This is frightening for many reasons.But it’s not you who should be scared. We’ll get you into the computer quite easily. It’s the previous owner who should be concerned because it’s clear that they didn’t take a few important steps before giving away their computer.You still need to tread very, very carefully. I’ll explain why.Seller bewareThe problem for the original owner is simply this: they’ve given (or sold) the computer and all of the data on it.How do I know this? Because it still boots into Windows. It’s clear that they did not take the extra step of securely deleting all of the data on the hard drive prior to giving it away. We hear stories all the time of second-hand computers that are sold, or even discarded, only to find that there’s a tremendous amount of sensitive, personal data still on the machine.They may think that they’ve deleted the files that they care about, but as I’ve discussed in many articles in the past, there are often sensitive remnants in other places, and even deleted data can sometimes be recovered. Even deleted data can sometimes be recovered.So lesson #1 is for whomever sold the computer in the first place: securely erase your data, or you run the risk of the computer’s new owner getting access to all of it.Buyer bewareDo you know what you have?I mean, do you really know what you have?How do you know that the machine that you just received isn’t chock-full of?
The passwords were stored using a long-deprecated scrambling algorithm, making them easily cracked. It didn’t take long for After account hacks, Twitch streamers take security into their. I get the password reset and log in to your account, which I control. Now I own your checking account as well as your email. 'we'll send you a notification and tell you to change your password.
For all you know, there are viruses, trojans, and on that machine that are just waiting for you to do something – connect up to your local, share files with other machines, or log in to your bank account. They’re waiting for the opportunity to propagate, compromise accounts, and just generally cause trouble.I’m not saying that this is the case.I am saying that you can’t know that it’s not. You have no idea how safety-smart the previous owner of that computer may or may not have been.You have no idea what’s on that machine. You don’t know what you have not really.So lesson #2 is for you, the person acquiring a second-hand machine by whatever means: reformat and reinstall Windows from scratch. It’s the only way to be certain that you know what is – and perhaps more importantly what is not – on that machine.
Getting access to the machineThe right way is simply not to try. Get a Windows install disk – perhaps one even came with the machine – and reformat and reinstall Windows from scratch.It’s the “right” way for two reasons:. You’re not even going to try to access or recover the previous owner’s data. More importantly, you’re not going to suffer from any infections or malware left behind by the previous owner.That person didn’t know enough to securely erase their data, so what faith do you have that the machine isn’t loaded with viruses and malware? Reformat and reinstall really is the right thing to do.People are curious or “adventuresome” (perhaps a synonym for foolhardy?) and want to run or see what’s on the existing – perhaps (hopefully) before they reformat and reinstall.Fair enough.As it turns out, it’s very easy to gain access by downloading a password reset tool, burning it to CD, and booting from that CD. I’ve covered it in a previous article:As I’ve also said before, if you have physical access to a machine, then it is not secure. That works in your favor here, as you can quickly into this password-reset tool and reset the administrator password to the machine.And you’re in.Just be sensitive to the data that you might find there.
Know that you may very well be dealing with malware or other security issues that you may not be able to see or recover from. Related Posts- Windows includes a little-known and little-used feature that allows you to reset your Windows password if you've lost or forgotten it. There's only one catch: you need to prepare.- Some malware goes to great lengths to prevent you from downloading, running, or applying a fix.
I'll tell you what steps to take.- With occasional security breaches at service providers and rampant email account theft, password security has never been more important. Make sure you choose and use secure passwords.- To reformat and reinstall is considered the 'nuclear option' when it comes to dealing with Windows problems (or just cleaning up).Footnotes & references: It didn’t come with disks?
Or you don’t have a product key? Then it’s very likely that transferring that copy of Windows to someone else may also be illegal. The only correct solution is to get the original installation disks and product key (making sure that it’s not used on other machines), or purchase a new copy.Posted: December 8, 2013in:This is an update to an article originally posted April 4, 2009Shortlink:Tagged. New Here?Let me suggest my to get you started.Of course I strongly recommend you - there's a ton of information just waiting for you.Finally, if you just can't find what you're looking for,!
