• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Microsoft's another stupid mistake (r they idiots or just plain stupid????)

nyioo7@hotmail.com

New Member
Joined
Mar 27, 2005
Messages
55 (0.01/day)
so like yeh....i was just messing around with system files in windows XP's system32 folder and tryin to delete some of the spyware files and i accidently clicked on one of the file called lusrmgr.msc and guess wht i found out it can do........... it can erase any user's login password into windows......... including administrator.........(i mean can they be any stupider than that?????)......... tht program is in any windows xp & also in x64............ so i thought tht's only on my computer and i didn't believe it so i tried it on school's lab computer and it WORKS! ~!@@#........... so i logged on as an administrator and changed background , etc.... everything.......... i mean just think about it......... y would they have tht in windows ??????? so tht pplz can hack into other's computers????? IDIOTS!
 

Alec§taar

New Member
Joined
May 15, 2006
Messages
4,677 (0.70/day)
Location
Someone who's going to find NewTekie1 and teach hi
Processor DualCore AMD Athlon 64x2 4800+ (o/c 2801mhz STABLE (Ketxxx, POGE, Tatty One, ME))
Motherboard ASUS A8N-SLI Premium (PCIe x16, x4, x1)
Cooling PhaseChange Coolermaster CM754/939 (fan/heatsink), Thermalright heatspreaders + fan built on (RAM)
Memory 512mb PC-3200 DDR400 (set DDR-33 for o/c) by Corsair (matched pair, 2x256mb) 200.1/200mhz
Video Card(s) BFG GeForce 7900 GTX OC 512mb GDDR3 ram (o/c manually to 686 core/865 memory) - PhaseChange cooled
Storage Dual "Raptor X" 16mb 10krpm/RAID 0 Promise EX8350 x4 PCIe 128mb & Intel IO chip/CENATEK RocketDrive
Display(s) SONY 19" Trinitron MultiScan 400ps 1600x1200 75hz refresh 32-bit color
Case Antec Super-LanBoy (aluminum baby-tower w/ lower front & upper rear cooling exhaust fans)
Audio Device(s) RealTek AC97 onboard mobo stereo sound (Altec Lansing ACS-45 speakers - 10 yrs. still running!)
Power Supply Antec 500w ATX 2.0 "SmartPower" powersupply
Software Windows Server 2003 SP #1 fully patched, & massively tuned/tweaked to-the-max (plus latest drivers)
nyioo7@hotmail.com said:
so like yeh....i was just messing around with system files in windows XP's system32 folder and tryin to delete some of the spyware files and i accidently clicked on one of the file called lusrmgr.msc and guess wht i found out it can do........... it can erase any user's login password into windows......... including administrator.........(i mean can they be any stupider than that?????)......... tht program is in any windows xp & also in x64............ so i thought tht's only on my computer and i didn't believe it so i tried it on school's lab computer and it WORKS! ~!@@#........... so i logged on as an administrator and changed background , etc.... everything.......... i mean just think about it......... y would they have tht in windows ??????? so tht pplz can hack into other's computers????? IDIOTS!

That's the "Local User Manager" portion/plugin for the MMC.exe (Microsoft Mgt. Console)...

You can do the SAME thing with this commandline pretty much:

%windir%\system32\control.exe userpasswords2

It's an intended part of your system, so you can manage usernames/passwords/rights of users-groups & more!

APK

P.S.=> QUESTION (important): Are/were you able to run it as a "less-than-admin" type user?

If so, you might have a point... it may be a vulnerability.

That tool/snapin for the MMC should only be accessible to admin users, & if you copy it to another system & run it, say, one you work on @ home OR school for instance, you may just have a point... it should be restricted, by the network admin @ the very least.

