The End of Oz Stoners?

[jaikai]

HI JaiKai,

 

If you're worried about junior you can get FREE filtering software here: http://www.netalert.gov.au/

 

Cheers

 

Nah, no need mate, got Passwords on BIOS and all other shit locked out... to a point...

 

Something to be said for supervision too. My biggest worry aint him finding porn... it`s the dodgy sites he`ll pass thru on the way to "guaranteed free porn" that gets to me. We have a couple `puters here and all but 1 are on the net, mine 24/7... It`s the malicious shit that I get into him about... Nothing wrong with looking at the pix on Picture.com or the Huns pages...shit, He`s nearly 14, and I aint finding a trail to no gay sites so I`ve done something right

 

Seriously though, how far do we go to stop access to this sorta thing in a blanket lockout...? What is it we`re stopping ppl from seeing/reading? So much information will be innocently blacklisted...insane.

 

JAIKAI

[Major Overgrow]

Bios passwords are NOT secure either.

Award Bios Default Password is usually "AWARD_SW" (without quotes) if I remember rightly.

( I downloaded a HUGE list of default passwords for bios's, routers, firewalls, etc, etc )

[lightning]

jaikai, you could use VMware to build a virtual linux/squid caching proxy server, direct their browsers through the proxy and enable tracking logs, it does not slow access(in fact often speeds it up) and will allow you to monitor exactly where they are going very easily with a browser interface from you local machine and rolls the logs over as often as you want.

[17684]

An Australian wide filter to block inappropriate content from reaching our children. How about we ban all religions in Australia...might help stop all these priests from reaching our children. If it is implemented, my bet is that some 13 year old will crack the filter or figure out a simple way to bypass it making the government look like fools spending millions of dollars on something that doesn't work.

[Pure]

Bios passwords are NOT secure either.

Award Bios Default Password is usually "AWARD_SW" (without quotes) if I remember rightly.

( I downloaded a HUGE list of default passwords for bios's, routers, firewalls, etc, etc )

 

 

Just about anyone that sets a bios password doesn't use the default password , however they can be quite easly reset by jumpering the board to a recovery boot or various other HARDWARE methods. Can't really say the same bout modems ect because they come passworded and sadly many many people simply don't change it from the default . But even those that are set can ofcourse be reset with nothin more than a paperclip in most cases.

These methods are the "backdoor" methods that companies put into place incase you legitimatly loose a password and it is why none of them put "soft backdoors" onto their systems. They are also not likely to be used by a person trying to perminently subvert privilages because it's going to be noticed very quickly.

 

Microsoft is the same way , there is no backdoor admin password for any version of windows by default and there simply doesn't need to be . there are ways to reset a microsoft password which makes it clear that it has happened making the method pretty useless to anyone trying to be sneaky about getting the password. What I have seen though is virri that add admin accounts so if you found a backdoor on your system you had a whole different issue.

[Major Overgrow]

Bios default passwords can only be removed by patching the bios (there are often more than one pass for some bios's).

Been using them for years, got the list from Astalavista.com a while back. Saves screwing around shorting out cmos via pins.

 

Windows XP does have default Admin passwords unless every system I've tested it on (including my brothers Original DELL XP CD) are all from a hacked pirate copies - unlikely though with P2P you never know, except for the Original DELL CD (2 passwords, both variations of "windows2003" - no quotes or spaces) which are both stored as a hash, not as the actual text. I've used them on many systems though on some systems you can only use them by booting into `safe mode` unless the system is tweaked. I've been collecting hack-crack programs & texts for years.

 

I think I used either "L0phtcrack v5" or "John the Ripper" with Pwdump2, not sure which now, too long ago.

 

A mate took great pride in locking his kids & nosy visitors out of his computers (he has satellite card software & related stuff), so I showed him how useless both his Bios & XP security are. Now he uses Securstar Drivecrypt Plus Pack whole drive encryption. Windows security is a very sick joke.

 

Basic Bios Password info. The old default password lists from Astalavista.com are in the post below this one. A link to newer versions will be posted when I find the new location.

ebook_Word_How_to_bypass_BIOS_password_protection.doc

cracking_windows_xp_administrator_account_in_possibly_131_minutes.doc

 

How to get the password Hashes example (not by me):

Pwdump2: A tool used to extract hashes from the protected sam file. ( Free )

 

Using Pwdump2

 

Pwdump2 is a hash retrieval program that runs in DOS. The sam file is

normally protected by windows and will not allow you to copy it or open it

under any circumstance. Pwdump2 provides a quick and easy way to obtain the

hashes. Some other ways of obtaining the hashes is to boot to a separate

operating system and recover them..

