From: "Kenneth L. Hamer" <k-hamer@ntx1.cso.uiuc.edu>
Date: Mon, 18 Nov 1996 07:19:27 -0800 (PST)
To: "'cypherpunks'" <adamsc@io-online.com>
Subject: RE: NT insecurity
Message-ID: <c=US%a=_%p=UIUC%l=NTX1-961118152200Z-47@ntx1.cso.uiuc.edu>
MIME-Version: 1.0
Content-Type: text/plain


Really?  Could you provide a reference for this assertion?  What is the
name of the "password file"?  Where is it located on the disk?

I'd be very interested to try this out on one of my test systems,
especially if it is true.  But my experiences with corrupted registry
hives leads me to believe you are incorrect.  NT usually does nothing so
nice when it's registry is corrupted.  That's why we keep "emergency
repair disks" around 8-).
- Ken

>----------
>From: 	Adamsc@io-online.com[SMTP:Adamsc@io-online.com]
>Sent: 	Monday, November 11, 1996 9:36 PM
>To: 	cypherpunks
>Subject: 	BoS: NT insecurity
>
>Given the recent comments about insecure machines, I thought it was
>interesting to note that you can clear *every* password on an NT box by
>using
>a diskeditor to corrupt the password file (Boot off of a floppy and use
>NTFSDOS if you have to).  It'll reboot several times and then you'll be
>allowed to login.
>
>#  Chris Adams <adamsc@io-online.com>   |
>http://www.io-online.com/adamsc/adamsc.htp
>#  <cadams@acucobol.com>		 | send mail with subject "send PGPKEY"
>"That's our advantage at Microsoft; we set the standards and we can
>change them."
>   --- Karen Hargrove, Microsoft (quoted in the Feb 1993 Unix Review
>editorial)
>
>