Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Serious Security Breach Windows 7 Account! Need help!


18 Feb 2010   #11

 
 

Quote   Quote: Originally Posted by DarkAngelSent View Post
The Administrator account has a password and was disabled during initial configuration.

There are no key loggers on my machine.

What really is stumping me is that he had to restart the machine to do this. This is leading me to beleive that he tampered with a windows file. Perhaps deleted a file containing the user account passwords in particular. (I dont know what windows calls it as i only know it for linux). Again he had no access to the windows environment itself. So i dont think a software keylogger would be something id account for. Nor did he have peripherals such as hardware keyloggers.
Well ... if I may be allowed to joke with you (in a totally friendly way) unless he had a "magic wand", there is no way he could login to your computer, either linux or windows, without your password, or some external operating system.

BTW this tutorial is a legit way to enable the Default Administrator Account when one has damaged his computer and no longer has any administrator rights with any user accounts. That is why I recommend giving the special account a password. User Account Password - Change from WinRE

Cheers!
Robert

My System SpecsSystem Spec
.

18 Feb 2010   #12

W7x64 Pro, SuSe 12.1/** W7 x64 Pro, XP MCE
 
 

Your mention of Linux makes me wonder if you are dual booting with a Linux distro? If so, and he could access that, he could read Windows files with it I'm not certain, but I think that could be done with a Linux Live CD.
My System SpecsSystem Spec
18 Feb 2010   #13

 

I think this thread has gone far enough with information relating to certain access points.
My System SpecsSystem Spec
.


18 Feb 2010   #14

Win7 Home Premium 64x
 
 

Encrypt the Hardrive like with www.truecrypt.org
My System SpecsSystem Spec
18 Feb 2010   #15

Win7 Home Premium 64x
 
 

If you think he could get into the boot menu or bios, you can disable the keys on startup like...you will not be able to use them either if you need to though.

Edit apologies: Sorry Brady I didn't read your post, I was trying to offer a way to protect not bring up securtiy flaws and what not
My System SpecsSystem Spec
18 Feb 2010   #16

Win7 Home Premium 64x
 
 

There are also programs like Eraser to get rid of sensitive data so it cant be dug up from your computer if it is compromised. or get a program to create an encypted vault for your files. If you think he might have a program to hack your password, remember the longer the pass the better. even if he could decrypt your pasword, if its 20 chars long, it will take him months(?) to crack it as opposed to days(?) for a 6 alphanumerics
My System SpecsSystem Spec
18 Feb 2010   #17
wee

XP/W7/Lucid/Arch
 
 

A reboot with a hirens bootable cd and use of tools would make any of the problems possible. Also a Live Ubuntu CD would give full access as well and it is easy to reset the Ubuntu password from a command line on boot.

I would report this person to the proper authority if it is relevant.
My System SpecsSystem Spec
18 Feb 2010   #18

Windows 7 Ultimate 64Bit
 
 

Quote   Quote: Originally Posted by DarkAngelSent View Post
My CD Tray and USB's were not used.

I want to prevent this from happening again. Either way I need to know what he did to prevent it. Can you please tell me what he did?
Did you ask him what he did ? Did you bring it to a higher authority ?
Is this your own personal computer ? If it is ... Well Then ......
My System SpecsSystem Spec
19 Feb 2010   #19

Windows 7 Professional x64, Windows Server 2008 x64, Ubuntu 9.1
 
 

Yea I had a gut feeling he used my ubuntu to access my windows files. But I have a secure alphanumeric password for both the root and my account pass on my Ubuntu as well as my Windows 7. I have already set a bios password as well and set my HDD as my primary boot device.

As for reporting him. (while I am a bit pissed that he tampered with a configuration without telling me first (ie delete my account passwords), its just something he does. Hes a classmate and we both study in the network securities field. ie, he does it to try to motivate me to keep updated on security flaws and weaknesses. This is why he wont tell me exactly what he did. Unfortunately, I cannot seem to figure out what he did and its unnerving that he can break into my account when he pleases (though i have the bios passwd set now). The methods for "resetting" the windows password do not meet the criteria of events and procedures he used.

If this issue really is a "flaw" or weakness in the operating system. I would think that this knowledge should be public knowledge so that the community and people around the world can work to protect themselves. While I understand why some users are compelled to keep this under wraps, If you hide these weaknesses, your basically just saying. "Yea ok, theres a problem, but were not gonna tell you what the problem is." One of the first things they teach us is that Obscurity is the worst form of network security. If these people know about this weakness, they must have learned it somewhere, and if that flow of information and education stops, the new generation of security admins will not have the proper education to protect the systems they are hired to protect. I cannot help but feel that this is more than just an attempt at obscurity, as the logic behind the argument to me is flawed based on the security through obscurity principle. Instead (while intentional or unintentional) the feeling of oppressing the learning and education of emerging students in regards to that information can only serve to increase the gap between amatures and professionals.

As I see it, security breaches like this are like a festering wound. If you leave it unattended for too long, itll become worse and worse. Ignoring it and witholding treatment does nothing to serve the community. With that in mind, I think its unethical to withhold this kind of information that the community of users have a right to know about to protect themselves with.

Thank you Iseeuu. The method you described seems to fit the criteria. Ill explore into this in greater detail and get back to you with my results.
My System SpecsSystem Spec
19 Feb 2010   #20

 

Yeah he used your ubuntu OS to bypass your login, Following this guide to reset a ubuntu password is quite trivial because recovery mode drops you into a root shell by default without requiring a password

I recommend removing ubuntu.

How to reset your password in Ubuntu
My System SpecsSystem Spec
Reply

 Serious Security Breach Windows 7 Account! Need help!




Thread Tools



Similar help and support threads for2: Serious Security Breach Windows 7 Account! Need help!
Thread Forum
Apple Developer portal breach credited to security researcher Security News
Security breach on the Ubuntu Forums Chillout Room
Visa, MasterCard Security Breach Security News
Security Breach? System Security
Security Breach or a Bug? System Security
Security Breach?? System Security
Apple's Worst Security Breach: 114,000 iPad Owners Exposed Chillout Room

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 12:13 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33