 

Below is a simulation of what you should do.. We are assuming the pwdump2 is

in the c: drive and the folder. It is also taken place in the DOS ( Command

Prompt ).

 

First We Go To The Folder

 

c:cd pwdump2

 

Now We Are In The Folder

 

c:pwdump2

 

Now we are going to run the program and see the print out.

 

c:pwdump2pwdump2

 

Administrator:500:f22487de2f1sdaw0aad3b435b51404ee:d0c3985a7dsawq190d8b04c06

1c3e:::

 

Guest:501:aad3b435b51404eeaad3asdwb51404ee:31d6cfsdaw16ae931b73c59d7e0c089c0

:::

 

HelpAssistant:1000:158dbeae7e5dasf9a2515e837c97827:9cfec91asdwdb011860fa3816

6da9eaa1:::

 

You:1003:8c96188dd805daf3aaddas251404ee:96ce08a2c2dsa0296c8e673506d763d9:::

 

These Are Not Actual Hashes.

 

We see in the first part the name of the user ( Username )

 

Then followed by the hashes and other information. ( Ya dont need to know

anything about this. )

 

Now we will save the sam file to the c: direcotry as a regular text file.

 

c:pwdump2pwdump2 > c:Pass.txt

 

c:pwdump2

 

It will not print out anything but it will save the file as pass.txt to the

c: directory.

Edited November 30, 2008 by Major Overgrow

[Major Overgrow]

Default Password lists, originally from Astalavista.com:

These files are created with NETSEND v1.0 so when

you open them, follow the instructions inside the ASCII

FILENAME.TXT and save the result as FILENAME.COM

then execute the file to extract the contents. There are

newer versions of the Default Password lists so I'll post

a link when I find their new location.

 

ALL FILES HAVE BEEN SCANNED & ARE VIRUS FREE.

 

THESE FILES CAN ONLY BE EXECUTED ONCE EDITED AS PER INSTRUCTIONS CONTAINED WITHIN THEM

 

PASS_OLD.COM=PASS_OLD.TXT

This will extract to PASS_OLD.RAR

 

NETSEND1.COM=NETSEND1.TXT

This will extract to NETSEND1.ZIP

which is the dos program used to create

these self-extracting TXT files:

NETSEND V1.00 encodes binary programs

for email similar to UUEncoding, however

the ASCII code is executable. NETSEND

files do not need decoding. The original

program will be extracted from the ASCII

file automatically. The program includes

file compression and a UUE decode/encode.

Here is a simple way to convert programs

for e-mail. Easy, fast and free.

É=================================================================»

º Ú===¿ JIM TUCKER þ SOFTWARE º

º Ú=Á=¿ Ã==¿ 4/635 Brighton Road, Seacliff º

º ³ ÚÁ=Á¿ ³ South Australia, AUSTRALIA 5049 º

º À==´ Ã=Ù Email: jtucker@byron.apana.org.au º

º À===Ù º

È=================================================================¼

 

NETSEND Release 1.00 June 1995. Copyright 1995 by JIM TUCKER

 

É=================================================================»

º NETSEND is free for private use only. You may distribute º

º NETSEND provided you do not charge for it. Use of NETSEND º

º to create commercial programs or data, without the author's º

º permission is specifically prohibited. That should cover it! º

È=================================================================¼

 

===================================================================

ABOUT NETSEND

===================================================================

 

NETSEND is a convenient way to send DOS programs and other binary

files by e-mail. NETSEND converts programs to text similar to

UUEncoding, however NETSEND text is executable and self-decoding.

This simply means the recipient does not have to UUdecode anything

to extract the source file.

 

Usage: NETSEND [-options] <INFILE> [OUTFILE]

 

If OUTFILE is not specified NETSEND will use the source filename

with the extension .NTS. You may specify a path for each file. For

a demo you can use NETSEND to encode itself: NETSEND NETSEND.COM

then look at the file NETSEND.NTS with a text editor.

 

===================================================================

NETSEND OPTIONS

===================================================================

 

Both "-" or "/" are valid switch characters. Options may be caps or

lower case.

 

NONE With no option NETSEND will create an executable

self-extracting file in ASCII format with instructions.

 

-Z Suppresses instructions at the start and end of target file.

 

-S Writes short instructions (filename and clip line) at the top

of file.

