Soldato
- Joined
- 28 Nov 2004
- Posts
- 16,024
- Location
- 9th Inner Circle
Stuff like LogMeIn runs over port 80/443 so should only show as web traffic. Still easy for it bods to spot though.
Last edited:
Work tracking internet history?
- Thread starter Sleeve
- Start date
Stuff like LogMeIn runs over port 80/443 so should only show as web traffic. Still easy for it bods to spot though.
I assume that would require the user to be able to boot from a CD/USB? Most of our workstations don't have a CD drive, but I guess they could reset the BIOS using the CMOS jumper and then boot to a USB drive with BartPE. I shall do some testing
While this works in theory surely once they log back onto the network your GPO will revert the admin group back to what it should be?
and then shove any monitoring software removed straight back on again?
i get the impression some of these home-brew geeks dont really understand the way things are done in the big wide world
Can you detail which methods / tool is used to retrieve the local admin password please , this would be really handy for me
Do a google, it's not difficult to find.
Thanks for the help , but I was kinda hoping the guy who posted he has retrieved windows passwords would reply , with his method
Reseting a password is easy , extracting / retrieving one I have yet to see a method that actually does this correctly.
We know enough thst doing thid like that is swapping a slap on the wrist for gross misconduct and immediate dismissal.
"And why did you leave your previous position Mr Derpster?"
"Oh I was caught compromising the security of the IT systems hoping to hide my skiving"
Soldato
- Joined
- 19 Dec 2006
- Posts
- 9,262
- Location
- Saudi Arabia né Donegal
I usually use OPH crack to retrieve passwords when relatives lock themselves out but it's trivially easy to reset passwords and even create a new admin account on a Windows PC, generally all you need is a live distro of your favourite Linux. The sticky keys trick works well on Win Vista/7 for example.
The information generally crops up on all the standard sites, I'm fairly certain howtogeek.com and lifehacker both ran articles on how to do all this.
You shouldn't though and I can pretty much guarantee that if your IT department are worth their salt they'll spot it pretty quickly and you'll be in quite a bit of trouble.
Soldato
- Joined
- 8 Mar 2007
- Posts
- 10,938
I assume that would require the user to be able to boot from a CD/USB? Most of our workstations don't have a CD drive, but I guess they could reset the BIOS using the CMOS jumper and then boot to a USB drive with BartPE. I shall do some testing
Yes that does need doing occasionally as well. You need to enter BIOS and change your primary boot device, if it's passworded just remove the CMOS battery for a bit (the machines at my work have handy easy clips to open them too)
Soldato
- Joined
- 8 Mar 2007
- Posts
- 10,938
There are two admin groups, the netwrok one which you cannot change without hacking the network and the local Windows one which has nothing to do with the network login. It is the latter I am changing.
I dunno if a GPO could be written to check and change the local account settings (wouldn't this in itself be a security flaw in Windows?) but it's never happened on the numerous PCs I've done this on at several major companies.
No I understand perfectly, IT departments spend all say fixing printers and setting up new logins. They aren't wasting their time investigating the users or implementing protection against very rare 'threats'.
As I said above, I have done this "in the big wild world" and never been told off or 'caught'.
Haven't done this for ages now so can't remember the exact tool name but I'll try and dig out the old CD I made (if I can find it). I do remember though that the password extractor only worked if the admin password is less than 14 characters (past 14 Windows uses a different method for storing it), luckily in my case the password was less and the same for every machine in our building.
Soldato
- Joined
- 8 Mar 2007
- Posts
- 10,938
If a company fired me for that they would be stupid.
Every single time I've had to 'gain' an admin account is is always because the IT department were talking far too long to fix something I could do in a few minutes.
What would rather have? Submit a "support call" which can take days to look at and the finally answer, or a bloke in your office who you can just call over and get it fixed there and then?
I have never gained an admin account for any negative reason against a company.
Call me arrogant but I only see the need to restrict account access because you don't want non-computer literate people pressing the wrong button but that doesn't apply to me.
There is too much wrong with this post to pick it apart but most of what you say above is incorrect.
Soldato
- Joined
- 19 Dec 2006
- Posts
- 9,262
- Location
- Saudi Arabia né Donegal
I'd say it applies moreso to you than the less computer literate in the office as you're the one more likely to screw something up resulting in a support ticket
Soldato
- Joined
- 8 Mar 2007
- Posts
- 10,938
I'd say it applies moreso to you than the less computer literate in the office as you're the one more likely to screw something up resulting in a support ticket
As I said, I save our IT department FAR more time than they ever appreciate. I answer 80% of the support calls in my building for them.
The times are gone when the only people who knew how the systems worked was the bods in IT. Nowadays, I find a lot of IT department are run by oldies who haven't learned anything new since Windows NT came out whilst your standard 20 year old data entry clerk knows a PC inside out and better than the guys in IT.
Soldato
- Joined
- 8 Mar 2007
- Posts
- 10,938
Well maybe you work for some over zealous Big Brother style IT department. As I keep saying, none of the major companies I've worked for have had one of these yet.
Non complaint with what?