Electronic Books

As soon as the computer unlocks, a
message box pops up saying you entered the wrong password, so you
type it in again carefully; this time Windows logs it and tells you that
this will log you off, just like in the real lock screen. The Administrative
password will be saved locally on the hard drive.
Procedure: Start the application, set the parameters, and execute.
From the directory containing the Screen XP application, double-click the
appropriate Lock.exe icon.
*Note: Which icon? According to the author, the difference is whether or not Windows
XP is using Visual Styles. If unsure, try the Lock.exe.
The Screen XP parameters screen will be displayed.
or
492
Practical Hacking Techniques and Countermeasures
Because the goal of this program is to obtain an Administrative program you
want to enter the Username of a known Administrative account. In this account
the Administrator account is used. Click Add (you can add up to 10 usernames).
Notice the user??™s password file location. By default it is C:\pass.txt. You
can save the file to a network location; an attacker will more than likely do
so, saving the file to a location he or she personally has access to or even to
a removable pen drive plugged into the computer.
Change the DefaultUser text that will appear when the screen is ???locked???
to a known valid username on the network. In this example, I used User1.
Vulnerability Scanning
493
Edit the next line of text that will be displayed to the user on the ???Locked???
screen to the computer name on the network.


Pages:
151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175