1. Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Microsoft's another stupid mistake (r they idiots or just plain stupid????)

Discussion in 'General Software' started by nyioo7@hotmail.com, May 20, 2006.

  1. nyioo7@hotmail.com New Member

    Joined:
    Mar 27, 2005
    Messages:
    55 (0.01/day)
    Thanks Received:
    0
    so like yeh....i was just messing around with system files in windows XP's system32 folder and tryin to delete some of the spyware files and i accidently clicked on one of the file called lusrmgr.msc and guess wht i found out it can do........... it can erase any user's login password into windows......... including administrator.........(i mean can they be any stupider than that?????)......... tht program is in any windows xp & also in x64............ so i thought tht's only on my computer and i didn't believe it so i tried it on school's lab computer and it WORKS! ~!@@#........... so i logged on as an administrator and changed background , etc.... everything.......... i mean just think about it......... y would they have tht in windows ??????? so tht pplz can hack into other's computers????? IDIOTS!
     
    10 Year Member at TPU
  2. Alec§taar New Member

    Joined:
    May 15, 2006
    Messages:
    4,677 (1.23/day)
    Thanks Received:
    94
    Location:
    Someone who's going to find NewTekie1 and teach hi
    That's the "Local User Manager" portion/plugin for the MMC.exe (Microsoft Mgt. Console)...

    You can do the SAME thing with this commandline pretty much:

    %windir%\system32\control.exe userpasswords2

    It's an intended part of your system, so you can manage usernames/passwords/rights of users-groups & more!

    APK

    P.S.=> QUESTION (important): Are/were you able to run it as a "less-than-admin" type user?

    If so, you might have a point... it may be a vulnerability.

    That tool/snapin for the MMC should only be accessible to admin users, & if you copy it to another system & run it, say, one you work on @ home OR school for instance, you may just have a point... it should be restricted, by the network admin @ the very least.

    I.E.-> It ought to be checking for user-rights prior to startup, & only be useable by admin users... but, then again, it's usually run from MMC.exe as a snapin & perhaps MMC.exe is the @ fault portion here, if anything IS indeed, @ fault here (probably your admin is for not setting a group policy restriction on that .msc snapin)... apk
     
    10 Year Member at TPU
  3. nyioo7@hotmail.com New Member

    Joined:
    Mar 27, 2005
    Messages:
    55 (0.01/day)
    Thanks Received:
    0
    dude......... didn't u read it carefully??? i said i tried it in school's lab computers........... they have all kinds of security and i can only log in as a student to limited account........ i can't even access to C: drive........ but i ran tht from address bar and it works....... and i was able to log into administrator by deleting the password......... it didn't even ask me the old password......it just delete it right away........ and i know wht tht file is but i 'm just sayin how stupid r they to have it running around in obvious place like tht ........... i mean they can even make it hidden as root system files...........it's like having a sign HECK ME! hangin on the neck............hahahahahaha...............
     
    10 Year Member at TPU
  4. Alec§taar New Member

    Joined:
    May 15, 2006
    Messages:
    4,677 (1.23/day)
    Thanks Received:
    94
    Location:
    Someone who's going to find NewTekie1 and teach hi
    Note this to your network admin: He ought to apply group policies (via AD, or even your logon script) to limit its use to ADMIN user group members, only.

    I noted this @ the end of my last post.

    CACLS ought to be a command he can use to change the ACL (Access Control List) to DOMAIN LEVEL ADMINS or LOCAL SYSTEM ADMINISTRATOR(s) only for that .msc MMC.exe snapin, & others... IF he does this via logon scripts.

    * It's what I would do, provided this is a security bug (and, it's sounding that way, @ least potentially)...

    QUESTION - Do you guys use a WORKGROUP, or DOMAIN, type network? It matters.

    APK
     
    10 Year Member at TPU
  5. nyioo7@hotmail.com New Member

    Joined:
    Mar 27, 2005
    Messages:
    55 (0.01/day)
    Thanks Received:
    0
    Whtever dude............ if i have to report everything like tht everytime ......... tht'll be like every single time i use my computer............. which is like all the time.........hahahaha.......... i think microsoft doesn't even care since pplz buy their product anyway even those it's super buggy........... hahahahahhaha............
     
    10 Year Member at TPU
  6. Alec§taar New Member

    Joined:
    May 15, 2006
    Messages:
    4,677 (1.23/day)
    Thanks Received:
    94
    Location:
    Someone who's going to find NewTekie1 and teach hi
    I would suggest it to your admin (your network security is ONLY as strong as the person admin'ing it imo).

    AND, it's one potential "hole" that's easily solved really per what I suggested above.

    It may even help you land a job there no less, if you point it out to your network admin!

    (Because it truly IS an EASY fix for him really, provided it's needed, & sounds like it is on your networks).

    APK
     
    10 Year Member at TPU
  7. nyioo7@hotmail.com New Member

    Joined:
    Mar 27, 2005
    Messages:
    55 (0.01/day)
    Thanks Received:
    0
    r u sure there's a way to change it??? cuz it works on every computer i tried.......... and i'm not talkin about just one lab........ and one school...........
     
    10 Year Member at TPU
  8. Alec§taar New Member

    Joined:
    May 15, 2006
    Messages:
    4,677 (1.23/day)
    Thanks Received:
    94
    Location:
    Someone who's going to find NewTekie1 and teach hi
    Yes, I am certain of it...

    NTFS permissions, &/or ACL alterations (via the command I stated above).

    :)

    * Either/all do the job, via logon scripted activities, OR "AD" policies.

    APK

    P.S.=> You can utterly prohibit things running across active directories based networks, easily pretty much, via group policies, or other logon type script activities (what you'd use on a non-AD lan/wan for this, imo best tool for it on those types like workgroups)... Windows Networks are fun, & learning to secure them is not too bad either! apk
     
    10 Year Member at TPU

Currently Active Users Viewing This Thread: 1 (0 members and 1 guest)