I.E.-> It ought to be checking for user-rights prior to startup, & only be useable by admin users... but, then again, it's usually run from MMC.exe as a snapin & perhaps MMC.exe is the @ fault portion here, if anything IS indeed, @ fault here (probably your admin is for not setting a group policy restriction on that .msc snapin)... apk
 

nyioo7@hotmail.com

New Member
Joined
Mar 27, 2005
Messages
55 (0.01/day)
dude......... didn't u read it carefully??? i said i tried it in school's lab computers........... they have all kinds of security and i can only log in as a student to limited account........ i can't even access to C: drive........ but i ran tht from address bar and it works....... and i was able to log into administrator by deleting the password......... it didn't even ask me the old password......it just delete it right away........ and i know wht tht file is but i 'm just sayin how stupid r they to have it running around in obvious place like tht ........... i mean they can even make it hidden as root system files...........it's like having a sign HECK ME! hangin on the neck............hahahahahaha...............
 

Alec§taar

New Member
Joined
May 15, 2006
Messages
4,677 (0.70/day)
Location
Someone who's going to find NewTekie1 and teach hi
Processor DualCore AMD Athlon 64x2 4800+ (o/c 2801mhz STABLE (Ketxxx, POGE, Tatty One, ME))
Motherboard ASUS A8N-SLI Premium (PCIe x16, x4, x1)
Cooling PhaseChange Coolermaster CM754/939 (fan/heatsink), Thermalright heatspreaders + fan built on (RAM)
Memory 512mb PC-3200 DDR400 (set DDR-33 for o/c) by Corsair (matched pair, 2x256mb) 200.1/200mhz
Video Card(s) BFG GeForce 7900 GTX OC 512mb GDDR3 ram (o/c manually to 686 core/865 memory) - PhaseChange cooled
Storage Dual "Raptor X" 16mb 10krpm/RAID 0 Promise EX8350 x4 PCIe 128mb & Intel IO chip/CENATEK RocketDrive
Display(s) SONY 19" Trinitron MultiScan 400ps 1600x1200 75hz refresh 32-bit color
Case Antec Super-LanBoy (aluminum baby-tower w/ lower front & upper rear cooling exhaust fans)
Audio Device(s) RealTek AC97 onboard mobo stereo sound (Altec Lansing ACS-45 speakers - 10 yrs. still running!)
Power Supply Antec 500w ATX 2.0 "SmartPower" powersupply
Software Windows Server 2003 SP #1 fully patched, & massively tuned/tweaked to-the-max (plus latest drivers)
nyioo7@hotmail.com said:
dude......... didn't u read it carefully??? i said i tried it in school's lab computers........... they have all kinds of security and i can only log in as a student to limited account........ i can't even access to C: drive........ but i ran tht from address bar and it works....... and i was able to log into administrator by deleting the password......... it didn't even ask me the old password......it just delete it right away........ and i know wht tht file is but i 'm just sayin how stupid r they to have it running around in obvious place like tht ........... i mean they can even make it hidden as root system files...........it's like having a sign HECK ME! hangin on the neck............hahahahahaha...............

Note this to your network admin: He ought to apply group policies (via AD, or even your logon script) to limit its use to ADMIN user group members, only.

I noted this @ the end of my last post.

CACLS ought to be a command he can use to change the ACL (Access Control List) to DOMAIN LEVEL ADMINS or LOCAL SYSTEM ADMINISTRATOR(s) only for that .msc MMC.exe snapin, & others... IF he does this via logon scripts.

* It's what I would do, provided this is a security bug (and, it's sounding that way, @ least potentially)...

QUESTION - Do you guys use a WORKGROUP, or DOMAIN, type network? It matters.

APK
 

nyioo7@hotmail.com

New Member
Joined
Mar 27, 2005
Messages
55 (0.01/day)
Whtever dude............ if i have to report everything like tht everytime ......... tht'll be like every single time i use my computer............. which is like all the time.........hahahaha.......... i think microsoft doesn't even care since pplz buy their product anyway even those it's super buggy........... hahahahahhaha............
 