Confident ComputingConfident Computing is the weekly newsletter from Ask Leo! Each week I give you tools, tips, tricks, answers, and solutions to help you navigate today’s complex world of technology and do so in a way that protects your privacy, your time, and your money, and even help you better connect with the people around you. There is one more easy way to get in without using any special access software.Microsoft in its infinite wisdom does not set the password for the administrator account when it is installed. It just hides this account from general access. But then provides an easy way to access it. In fact two ways. If the seller of that computer is naive enough to leave the data on the disk, it is likely that he/she has not set this most important password.
Take a chance on this one, after fully understanding the risks involved in accessing the system.1. Boot in safe mode. That shows the Administrator account along with the other user account.
And you are in.2. Another way to get to the Administrator account is: Log off from the regular account and get to the log-on screen that lists all users. Here enter the keys ctrl-alt-del twice. A logon dialog pops up. Enter Administrator as username, no password and you are in.Of course if this password is set, then the utility Leo mentions does the trick. There is one very good reason to be able to access the administrator account on a used computer, depending on the rights have been set for other user accounts on the machine. You may need to recover the install key for Windows and other installed software from that computer before doing a clean install by first installing and using a key-finder utility like “Magical Jelly Bean Finder.” If the ability to install software on the computer has been restricted to the administrator account, then access to that account will be necessary to accomplish this task.
Intresting.they all do workbut not in all casesso give this a try.1.google.and searche for ophcrack live cd.burn itand log in to it.and just exitwhile exitingall admin passwords and names will pop out ? very easy and no swette.2. That is a bit trickybut nice.but also require some command knowleges.so what to do:while ur in the user(not admin)locate the screen saver path and copy there the cmd.exe (command promp) and set it up!!!! Well its not that simple but u can make itafter that rebootand dnt loggin just wait for the screen saver(replaced by command prompt).and start surfing with admin priv.gd luck.;).
The “right way” is the safest way – I mean what would you do if the PC had a key logger or FBI-arrest-and-jail-you-forever porn still on it? During a “right way” reinstall you will probably need the Windows Product Key – if there’s no Genuine Label on the PC (its on the case, right?) then run Produkey or Magical Jelly Bean to get the in-use key for the re-installation. Good Luck and buy your boyfriend a beer to do the installation!Now that we’ve said that you can skip a lot of trouble by doing a “right way” disk wipe and then installing Knoppix on your laptop (which is free of legal encumbrances and has lots of the newest drivers) and is much faster on startup. Or use an Ubuntu Live CD if its a plain pc! Yay Free Software!.
I’ve used the Magic Jelly Bean Key Finder method and then a clean install. That’s the cleanest method. Using a computer that’s been running for a few years is bound to run slower than a freshly installed system.On the other hand, it’s possible that the computer you bought has other useful software that you might lose with a fresh install (the Jelly Bean also gives you the MS Office S/N).One thing that works on 95% of older XP systems: At the log-in window his ctr-alt-del twice.
A log in dialog will come up instead of log-in icons. Enter Administrator as the user name with no password. Ive gotten into dozens of computers that way. Vista and XP SP2 and above fixed this bug. I tried the ctl alt delete no password and still can’t get in.
This is my own computer I have used for years. I believe I was hacked. I cut off my Internet due to receiving hundreds of emails daily mostly of naked women which led back to a dating site. My resume is on the computer and Im out of work and a divorce cleaned me out. Anybodys help appreciated. I can get to safe mode and to to the screen showing the Administrator and one other account.
Forgot the passwords. I think someone was accessing my info and took over administrator role. I bought a new router and it came with a “easy to install” setup with a disk. I go to put in the disk and it ask for administrator password which only my step-mother knows.
