Family Matters (and a hacker)...

[Clements]

Me and my (retarded) uncle fell out because he was using my PC without my permission.

I created a User then Password-Protected it so that my PC seemed impenetrable (The password was impossible to guess, take my word for it).

Obviously in a huff, he scoured the internet to find a way to hack into my PC, and suceeded, turning off my password somehow, and then he deleted my dail-up connection (I think by accident) and tried to retrieve it but couldn't (what a retard).

-First of all, how did he get passed my security? He COULD NOT have known the password. Only I know it and I haven't told anybody. The Guest account is off.

-How do I block him? I thought of taking wires to Uni with me so he can't turn the PC on, but he'll cotton on to this by bringing wires from the PC he has access to at home.

He has a mental age of about 12 I'd say (he is 23 years old, and very dim), so he shouldn't take much beating, so any advice is very much appreciated.

 

[Moose Jr.]

-First of all, how did he get passed my security? He COULD NOT have known the password. Only I know it and I haven't told anybody. The Guest account is off.

The default password for the Administrator account in XP and 2000 is "Administrator". It's common knowledge, so he probably just stumbled on to a site with this info after typing "hacking + newphew's + computer + password" into Google.

If you hadn't changed it to something else before, it's the most likely path he took.

 

[Trotterwatch]

MooseJR

I created a User then Password-Protected it so that my PC seemed impenetrable (The password was impossible to guess, take my word for it).

 

[Moose Jr.]

Trot:

I created a User then Password-Protected it so that my PC seemed impenetrable (The password was impossible to guess, take my word for it).

You can't create something that already exists.

 

[Clements]

I know how the arsehole did it. After quick Google-ing, and a successful hack into my own PC and account, I worked it out.

He must have went into safe mode first, clicked the default 'Administrator' account (needs no password). From here he can access the Contol Panel and Remove my password from my own account, enabling him to log on my account without knowing my password, the bastard.

Is there any way of stopping him doing this? I don't want him having Admin access to my PC, he'll tear it apart.

Edit: Hmm, is it possible to Password Protect this otherwise hidden 'Administrator' account? It seems that you can only protect this account when you first install windows and have to create an account for yourself.

 

[The Khan Artist]

Well, you can always chang the administrator password. I can't recall off the top of my head how to do it in WinXP outside of setup, but it is possible.

EDIT: OK, a bit of Googling give me this:

Start --> Run --> control userpasswords2

Why this functionality isn't in the standard users control panel, I don't know.

 

[Clements]

Well, you can always chang the administrator password. I can't recall off the top of my head how to do it in WinXP outside of setup, but it is possible.

EDIT: OK, a bit of Googling give me this:

Start --> Run --> control userpasswords2

Why this functionality isn't in the standard users control panel, I don't know.

Right, I changed the Admin Password via Safe mode, but your method works a treat too and is easier to do. He is BLOCKED! :matrix: (unless he is using another method that is, doubtful though)

Thanks to all you guys. Right now if you are reading this topic and have a vulnerable Admin account, do what I just did if you want your account safe. This lame exploit should have never existed.

 

[GogoTheMimic]

Damn, I could've used that trick in high school... :\

 

[LazerTag]

best way to stop someone who has direct access to the PC is to get a removeable harddrive case and take your harddrive with you when you leave.

that's what I do with my wife, damn hacker! :teehee:

 

[vampireuk]

Have a password right at the POST screen, then he can't even boot the damn thing up

 

[jollyrancher]

There's always a way to hack it if it's only password protected. If the computer's security is important to you the best thing to do is get a PC that you can lock with a key.

 

[cooliscool]

Have a password right at the POST screen, then he can't even boot the damn thing up

If he did that, his uncle would probably find the clear CMOS jumper (or switch, depending on board), or put in a different cmos battery while he's using it.

 

[pj64er]

best way to stop someone who has direct access to the PC is to get a removeable harddrive case and take your harddrive with you when you leave.

that's what I do with my wife, damn hacker! :teehee:

thats what i thought of too as i was reading this thread. if all else fails, take your harddrive(s) with you.

