Hack in 10minutes

Discussion in 'Chit Chat' started by daljeet singh, Feb 1, 2018.

  1. daljeet singh

    daljeet singh MDL Novice

    Jun 27, 2017
    35
    39
    0
    #1 daljeet singh, Feb 1, 2018
    Last edited: Feb 1, 2018
    Hello Guys,

    I want to know which attack can be perform on Computer in 10 minutes to hack the system.
    You have access to the particular computer and owner leave computer alone

    Circumstances

    • You not know the O.S (Windows or Linux)
    • Hacker have 10 minutes only
    • You don't know whether Computer is locked or not
    • You can't take Computer with you
    For educational purpose only
    To know which attack can perform on a computer in short and its prevention
     
  2. MrMagic

    MrMagic MDL Guru

    Feb 13, 2012
    5,716
    3,722
    180
    Dumbass forums are that way ~>>>>>>
     
  3. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    11,026
    10,604
    340
    #3 Yen, Feb 1, 2018
    Last edited: Feb 1, 2018
    You would need to specify what you consider as 'hack'.
    And you should specify the OS.

    For instance if one is running Linux on an encrypted partition I guess you would not get past lock within 10 minutes at all. And you cannot read anything booting another OS.

    For windows I'd boot a minimal Linux distro and hack the SAM to gain admin privileges.

    To have physical access is actually all one needs....and usually no precondition for an attacker.

    To prevent access encryption helps. Also a locked BIOS which cannot boot from another drive.


    I am moving this to chit-chat though. I hope it's not made to spam the forums.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. sebus

    sebus MDL Guru

    Jul 23, 2008
    5,863
    1,765
    180
    As Yen said, locked BIOS to only boot from HD, which is Bitlocker encrypted

    Can not do bugger all, and not only in 10 minutes
     
  5. Michaela Joy

    Michaela Joy MDL Crazy Lady

    Jul 26, 2012
    3,529
    3,738
    120
    Sounds like a homework assignment. ;)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. kaljukass

    kaljukass MDL Addicted

    Nov 26, 2012
    823
    269
    30
    If it is real hacker, then is no matter, is the owner there or away, is the computer locked or not etc, they don not enter the room at all and any real hacker do not do his job not ten minutes but much faster.
    To be a good hacker, You must learn much but it isn't enough - You must born as hacker. Otherways happens like happened with one young pig, who thought that should to learn to fly.
     
  7. Joe C

    Joe C MDL Guru

    Jan 12, 2012
    2,355
    1,260
    90
    Very vague about how the hack is defined.
    To gain access one could try the "Offline NT Password & Registry Editor" and that only take a couple minutes, providing the hard drive is not locked, or encrypted.
    By-pass a bios lock is to simply remove the cmos battery and reset the bios to the defaults. Depends on how fast you can access the motherboard for that
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. Soldado11

    Soldado11 MDL Novice

    Jan 31, 2018
    35
    5
    0
    Give me 1 minute
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. sebus

    sebus MDL Guru

    Jul 23, 2008
    5,863
    1,765
    180
    Sure..., it seems you never tried Dell/HP machines...
     
  10. Joe C

    Joe C MDL Guru

    Jan 12, 2012
    2,355
    1,260
    90
    o.k.....
    Maybe it's the bios password that gets reset with removing the cmos battery.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    11,026
    10,604
    340
    #11 Yen, Feb 5, 2018
    Last edited: Feb 5, 2018
    Usually you have to move a jumper to reset pw of the BIOS, removing the battery does not help.
    At some models you'd even need a master pw to get access to the setup. Some master pws are related to the service tag and can be calculated from it.

    To open a PC case is no problem at all.
    To protect the BIOS settings does not really help to prevent a 'hacker' to get access...one even could remove the SSD and plug it to another system.

    If you want to have it safe encrypt it...
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  12. Joe C

    Joe C MDL Guru

    Jan 12, 2012
    2,355
    1,260
    90
    There's also the social engineering aspect too. Pretend your someone who works for that business and call IT tech support to help you remember your passwords... or just the opposite way. Pretend your from the IT dept and need access to the workstation. Call / email the book keeper / sectary and say that your a ceo that needs all the tax W2's asap to check for a possible error.