She won’t put in the password, nor tell me so i can install the new router. (she believes its going to have have viruses and such on the disk)Although i showed her its directly from the company.
Is there any way i could bypass the Administrator password so i could install this disk to get this router all setup without resetting the computer to factory defaults?. I still haven’t seen an answer to the CMOS/BIOS admin password vs the “windows” admin password in the OS.
I just bought a 2nd hand “refurbished” laptop (Dell e5400 64 bit win 7 pro) on Ebay that has the BIOS locked out with that CMOS administrator password. How can I reinstall Windows if I can’t even change the boot order to boot from CD? Even if I were to be able to F2 or F12 (boot to dvd) during the process, the BIOS admin would still be password protected. I flashed the BIOS, no go.
I tried the dogbert algorithm thing but entering a bad password 3 times doesn’t give me a hash code to use so nothing to plug into Python. Do I just dig into it and solder in a new preprogrammed BIOS chip ($20 on ebay but.)? If I’m opening it up already to remove / unplug the cmos battery I might as well.
This seems drastic. Dell support doesn’t seem to want to help since I’m not the original owner and I don’t know who was.
First, the BIOS password is completely unrelated to Windows. COMPLETELY unrelated.Second, only Dell can help you. If a BIOS has a password, then it has a password. Either you need to live with how its configured (which you obviously cannot), or Dell or someone has to tell you how to bypass the password – which completely negates the value of the protection that the password provides. In some cases there are hardware reset switched, but again, this is something specific to the machine and only Dell can help. You may get lucky if you search for your specific model number and “BIOS password reset”, but there are no guarantees. Not being lawyers, we don’t have an information as to the legality.
You’d need to consult a lawyer about that, but as the article recommends, the safest thing is to wipe the drive and start from scratch. If the computer was used for illegal activity, there’s always the possibility the previous owners would have hidden the files in a difficult to find folder, so a simple inspection might not reveal it.
If you don’t have a licensed version of Windows to use, Linux Mint is great for reviving older machines. I don’t understand a lot of what is being said, but I bought a used computer from someone on offer up who first said his name was Ben then Jerry when I met him, he sold me the computer and my bf who knows nothing about computers tried putting windows on it free from a download he found online, I don’t believe it was really ever activated because last time I used it I wanted windows 10 so we went and bought it, installed it but it wouldn’t activate without an admin key. It says it’s running Windows 10 pro but it also says windows not activated. When I got to control panel it says it’s part of a workgroup. Idk what to do because if it’s stollen won’t they not return it to me if I take it to get fixed and I’m out the $500? I have been using it all this time with my email and everything in some workgroup under an admin ughwhy I tried to activate windows 10 that I thought my bf had already installed successfully is because I went to do the tutorial for speech recognition and it wouldn’t show up. How do I just wipe everything and start fresh?
Can I just get a new hard drive? How do I make sure I am safe? Why are computers so confusing?. Ty for your reply.but we did buy windows at the store, windows 10 home/pro, he installed it, but it did not ask for the new license key he assumed it was working and gave it to me to use. Later on, like two weeks later, I was on it and asked him to help me with the speech recognition and it was then he noticed it said windows not activated. He tried activating it with the new key it didn’t work and so he tried a bunch of things he doesn’t remember, including downloading something from a forum that claimed to help a bunch of people as soon as he downloaded it he got the blue screen of death, which somehow he got out of. But the result is nothing is working.
The desktop image is changed to this message: encrypted by gandorab 5.0.4 dear user your files are under strong protection by our software in order to restore you must buy decryptor. (He just told me that part, wow) start rarely works.what do I do? All my stuff that is on the computer is now at risk? Should I get a new hard drive? Even before he downloaded whatever the hell this is it still wouldn’t accept the new license key.ty so much for the help, I need computer lessons. That “message: encrypted by gandcrab 5.0.4 ” message sounds like the computer has been infected with ransomware. The only way to recover from ransomware is to restore from a backup taken before the computer was infected.