Alec§taar

New Member
Joined
May 15, 2006
Messages
4,677 (0.70/day)
Location
Someone who's going to find NewTekie1 and teach hi
Processor DualCore AMD Athlon 64x2 4800+ (o/c 2801mhz STABLE (Ketxxx, POGE, Tatty One, ME))
Motherboard ASUS A8N-SLI Premium (PCIe x16, x4, x1)
Cooling PhaseChange Coolermaster CM754/939 (fan/heatsink), Thermalright heatspreaders + fan built on (RAM)
Memory 512mb PC-3200 DDR400 (set DDR-33 for o/c) by Corsair (matched pair, 2x256mb) 200.1/200mhz
Video Card(s) BFG GeForce 7900 GTX OC 512mb GDDR3 ram (o/c manually to 686 core/865 memory) - PhaseChange cooled
Storage Dual "Raptor X" 16mb 10krpm/RAID 0 Promise EX8350 x4 PCIe 128mb & Intel IO chip/CENATEK RocketDrive
Display(s) SONY 19" Trinitron MultiScan 400ps 1600x1200 75hz refresh 32-bit color
Case Antec Super-LanBoy (aluminum baby-tower w/ lower front & upper rear cooling exhaust fans)
Audio Device(s) RealTek AC97 onboard mobo stereo sound (Altec Lansing ACS-45 speakers - 10 yrs. still running!)
Power Supply Antec 500w ATX 2.0 "SmartPower" powersupply
Software Windows Server 2003 SP #1 fully patched, & massively tuned/tweaked to-the-max (plus latest drivers)
nyioo7@hotmail.com said:
Whtever dude............ if i have to report everything like tht everytime ......... tht'll be like every single time i use my computer............. which is like all the time.........hahahaha.......... i think microsoft doesn't even care since pplz buy their product anyway even those it's super buggy........... hahahahahhaha............

I would suggest it to your admin (your network security is ONLY as strong as the person admin'ing it imo).

AND, it's one potential "hole" that's easily solved really per what I suggested above.

It may even help you land a job there no less, if you point it out to your network admin!

(Because it truly IS an EASY fix for him really, provided it's needed, & sounds like it is on your networks).

APK
 

nyioo7@hotmail.com

New Member
Joined
Mar 27, 2005
Messages
55 (0.01/day)
r u sure there's a way to change it??? cuz it works on every computer i tried.......... and i'm not talkin about just one lab........ and one school...........
 

Alec§taar

New Member
Joined
May 15, 2006
Messages
4,677 (0.70/day)
Location
Someone who's going to find NewTekie1 and teach hi
Processor DualCore AMD Athlon 64x2 4800+ (o/c 2801mhz STABLE (Ketxxx, POGE, Tatty One, ME))
Motherboard ASUS A8N-SLI Premium (PCIe x16, x4, x1)
Cooling PhaseChange Coolermaster CM754/939 (fan/heatsink), Thermalright heatspreaders + fan built on (RAM)
Memory 512mb PC-3200 DDR400 (set DDR-33 for o/c) by Corsair (matched pair, 2x256mb) 200.1/200mhz
Video Card(s) BFG GeForce 7900 GTX OC 512mb GDDR3 ram (o/c manually to 686 core/865 memory) - PhaseChange cooled
Storage Dual "Raptor X" 16mb 10krpm/RAID 0 Promise EX8350 x4 PCIe 128mb & Intel IO chip/CENATEK RocketDrive
Display(s) SONY 19" Trinitron MultiScan 400ps 1600x1200 75hz refresh 32-bit color
Case Antec Super-LanBoy (aluminum baby-tower w/ lower front & upper rear cooling exhaust fans)
Audio Device(s) RealTek AC97 onboard mobo stereo sound (Altec Lansing ACS-45 speakers - 10 yrs. still running!)
Power Supply Antec 500w ATX 2.0 "SmartPower" powersupply
Software Windows Server 2003 SP #1 fully patched, & massively tuned/tweaked to-the-max (plus latest drivers)
nyioo7@hotmail.com said:
r u sure there's a way to change it??? cuz it works on every computer i tried.......... and i'm not talkin about just one lab........ and one school...........

Yes, I am certain of it...

NTFS permissions, &/or ACL alterations (via the command I stated above).

:)

* Either/all do the job, via logon scripted activities, OR "AD" policies.

APK

P.S.=> You can utterly prohibit things running across active directories based networks, easily pretty much, via group policies, or other logon type script activities (what you'd use on a non-AD lan/wan for this, imo best tool for it on those types like workgroups)... Windows Networks are fun, & learning to secure them is not too bad either! apk
 
Top