Posts Tagged ‘Authentication’

Raise Windows privileges with physical access

There is several linux distributions that allows to crack windows operating system administrator passwords. BIOS password is important to prevent such attack as if the attacker have physical access to the host he will be able to have admin access to the system. Windows 7 privilege escalation is possible not by using any linux distribution [...]

Share

SUDO Auth Bypass Vulnerability

Authentication bypass vulnerability has been discovered in sudo utility, the affected versions are Sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 inclusive. The security bug allows an attacker with a physical access to run commands without user’s password. UNIX sudo allows user to execute commands with root privilege which mean full administrator privileges on the [...]

Share

VMinjector Tool to Unlock guest VMs

It is always possible to bypass certain security measures on local system, authentication to guest operating system can be manipulated and bypassed in VMware workstation using VMInjector. This small python based tool can be used during penetration testing or to recover the operating system password, all new modern organization are relying on virtual environment which [...]

Share

Homemade USB Stick For Automating Windows Authentication

Typing password daily make any user remember it and this is good, but not for a long time as a normal organization ask their employee to change it after certain period so you need to remember the new one and so on. Joonas Pihlajamaa a programmer who solved this issue by using a USB HID [...]

Share

WinLockr – Locks your system with two-factor authentication

Security at the windows operating system is possible by login and password, now it is clear that there are some special tools that easily can crack this traditional security, that’s why I think that WinLockr can be a good security solution to not allow cracking windows security. Screenshot for the configuration interface WinLockr is a [...]

Share

Hackers 'can attack through staff password'

Companies are concerned that their employees are jeopardising their network security by not being careful about their passwords. That’s according to Graham Cluley, senior technology consultant at Sophos, who observed that many people use the same password for all sites they visit. This could result in an increased risk of phishing and viruses being spread, [...]

Share