A fresh install of Windows and all of your programs would also remove the malware but you’d need a backup to be able to recover your data. This is just a guess but it might be that the program you downloaded to activate Windows was a Trojan horse which installed the Gandcrab ransomware.
I bought a new hard drive and I still have the copy of windows I purchased from the store.I can’t seem to access my email that was attached to the computer. When I try to access from my phone using data and the browser it says it’s no longer private, using the app it just keeps timing out right after I type in my password.
My wifi is not working and the Xfinity account is linked to that email and I am really hoping some of this is just coincidence. So now that I have a new hard drive and the purchased copy of windows, I should be all set as far as the computer right? I’m really hoping to get more answers on the email thing, I just messaged microsoft.
Before commenting please:. Read the article. Comment on the article. No personal information. No spam.Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.I want comments to be valuable for everyone, including those who come later and take the time to read.Comment Name Email.
In this how-to, I will be demonstrating a few of the tactical applications of, the hidden gem of the Aircrack-ng suite of Wi-Fi hacking tools. When run with a wireless network adapter capable of packet injection, Besside-ng can harvest WPA handshakes from any network with an active user — and crack WEP passwords outright.
Unlike many tools, it requires no special dependencies and can be run via SSH, making it easy to deploy remotely.The man page for Besside-ng. Besside-ng is, in my opinion, one of the most powerful Wi-Fi hacking tools currently available. First written in 2010 in C, Besside-ng is an incredibly aggressive and persistent WPA handshake mass-harvester and WEP cracker. It features customizable options to upload handshakes to distributed WPA password crackers which, on average, crack over 18% of networks submitted automatically.
Sound Simple? Let’s Look at How It WorksEncrypted Wi-Fi networks come in two main flavors, WEP and WPA.While WEP can be broken easily, WPA and WPA2 networks require us to record a “handshake” when a device connects to the target network, and then try to guess the password by having a program try many possible passwords against that recorded handshake. If we guess the correct password, we’ll know, so having a good password list and a fast processor used to be essential to cracking WPA networks.In 2018, we have more options. To save time, we can submit these handshakes to a distributed cracking service or a more powerful machine, which will automatically try all of the world’s most common and shitty passwords for us.
Since many people choose bad passwords, we will get back around 10–20% of our recorded handshakes networks with cracked passwords.In order to record a precious handshake from a W-Fi network, an authorized device like the target’s smartphone or laptop must connect to the network. Besside-ng scans the airwaves for any devices connected to a Wi-Fi network, and then injects a packet that disconnects the device from that network for a very short period of time.How a deauth attack works to harvest WPA keys.The targeted device will reconnect automatically, and we will record the handshake when it does. It’s terrifyingly easy, and during peak activity hours in a high-density area, Besside-ng can harvest every Wi-Fi network in use within the range of your antenna. Keep in mind, if your target has an always-connected smart device, you can pretty much always grab a handshake for their network.
Why a 2010 Tool Is Still Powerful in 2017Since 2010, some major changes have made Besside-ng relevant again. Small, cheap computers like the Raspberry Pi Zero W and the Raspberry Pi 3 feature the ability to add powerful network adapters in addition to its internal Wi-Fi card, all while keeping the cost below $70 to run a remote headless attack suite.A variety of Besside-ng-capable builds.So what kind of applications can we use Besside-ng for today? Cheap CyberweaponsCheap, “fire-and-forget” cyberweapons, designed to harvest and crack WPA networks in a given area and then be discarded, are small and light enough to be left in an Altoids tin in the trash, dropped by a small drone on a roof, or tossed over a fence by hand. The same devices can also be used to deliberately jam or attempt to exploit the router of any nearby Wi-Fi network with a bad password.An attacker would only need a directional antenna aimed at the rogue device to communicate with and control it. The rapid way in which Besside-ng builds a list of available Wi-Fi connections to switch between allows a rogue device to develop a “beachhead” into the neighboring wireless environment. This doubles as a list of exploitable routers to pivot through once the WPA password is cracked.
