive from an operating system running off a DVD. Why is this hard drive not encrypted? First and last mistake of "business security". If it was encrypted then it's a paperweight harddrive. (and the entire lappy unless you have an EEPROM reader handy)

So off I go into the world of windows/system32/config and in there I find two files called sam and system, with no . extentions. These hold the encrypted passwords for windows. *evil laugh as I shut down the ubuntu OS*

I grab a CD with ophcrack on it and power the PC back on. Quick as fucking lightning I open the CD tray, fling ubuntu DVD version whatever animal out over my shoulder someplace, and I put the ophcrack CD in and I'm booting from the CD again. Fuck I'm feeling like a ninja now.

The CD does almost everything (you click a few no brainers) and it kinda looks like the matrix at some point so if you have friends over you'll look hella cool. Type while it does it and you'll look even cooler. Anyway the passwords just appear like digital magic and as long as it's not some ridiculous password you'd never remember (over 15 characters of uppercase and lowercase and symbol nonsense) you'll crack it. It breaks passwords using rainbow tables, which sounds kinda gay. Actually I thought that was the codeword for one of the props in the WWE or whatever they call themselves now, "Imma gonna throw you into the ropes and slam you through a rainbow table, I'll fake a hernia until you recover".



NT pwd is the users passwords.

So now I slot the laptop drive back into the laptop again and go back into starting windows in safe mode, F8F8F8F8F8F8F8F8F8 after startup, cool it worked. Logged in as administrator with the password. Open services.msc and disable anything with HP protect tools in it. Reboot windows and the fingerprint stuffs gone, I can log in as admin, add my own account and uninstall all the HP crap. Reboot. ESC. Enter the BIOS. My name is there so I can use my password and get in. Owned. I select "wipe the fucker like the hand of god and install a OEM flavour 64bit windows 7".

I see the windows 7 fingerprint reader. Cool. That looks like a secure way to secure my pc.

No wait. Moral of the story is encrypt your entire drive if you really want security. And "HP protecttools" are made of fail it seems. All this shit took me well under an hour, including decrypting the passwords and putting tiny little screws back in a laptop designed by some japanese midget to torture me.

You can put that crack CD in your own computer and boot from the CD and see how long it would take to guess your passwords as well. I doubt it would take long to get it.
 

D.O.A.

These are great days we're living, bros
well technically it was a dead laptop so I acquired it for almost nothing. How they acquired it was not my business. Maybe it's owner died, sold it, or owed drug dealers. Life's a mystery.
 

matahari

Star Fox 64
Anyway, congrats for breaking into it...now, how to break into a pretty neat cell phone that was acquired!?!
 

D.O.A.

These are great days we're living, bros
It's kinda the same deal, you need a file system exporer for whatever version/maker phone you have, and either do a bios flash or install the OS depending on the phone.

I did it with a sony ericson once, it was a bitch headache.
 

D.O.A.

These are great days we're living, bros
no wait lol that was for the unlock for different operators, removing the password wont be much different though I'd guess. Edit some file/enter some code
 

Frogger

4/ev/er Young
I used oph a lot. i found it very handy in workgroup enviroment as if a user forgot password..etc.

Now i dont find that much use for it since i work in a domain enviroment.


oh yeah, dont get caught with that at work....
 
Top