 

-$FILENAME | NETSEND will use the specified file instead of the

built in instructions at the top of the target file. Maximum

file size is 65,500 bytes!

 

-U UUEncode. NETSEND contains a UUEncoder for large files. If you

specify a target filename it will be used otherwise NETSEND

will use the source filename.UUE. Usage: NETSEND -U FILENAME

 

-M I've made life easy. -M creates a tiny UUdecoder MUUD.COM.

MUUD.COM is an executable file in pure ASCII code so you can

email it without any encoding or decoding. Usage: NETSEND -M

 

-D Creates NETSEND.DOC (this document). The documentation is

included in the program so you can convert NETSEND.COM into a

NETSEND file and e-mail it in a single package.

 

===================================================================

NOTES

===================================================================

 

NETSEND will not encode a file larger than 50,700 bytes. Programs

will be smaller if you use PKLITE or LZEXE to compress them. Both

are available at ftp and BBS sites. Multiple programs can be

included in a PKZIP files.

 

NETSEND contains it's own compression/decompression code. This is

not used if the resulting file would be the same size or larger.

For instance, it is not used if the source file is already

compressing (ZIP GIF JPG etc).

 

If your source file is too big NETSEND will ask you if you want to

UUEncode it instead. (You may create and NETSEND the decoder. See

the -M option).

 

NETSEND target files may use DOS, UNIX or Mac end of line codes.

 

===================================================================

TROUBLE SHOOTING

===================================================================

 

Please check that your NETSEND program executes correctly before

mailing it. If not check the following:

 

[1] It was clipped using a **TEXT** editor. Enter TYPE FILENAME

at the DOS prompt. This should display the file as normal text.

This is the main reason for errors. Do not use a word processor for

clipping... these can add data for internal purposes.

 

[2] Ensure there are no short or long lines in the program. All

lines except the last should be 64 characters. All characters

should be readable ASCII with no blank spaces.

 

===================================================================

ABOUT THE AUTHOR - JIM TUCKER

===================================================================

 

I live in Seacliff, a seaside suburb of Adelaide, South Australia

(down the bottom facing Antarctica). I appreciate e-mail, small

donations and postcards. Thanks to Terje Mathison for the improved

ASCII header. Two programs which might interest you:

 

NETPIC allows you to convert any size GIF picture to 320x200x256

color to executable text. The pictures need no decoding and no

viewer! The ASCII text displays the picture.

 

NETRUN converts binary files to ASCII. It is similar to NETSEND but

the resulting ASCII file is executable. MUUD.COM was created with

this.

 

I maintain a local anonymous ftp site for software. It contains the

latest versions, applications (some with source code) as well as

shareware programs mentioned in documentation:

 

ftp://kludge.byron.apana.org.au/pub/jtsoftware

 

Enjoy NETSEND. You may contact me at: jtucker@byron.apana.org.au

4/635 Brighton Road, Seacliff, South AUSTRALIA 5049 +61 8 377-1175

 

END

Edited November 30, 2008 by Major Overgrow

[Rocker]

I don't want to have to read vast amounts of material on how to visit any site.

 

I have voted but I'm relying on the Greens and other cross bench members to block this madness of trying to filter content on the web.

 

What's got into the heads of those running this country? Do we want a fascist state here? Fair dinkum! Talk about draconian and intolerant.

[Pure]

lmao , is about all I can say , netsend !!! are you serious mabey update your info a bit. Security is a large part of what i do I have audited allot of these systems myself without taking the word of someone that once apon a time hacked windows 98. and is still passing the info off as relivant .

 

A bios doesn't need a backdoor have you actually tried allot of those "backdoor passes" successfully? I doubt it very much , windows also doesn't need a backdoor and there isn't one and I'm sorry to be blunt but if you claim to have pulled it off of allot of machines with nothing in common then i think your telling porky pies

[Major Overgrow]

If you'd bothered to check the files (html & associated files inside the RAR - used netsend, very handy as most BB software blocks archives & executables so I didn't bother trying...) you'll see lists of default passwords for various versions of Windows NT's etc & passwords for various BIOS's & other stuff. The file is dated as mentioned by myself, but as stated there are newer versions floating around which I will post a link for very soon.

& Yes I have tried these, with my Award bios for instance, ALL bios passwords are bypassed by "AWARD_SW".

 

Shame on you for pointing fingers, you assume too much.

& nowhere did I mention anything about hacking win98, only XP if you can read properly.

 

Nice Dodge Pure... :)

Edited November 30, 2008 by Major Overgrow