Once a rogue device is in place and cracks a few reliable networks, the hacker is free to go home and control the device via a reverse shell.A long-range, directional WPA harvester designed for scanning the upper stories of high-rise buildings. Anonymous Internet Setup Through Piggybacking Nearby NetworksEmergency setup of workstations when rapidly shifting locations can be aided by using Besside-ng to acquire several connection options in under an hour. A small team needing to rapidly set up an internet-connected forward operating position in an opportunistic workspace (like working out of a garage or public space) can piggyback off existing nearby infrastructure to reduce their footprint.While it’s easy to get access, it is critical to properly use Tor or VPNs, and spin the MAC address of any devices used each time they connect to such a network. If you need a network — any network — to get working, this is your program.
This technique can also be used to quickly set up an environment for rogue devices to operate in, allow for a LAN dead drop between two users over a privately owned network, or impersonate users of nearby networks to mask activity.Two Besside-ng sessions running in parallel to gain internet access for this workstation. This Kali box will set itself up, after initially being tethered while it cracks its first networks. Electronic Surveillance Through Router RootkittingSetup of or other “flytrap-like” methods of electronic surveillance are a great way to avoid having to drop an evil Pi from a drone — or even be anywhere near your target after the initial exploit.The opportunistic nature of Besside-ng allows it to build up a steady list of routers for a hacker to attempt to exploit, and once a router is successfully compromised, custom router firmware can convert a nearby neighbor’s router into a device to spy on a third party’s Wi-Fi usage or forward interesting packets. Criminals hackers even leave behind VPN endpoints in exploited routers to provide cover for committing crimes, framing the target, or charging other criminals to use the VPN network.Besside-ng run on a headless Raspberry Pi. An Operation with Besside-NgTo show off some of the techniques above, we’ll go over an applied scenario of using Besside-ng.
However, you can follow this guide on any Kali Linux device or virtual machine.Today, our training mission will be to provide Wi-Fi coverage to support an operation in a targeted building. Doing so allows the placement and operation of a small improvised rogue device called a Buck-Eye, a Kali Linux based Wi-Fi connected surveillance camera running on a Raspberry Pi Zero W. Placing a device like this allows us to do useful things like conduct visual and electronic surveillance of an area, extend VoIP coverage to areas where cellular coverage may be blocked, pivot deeper into targeted systems, and perform other helpful functions.In order to be controlled, the device must be connected to a Wi-Fi network. After it is placed, you can control it from your long range connection until you can migrate it to a nearby cracked network. We’ll be running Besside-ng via SSH on the Buck-Eye in this way once it is placed to grab a nearby network password.The Buck-Eye is a little rogue device that runs Kali Linux on a Pi Zero W to create an offensive spy package capable of cracking its own networks. So named because it provides an eye on the target without costing many bucks. Since our Buck-Eye runs Kali Linux, Besside-ng can ensure tactical network availability by scanning for and helping to build a list of backdoor Wi-Fi connections to spider through to ensure survivability in the event a primary Wi-Fi connection goes down.Besside-ng runs on Kali Linux and is particularly effective on the Raspberry Pi 3 or Pi Zero W.
You’ll need the Aircrack-ng suite to run the attack, and your Kali Linux should be updated all the via running apt-get update. I’ll be using a Raspberry Pi running Kali Linux. What You’ll Need to Get StartedBesside-ng will work on any Kali Linux system, but here are a few builds we recommend:. On a Raspberry Pi 3 running Kali Linux, directly or via SSH. On a Raspberry Pi Zero W running Kali Linux. On a virtual machine running Kali Linux.
