Hello Guys, I want to know which attack can be perform on Computer in 10 minutes to hack the system. You have access to the particular computer and owner leave computer alone Circumstances You not know the O.S (Windows or Linux) Hacker have 10 minutes only You don't know whether Computer is locked or not You can't take Computer with you For educational purpose only To know which attack can perform on a computer in short and its prevention
You would need to specify what you consider as 'hack'. And you should specify the OS. For instance if one is running Linux on an encrypted partition I guess you would not get past lock within 10 minutes at all. And you cannot read anything booting another OS. For windows I'd boot a minimal Linux distro and hack the SAM to gain admin privileges. To have physical access is actually all one needs....and usually no precondition for an attacker. To prevent access encryption helps. Also a locked BIOS which cannot boot from another drive. I am moving this to chit-chat though. I hope it's not made to spam the forums.
As Yen said, locked BIOS to only boot from HD, which is Bitlocker encrypted Can not do bugger all, and not only in 10 minutes
If it is real hacker, then is no matter, is the owner there or away, is the computer locked or not etc, they don not enter the room at all and any real hacker do not do his job not ten minutes but much faster. To be a good hacker, You must learn much but it isn't enough - You must born as hacker. Otherways happens like happened with one young pig, who thought that should to learn to fly.
Very vague about how the hack is defined. To gain access one could try the "Offline NT Password & Registry Editor" and that only take a couple minutes, providing the hard drive is not locked, or encrypted. By-pass a bios lock is to simply remove the cmos battery and reset the bios to the defaults. Depends on how fast you can access the motherboard for that
Usually you have to move a jumper to reset pw of the BIOS, removing the battery does not help. At some models you'd even need a master pw to get access to the setup. Some master pws are related to the service tag and can be calculated from it. To open a PC case is no problem at all. To protect the BIOS settings does not really help to prevent a 'hacker' to get access...one even could remove the SSD and plug it to another system. If you want to have it safe encrypt it...
There's also the social engineering aspect too. Pretend your someone who works for that business and call IT tech support to help you remember your passwords... or just the opposite way. Pretend your from the IT dept and need access to the workstation. Call / email the book keeper / sectary and say that your a ceo that needs all the tax W2's asap to check for a possible error. Social engineering hacks are probably more profitable and may be easier to gain access. Might be less than 10 min and you don't need to access the building
Question to the experts If you got your Drive encrypted by bitlocker and someone run linux on your machine Could he "hack" your machine? Steal your information, install any keylogger for Windows..
Bitlocker does have a backdoor that has been exploited https://blog.elcomsoft.com/2016/06/breaking-bitlocker-encryption-brute-forcing-the-backdoor-part-i/ Pay me .50 bitcoin or I'll tell your wife your looking at pr0n sites
I'd read those articles a long time ago and didn't worry about It They said I'll pay you .5 Bitcoin when you steal my laptop while it's hibernatedso that you can use my dump files And the other way is to try a brute force attack So we should feel safe at least at the moment
What about inserting a USB key logger between the keyboard and the PC? Let user come back and type there password in...
I'm going to be very frank and honest here... This is the stupidest thing I have ever seen in terms of a post on MDL. I saw the Windows 10 telemetry spamagedon but this takes the cake. I haven't had a post forum side in awhile and it was so stupid I made a post just for this. Now, let's get directly to the point 10 minutes to "Hack" any system is impossible. The list of various attack vectors is very large. And just because you have Whole Disk encryption doesn't mean your safe because of social engineering and the various online accounts people have. It would seem to me that most of what people are thinking of are physical attacks on the systems. However there is a very large amount of different things you can try. If you want to learn this then actually do the research don't ask on a forum such an open ended stupid question.
IMHO it is no stupid question and your post is inconsistent. You assume a purpose of the OP and then you say it is stupid. One can just consider the thread title to brainstorm it, to gather different statements and to apply countermeasures. This statement is plain wrong and you speak of absolute terms while you later disagree with absolute terms. A 'hack' is a measure that is used to circumvent or to break a safety mechanism, or even more generally to achieve a goal by an uncommon measure mostly in the context of a misappropriation. When I boot Linux and I use stuff like SAM editors (security account manager) to alter an existing windows account (gain admin privileges) or to remove an admin password THEN I have hacked windows. The SAM of windows up to windows 10 is still vulnerable. Everybody can do that within 10 minutes on an unencrypted windows. I do not post details it is not about details. This is no arguing at all. OP has defined clear circumstances, nobody has said that. It's like to say when you lock your garage then it doesn't mean your house is safe?!? What's the purpose of such 'arguing'? Of course it is not! BUT: When you encrypt your drive the DRIVE can be considered as safe for sure. Nobody here is speaking in absolute terms! I respect your opinion about the purpose of the thread, Smorgan. But if I should point out what is useless then it is your post. I am no clairvoyant hence I do not know why the OP has posted this thread, but it seems some are and can declare the thread as stupid. I don't like prejudice...I consider this thread as something to learn. Actually not via Linux....or any other OS One would have to install a hardware keylogger, but therefore you don't have to boot another OS. To access the drive one would have to break the encryption. I don't know if bitlocker has a hidden backdoor (for intelligence agencies), but from the perspective of maths it is safe and there is no access possible within the actual time period. (needed to BF long enough to be considered as safe)