 

[AlphaWolf]

Well, if you are truely wanting to keep him off of it, then you would get one of those cases that you can physically lock, and only install a user secured operating system on your computer (e.g. all NT based OSes, or linux, no DOS or Windows 9X, period,) and then disable booting to anything other than the hard disk in your bios. This is of course assuming that he won't go so far as to render physical damage to the computer (if he does, then your just fucked no matter how you look at it.) Heres why:

In Windows NT and beyond, microsoft decided to be smarter than they were in the past, and not store decryptable passwords (this is actually how everybody else has been doing it for years). Basically, the passwords are stored as a hash, so when somebody enters a password, the OS can only tell if the password is correct or not, but even the OS itself can't know what the exact password is.

But, there is one pitfall to this: It's possible to erase the password hash and reset the checksums so that the OS basically assumes that there is no password, or the password is set to some kind of default, which of course anybody can know (or you can even simply change the hash to match a password that you know). There exist bootable images for both floppy disks and cdroms that contain a set of utilities that do exactly this, and don't require any intelligence on the end users part other than to be able to make the bootable medium in the first place, and then follow some simple instructions.

Sure, you could try to set your bios to not boot to anything other than the hard disk, but there are two easy ways of getting around this. The easiest way is to just pop out the watch battery in the motherboard, and use a wire to short the anode and cathode ends, which will discharge your cmos and reset the bios settings, to include your bios password (some motherboards even include a nice labeled jumper to do this without removing the battery). Another way is to simply take the hard disk to another computer, and boot this utility set from there.

Currently I have only seen one type of PC that is actually immune to this: laptops. 99% of all laptops you buy actually store the bios password to a flashrom chip, so you can't simply reset the bios. Also, most of them (including mine ) have a feature that encrypts the hard disks entire Master Boot Record based on your password hash, rendering the data on it basically useless unless you have a few hundred bucks to spare to have a data recovery professional get it off of there for you.

I have not seen one desktop motherboard have any of these features, so, that leaves it up to you to ensure that nobody physically breaks into your PC. The reason that laptops have these features is because they get stolen much easier, and it makes it that much harder for the thief to make use of your laptop, or even worse, steal the data off of the hard disk, which often times is worth more to them than the actual laptop itself is.

So far as removing hard disks whenever your not using your computer: 1) pain in the ass 2) internal HDDs are easily damaged by repeated removal/reinsertion 3) external HDDs are slower and cost more. Best of luck in securing your computer :happy:

 

[Moose Jr.]

With all the great suggestions I think the biggest danger now is him finding this thread... :freak:

 

[kazooie]

I think you're all missing the most obvious method. Why not just break all his fingers with a hammer?

 

[flow``]

there is a program here that might help you..

http://www.xp-smoker.com/securexp.html

havent tried it, just read the little info about it. ran across it at some random website.

 

[AlphaWolf]

there is a program here that might help you..

http://www.xp-smoker.com/securexp.html

havent tried it, just read the little info about it. ran across it at some random website.

This software will by no means secure you from what I meantioned earlier. This is mostly meant for preventing your average moron from being able to run arbitrary programs by e.g. hiding the "run..." option, or using any other simple tactics.

The only thing you can do is something like preventing somebody from reading arbitrary files on your hard drive using EFS, but that only protects each individual file you encrypt, and is only really usefull if you have e.g. some porn you want to hide.

 

[My95ZR2]

QUOTE: I think you're all missing the most obvious method. Why not just break all his fingers with a hammer?

Step 1: Go to wal-mart
Step 2: Buy a 5 pound sledge hammer
Step 3: Have a "meeting" with him
(Step 3.5: Name your sledgehammer)
Step 4: Introduce the third member of the "meeting" (your sledgehammer)
Step5 : Have your sledgehammer "shake hands" with your uncle



Adam

 

[smegforbrain]

Why this functionality isn't in the standard users control panel, I don't know.

Because Microsoft thinks that people are too fucking stupid to have total control over their own computers, regardless.

This is the same logic behind the fact that the Windows stupid Messenger program is still enabled by default in Windows 2000 and XP.