On a live USB or other temporary install of Kali Linux.A Raspberry Pi Zero W setup supporting long-range WPA handshake harvesting. Our Kali Linux build is the easiest way to get started. For hardware, the only real requirement is a wireless network adapter capable of packet injection.It should be noted that our testing has found bugs when using the Atheros AR9271 chipset. Step 1Verify You Have the Aircrack-ng SuiteIn our demonstration today, I will be connected to our Raspberry Pi build running Kali Linux via SSH, but this will work the same on any Kali install.
First, let’s make sure we have the Aircrack-ng suite updated. Type man aircrack-ng to check if it already exists on the system. If not, or if we want to make sure it’s updated, let’s run the following command.apt-get install aircrack-ngOnce we confirm we have the suite and it’s updated, we can proceed with the attack.
Step 2Identify Attack Antenna & Let It RipOn Kali Linux, you can type iwconfig to see a list of available antennas. If you are connecting to your Kali Linux device remotely via SSH or VNC, now is a great time to note which antenna is hosting your data connection (the one with the IP address assigned).Starting Besside-ng on the wrong antenna will instantly sever your remote connection and lock you out of the device until you restart if you are connected via SSH.
Here we see my attack antenna is idle while my command and control antenna is attached to a network.If you are not on Kali, you can run ifconfig to see attached antennas and look for “wlan” to spot the wireless antennas. In this case, wlan1 is my attack antenna.
Step 3:Configure Your Attack & Let’s RideBesside-ng is dead simple. With the attack antenna known as wlan1, simply type the following to initiate a wide-area attack against all detected APs. While it helps to put an adapter in monitor mode, Besside-ng will take care of that.besside-ng wlan1Shit will proceed to hit the fan, with the script automatically throwing the wireless card into monitor mode and scanning all channels for targets. On the first run or two, you may get a “no child process” error.
Just run the besside-ng wlan1 command again and it will start. To see everything the script is doing, add the -vv argument at the end. You’ll see the blistering speed at which Besside-ng finds, prioritizes, pings, and attacks networks.
Step 4:Clarify Operation During Attack RunsIn a target-rich environment, Besside-ng will run continuously for days or weeks, with my current endurance record over 1 week of continuous attacking. While the attack runs, it will prioritize WEP networks as they can be completely compromised from within the script. As such, Besside-ng may focus too heavily on WEP and slow down the attack. You can prevent this by only attacking WPA networks by adding the -W argument to the command.This script will, by default, scan all channels.
This makes it too slow for wardriving or warwalking to capture handshakes, since by the time the master list of APs to attack is built and prioritized, you’re a block away.This can be mitigated in part by adding the -c argument and followed by a channel number to stay locked on. Doing so builds the target list much more quickly, at the expense of only attacking one channel.
Run Airodump-ng to determine the best channels to lock to.If you wish to attack a particular network, you can add the -b argument followed by the BSSID of the target to specify which access point you want to attack. This is useful for networks with many APs under the same name (extended service sets), which may have many identically named APs which all appear as the same Wi-Fi network. Adding this argument allows you to focus your attack on a particular AP under the umbrella of the network and make faster progress on cracking a WEP key. Step 5:Automatically Crack Passwords from WPA.CAP During an AttackSoon, you will begin to gather WPA handshakes, potentially a lot of them. They will be automatically appended to the wpa.cap file, which is created in your home directory if it doesn’t already exist.
WEP packets are similarly saved to a file called wep.cap, both of which can be run in Aircrack-ng to attempt to get the password.We can run these in Aircrack-ng against our own password list, but electricity is expensive and brute-force attacks are very boring. Instead, we can use the -s argument to specify a WPA server to upload the handshakes to. This will let a distributed service like crack the passwords for us. Step 6:Automatically Crack Passwords from WEP.CAP During an AttackIf Besside-ng detects a WEP network in range, it will cyberbully the hell out of it.
Comments are closed.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
March 2023
Categories |