    Social engineering hacks are probably more profitable and may be easier to gain access.
    Might be less than 10 min and you don't need to access the building
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  13. Soldado11

    Soldado11 MDL Novice

    Jan 31, 2018
    35
    5
    0
    #13 Soldado11, Feb 5, 2018
    Last edited: Feb 6, 2018
    Question to the experts

    If you got your Drive encrypted by bitlocker and someone run linux on your machine

    Could he "hack" your machine? Steal your information, install any keylogger for Windows..
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  14. Joe C

    Joe C MDL Guru

    Jan 12, 2012
    2,355
    1,260
    90
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  15. Soldado11

    Soldado11 MDL Novice

    Jan 31, 2018
    35
    5
    0
    :busted_cop:

    I'd read those articles a long time ago and didn't worry about It

    They said


    I'll pay you .5 Bitcoin when you steal my laptop while it's hibernated:boxing:so that you can use my dump files

    And the other way is to try a brute force attack

    So we should feel safe at least at the moment
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  16. Threat

    Threat Lord of the Files

    Feb 23, 2014
    1,244
    1,406
    60
    What about inserting a USB key logger between the keyboard and the PC?

    Let user come back and type there password in...
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  17. Soldado11

    Soldado11 MDL Novice

    Jan 31, 2018
    35
    5
    0
    Having a laptop is an advantage:animatedfear:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  18. Flipp3r

    Flipp3r MDL Expert

    Feb 11, 2009
    1,510
    643
    60
    If I'm gonna open the PC then why wouldn't I just take the drive?
     
  19. Smorgan

    Smorgan Glitcher

    Mar 25, 2010
    1,854
    1,033
    60
    I'm going to be very frank and honest here... This is the stupidest thing I have ever seen in terms of a post on MDL. I saw the Windows 10 telemetry spamagedon but this takes the cake. I haven't had a post forum side in awhile and it was so stupid I made a post just for this.

    Now, let's get directly to the point 10 minutes to "Hack" any system is impossible. The list of various attack vectors is very large. And just because you have Whole Disk encryption doesn't mean your safe because of social engineering and the various online accounts people have. It would seem to me that most of what people are thinking of are physical attacks on the systems. However there is a very large amount of different things you can try. If you want to learn this then actually do the research don't ask on a forum such an open ended stupid question.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  20. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    11,026
    10,604
    340
    #20 Yen, Feb 6, 2018
    Last edited: Feb 6, 2018
    IMHO it is no stupid question and your post is inconsistent. You assume a purpose of the OP and then you say it is stupid.

    One can just consider the thread title to brainstorm it, to gather different statements and to apply countermeasures.

    This statement is plain wrong and you speak of absolute terms while you later disagree with absolute terms.
    A 'hack' is a measure that is used to circumvent or to break a safety mechanism, or even more generally to achieve a goal by an uncommon measure mostly in the context of a misappropriation.

    When I boot Linux and I use stuff like SAM editors (security account manager) to alter an existing windows account (gain admin privileges) or to remove an admin password THEN I have hacked windows.
    The SAM of windows up to windows 10 is still vulnerable. Everybody can do that within 10 minutes on an unencrypted windows.

    I do not post details it is not about details.


    This is no arguing at all. OP has defined clear circumstances, nobody has said that.
    It's like to say when you lock your garage then it doesn't mean your house is safe?!? What's the purpose of such 'arguing'? Of course it is not!
    BUT: When you encrypt your drive the DRIVE can be considered as safe for sure. Nobody here is speaking in absolute terms!

    I respect your opinion about the purpose of the thread, Smorgan.
    But if I should point out what is useless then it is your post.

    I am no clairvoyant hence I do not know why the OP has posted this thread, but it seems some are and can declare the thread as stupid. I don't like prejudice...I consider this thread as something to learn.

    Actually not via Linux....or any other OS
    One would have to install a hardware keylogger, but therefore you don't have to boot another OS.

    To access the drive one would have to break the encryption. I don't know if bitlocker has a hidden backdoor (for intelligence agencies), but from the perspective of maths it is safe and there is no access possible within the actual time period. (needed to BF long enough to be considered as safe)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...