Windwos Vista: Recovery Command Prompt

Did you know that the Command Prompt tool found in Vista's System Recovery Options doesn't require a User Name or Password? And that the Command Prompt provides Administrator level access to the hard drive? For multiple versions of Windows? All you need is a Vista Install DVD and you're all set to go. Just boot […]

Did you know that the Command Prompt tool found in Vista's System Recovery Options doesn't require a User Name or Password? And that the Command Prompt provides Administrator level access to the hard drive? For multiple versions of Windows? All you need is a Vista Install DVD and you're all set to go.

Just boot from the DVD and select the Repair option:

Then select the Command Prompt:

Here you have full access to this computer, not only as an administrator but also as a system account user. After this you can insert usb-memory and copy any non-encrypted file from this computer to usb-memory and steal information without leaving any marks to the system or event viewer logs.

Also, you could for example copy SAM-file (contains names and passwords of local users) from c:\windows\system32\config to usb-memory and start cracking computer's user password at  remote computer.

A cracker can:

  1. Copy files from hard disk to USB, floppy or network server.
  2. Create / modify / delete files and folders.
  3. Use most of the MS-DOS like commands.
  4. Use this method in Vista, XP, 200x.

To protect you computer or workstation, try to:

Setup bios boot order so that booting from other media than hard disk is not possible.

  • Setup startup password from your bios (mainly in home computers).
  • Use hard disk encryption software, if possible (such as bit locker).
  • Encrypt files and folders using EFS, if mechanisms above are not possible.

This kind of reminds you of a Windows XP Home feature. The Administrator account password for XP Home is blank by default and is hidden in Normal Mode. But if you select F8 during boot for Safe Mode, you can access the Administrator account and have complete access to the computer.

For more proof of the concept check out find more details from Mr. Kimmo Rousku and F-Secure.

Source:→ MSBlog

Microsoft, Windows Vista, Command Prompt, System Recovery