Compromise Security with XP Install

C

cruiser78

Me
Joined
5 Jul 2002
Messages
235
I was just thinking today that you can install XP (or do a repair install) overtop of the current install W/O having to give an admin password to veryify that it's ok for the install to happen.
If you have XP Pro and use the security features to set permissions for directories, files, etc. and one of your users who wasn't an admin wanted to access a folder, etc that you denied access to then if they got their hands on your XP cd, they could reinstall (repair install) XP and make a new admin account (or use the Administrator account) to get at the folder, etc.
I know that when your an admin and another admin denys access to a folder you can change it... I was playing around with my music folder and somehow locked my login from the folder... so since my account is an admin account I just reset myself as the owner and I could access it again... so if you have your protected data on another partition or drive they could do the same thing after reinstalling (repair installing) XP.

Or they could just decide to trash the computer by doing a clean install and then delete the rest of it from your other partitions. :D

Personally I think that if you want to try to install overtop of a current install... or repair it... that you should have to give the password for the Administrator account. That would make it a lot more secure.
 
you got a good point there, but there are so many ways to by-pass the password wihout reinstalling. :rolleyes: :blink:
 
but there are so many ways to by-pass the password wihout reinstalling.
Click to expand...

I don't know if agree with you on that... I'm just talking about XP here... and if you give everyone else who uses your computer "User" rights then they can't do much to change it... they can't even abort a system shutdown scheduled by an admin using shutdown.exe... (I just tried that to see if they could :))... and they can't change their access rights with only "User" privileges. So if the admin denies them access to a folder, etc. then they can't really do anything to get at it unless they reinstall XP... which they can do w/o a password.
Or if the admin is dope, they can do the Kevin Mitnik thing and get the admin to tell them the password one way or another :D:p
 
you can change the password with a program on a linux bootdisk. I know it works tested it at school :):rolleyes: :p
 
ahhh... i see... that's good to know. i didn't know that till now :)
but still... the average user won't be able to get by a password w/o reinstalling...
can you send me the bootdisk w/ that program? or upload somewhere so that I can download it? I'd be interested in checking that program out.
thanks
 
You must log in or register to reply here.

Members online

No members online now.
Total: 325 (members: 0, guests: 325)

Latest forum posts

Affiliates

lunarsoft.net techzonez.com

- Contact us to trade links -

OSNN OSNN NTFS XP-erience

Latest profile posts

Steevo
Steevo
Also Hi EP and people. I found this place again while looking through a oooollllllldddd backup. I have filled over 10TB and was looking at my collection of antiques. Any bids on the 500Mhz Win 95 fix?
•••
Steevo
Steevo
Any of the SP crew still out there?
•••
Xie
Xie wrote on Electronic Punk's profile.
Impressed you have kept this alive this long EP! So many sites have come and gone. :(

Just did some crude math and I apparently joined almost 18yrs ago, how is that possible???
•••
N
Nismo83
hello peeps... is been some time since i last came here.
•••
Electronic Punk
Electronic Punk wrote on Sazar's profile.
Rest in peace my friend, been trying to find you and finally did in the worst way imaginable.
•••

Forum statistics

Threads
62,015
Messages
673,495
Members
5,625
Latest member
vinit
Back