[SATLUG] Kon-Boot vs Win2008 Enterprise SRV
Todd W. Bucy
toddwbucy at grandecom.net
Sun Nov 1 13:16:48 CST 2009
some of you may remember me raving about about Kon-Boot, a wonderful
tool for bypassing admin logins, when one has forgotten their password
of course. The website http://www.piotrbania.com/all/kon-boot/ does not
list the win2008 srv as compatible, it does however lists Win7, vista,
and linux kernel 2.6 as vulnerable. That said, I was curious so I set
up a kvm install of srv2008 Enterprise edition and sure enough I walked
through the front door without a key, furthermore because the machine
was virtual in nature I did not need physical access to the host server
to do so.
scarry stuff when you think about it.
More information about the SATLUG