TECH Getting on administrator account without knowing password?

Status
Not open for further replies.

ssj4gogita4

Active Member
Oct 11, 2005
32,493
TX
We fired a guy a couple weeks ago for not doing his job on our website and he also worked on our computers. Which means he had access to administrator while the rest of us had access to a limited account.

My question is... is there anyway to get access to the administrator panel from limited account since no one knows the admin password? That way, he can't come back and mess with the computers.

I don't want to format anything. I want to see if I can get access any other way before asking boss to format.


Hopefully that makes sense :o
 
TS
TS
ssj4gogita4

ssj4gogita4

Active Member
Oct 11, 2005
32,493
TX
I'm the only guy there who actually knows what to do on a computer. Basically everyone else (except one or two) is horrible on computers.
 

Skankin'

We are Ginger. We do not forgive. We do not forget
Sep 3, 2007
7,287
I have used Backtrack 2 to do it before, but that requires at least a decent knowledge of Linux.
 

deusexaethera

OT Supporter
Jan 27, 2005
18,592
Sure it isn't chicken... :ugh:
Quite sure. Here's what you do: call the guy up and ask him for the admin password, as required by the terms of his employment (i.e. debriefing). If he doesn't want to give it to you, tell him he won't get his final paycheck until you're satisfied with his completion of the debriefing.

The problem with just explaining how to hack the admin account is that people can then do it in situations that aren't legit, either.
 

Hate Crime

Don't Hate
OT Supporter
Mar 12, 2006
5,236
Minnesota
Quite sure. Here's what you do: call the guy up and ask him for the admin password, as required by the terms of his employment (i.e. debriefing). If he doesn't want to give it to you, tell him he won't get his final paycheck until you're satisfied with his completion of the debriefing.

The problem with just explaining how to hack the admin account is that people can then do it in situations that aren't legit, either.
Final paycheck after asking for more work? I wouldn't be surprised if he didn't ask for his paycheck when he was told not to come back... You can't have it both ways.
 
TS
TS
ssj4gogita4

ssj4gogita4

Active Member
Oct 11, 2005
32,493
TX
Quite sure. Here's what you do: call the guy up and ask him for the admin password, as required by the terms of his employment (i.e. debriefing). If he doesn't want to give it to you, tell him he won't get his final paycheck until you're satisfied with his completion of the debriefing.

The problem with just explaining how to hack the admin account is that people can then do it in situations that aren't legit, either.
The problem is we were actually paying him for his son to go to school. No paycheck really
 

deusexaethera

OT Supporter
Jan 27, 2005
18,592
Final paycheck after asking for more work? I wouldn't be surprised if he didn't ask for his paycheck when he was told not to come back... You can't have it both ways.
You're not asking for more work. You're reclaiming company property from him -- intellectual property, in this case.
 

GreyRS

Your ignorance cramps my conversation.
Jun 8, 2000
1,863
FL
PCLoginNow is free and easy to use. Look on download.com
 

deusexaethera

OT Supporter
Jan 27, 2005
18,592
Has it ever occurred to you people that there's a reason some answers are hard to find? Maybe it would be better if they had paid some freelancer $500 to come in and spend all of 5 minutes unlocking the admin accounts on those machines, just to make sure that every two-bit cracker on the web wouldn't be able to find the answer on Google by searching for the title of this thread.

Next time, send info like this in a PM.
 

mobbarley

Active Member
Mar 4, 2005
9,177
Sydney
Has it ever occurred to you people that there's a reason some answers are hard to find? Maybe it would be better if they had paid some freelancer $500 to come in and spend all of 5 minutes unlocking the admin accounts on those machines, just to make sure that every two-bit cracker on the web wouldn't be able to find the answer on Google by searching for the title of this thread.

Next time, send info like this in a PM.

:rofl: are you kidding?
 

Rumbaar

Inherent Omniscience
OT Supporter
Sep 17, 2007
24,932
Melbourne, Australia
Has it ever occurred to you people that there's a reason some answers are hard to find? Maybe it would be better if they had paid some freelancer $500 to come in and spend all of 5 minutes unlocking the admin accounts on those machines, just to make sure that every two-bit cracker on the web wouldn't be able to find the answer on Google by searching for the title of this thread.

Next time, send info like this in a PM.
Security by obscurity is not security at all! If people are in ignorant bliss that a solution is 'harder' to find it will keep their information secure then they deserve to find out the hard way!
 

deusexaethera

OT Supporter
Jan 27, 2005
18,592
You didn't get the memo? Security by obscurity is the way to go. :hsugh:
Security is security; it doesn't matter how you get there. Either that, or you should give the NSA a good talking to, those silly bastards and their "secrets".

The problem with this is that it's an inherently insecure operation. Boot up a computer with a special boot disk and the administrator password gets wiped? There's no way to defend against that, short of posting an armed guard next to your computer at all times. Keeping something like that a secret is the only way to make sure everybody and their second cousin doesn't try it -- especially if they're in college.

Also, can someone explain to me why this thread never got locked for discussing how to bypass security?
 

trouphaz

New Member
Sep 22, 2003
2,647
Security is security; it doesn't matter how you get there. Either that, or you should give the NSA a good talking to, those silly bastards and their "secrets".

The problem with this is that it's an inherently insecure operation. Boot up a computer with a special boot disk and the administrator password gets wiped? There's no way to defend against that, short of posting an armed guard next to your computer at all times. Keeping something like that a secret is the only way to make sure everybody and their second cousin doesn't try it -- especially if they're in college.

Also, can someone explain to me why this thread never got locked for discussing how to bypass security?

i'm all for the thread being locked, but i pretty much disagree with everything else. if a system is important, then it should be protected in every way. that means it should be protected across a network, from a local console and from physical intrusion. the reason for providing a way to hack an administrative password is because they sometimes get lost, sometimes a person gets fired and you can't get it back, sometimes someone forgets it, people die, get hit by cars, etc.... so, by physically securing your system, you should be certain that anyone who does have access to break into the system is doing so with full permission.

oh, and security through obscurity is not security at all. it is ignorance because there is someone else who certainly knows more than you that will figure out anything that you do to simply hide your security flaws.
 
TS
TS
ssj4gogita4

ssj4gogita4

Active Member
Oct 11, 2005
32,493
TX
I don't know the first thing about hacking. I'm just trying to help my boss and the other employees. :|
 
Status
Not open for further replies.

Users who are viewing this thread

About Us

  • Please do not post anything that violates any Local, State, Federal or International Laws. Your privacy is protected. You have the right to be forgotten. Site funded by advertising, link monetization and member support.
OT v15.8.1 Copyright © 2000-2022 Offtopic.com
Served by fu.offtopic.com

Online statistics

Members online
465
Guests online
61
Total visitors
526

Forum statistics

Threads
369,463
Messages
16,885,624
Members
86,873
Latest member
vitalesan