Users online right now: 66 - Login  » search  » forum index  

Slax can access windows account without password!

hotdawg
wrote 7 years ago


reply
Maybe you know, maybe you do not know.

When I start slax with USB drive, I can access my administrator account of Windows(Of course with password protection) in NTFS partition, no password required. I can open, view and copy any documents from it in spite of security.


Is it a nature of Slax? or something goes wrong?

Who can tell me?
 
hotdawg
wrote 7 years ago


reply
Supplementary:
I mean I can access any documents in [Document and Settings] directory or any folders of C partition, which is usuall under protection in Windows environment.

What I did is only use the unetbootin to burn slax image to USB disk and then plug it in USB port when PC power on.

I tried this in my family PC and my office PC, it does works.

If it is true, it is terrible! Do not distribute it!
 
TheOneWhoWontGoAway
wrote 7 years ago


reply
hotdawg wrote:
If it is true, it is terrible! Do not distribute it!


I hate to disagree with you here! This is one of the many things why I like Slax. I am the superuser, I can do anything. I am like God! :) I can see everything and I don't like Windows to tell me not do anything that I can't like UAC control and "Are you sure you want to do this " type of CRAP. Sorry hotdawg, this is not going to happen.

My $0.02
 
hotdawg
wrote 7 years ago


reply
TheOneWhoWontGoAway:

that is to say, you do not believe that?

that is true whatever you believe it or not.

forget my words
 
guttaslax
wrote 7 years ago


reply
That's true.
The password protection is an access protection inside win.
It has no meaning using other OS's.
If the filesystem is readable, data are readable.
That's true, for all Operating Systems *nux and win*, with a compatible filesystem.

gslax
 
tonio
wrote 7 years ago


reply
@guttaslax

Very true! Only trouble sometimes is the windows passwords. Sometimes with ntcracker, ntpass and other utilities to blank the password don't work because the filesystem is encrypted. I had a situation like that happen to me and I thought I could do it all, but I met my match. The only way to login to the computer was by reformatting it. Of course Slax came to rescue saving important files that were needed.
 
hotdawg
wrote 7 years ago


reply
As I know, before I finish installing Ubuntu, it scans the windows system and promts me to import account created in windows. Usually I reject it. I think this step is for accessing the windows account correctly with correct password.

But in slax, nothing popups, just burn and start!

I can access my windows document in slax, for instance, I can open ms word documents with open office correctly.

That's all, that's enough for me!
 
villain
wrote 7 years ago


reply
If you really want to protect your files, there's no way around real encryption. Wind00fs passwords offer no protection at all - They're easy to crack (ask my old school about it ;) ), and easier to circumvent (as you experienced). Face it: If you want data security, wind00fs is not the system for you.
 
guttaslax
wrote 7 years ago


reply
@hotdawg

I don't know the ubuntu setup, but maybe it supposes that the same win users will use ubuntu, so provides an easy way to duplicate those win users.
So I bet you can access the win documents anyway, also if you reject this function, with the exceptions reported by Tonio in a previous post.

gslax
 
BETEP
wrote 7 years ago


reply
dont be so grumpy. welcome to real life and dont trust fat boys from MS and their tales about security and privacy. :-)
 
francois.e
wrote 7 years ago


reply
@hotdawg:

The good news is that linux is used only by 1% of users, and slax by even less. So most window users will still be secure, without knowing it.
 
topher-t-mill
wrote 7 years ago


reply
I have to agree Slax is very good, Ubuntu assumes that Windows is "The opiate of the masses" and hence similarly will not 'allow' one to access ones own files from a live cd, Slax "cocks a snook' at that, and gives you back your own computer, and quite possibly any other computer, if you are able to switch it on and put Slax in the CD drive, maybe dangerous but probably true.
 
Ivo
wrote 7 years ago


reply
Oh, come on, with or without Slax, you can always boot windows in safe mode and access all the data on the NTFS partitions without password. If you have physical access to the machine, NOTHING can save you in every OS except encryption.
 
Hiram
wrote 7 years ago


reply
Why are you saying Slax is bad, because it can access a Windows partition? I'd say that's a problem with Windows, not Slax.

Besides, you can do that under any distro, not just Slax. When I first moved over to Linux from Windows, I was using Ubuntu, and I could view all files on my Windows install.

It's simply not Slax's or any Linux distro's fault if they have functionality to access NTFS partitions. You can also use Linux distro's to read other Linux partitions too.
 
jcsoh
wrote 7 years ago


reply
@ Hiram

"You can also use Linux distro's to read other Linux partitions too."

You hit the point right on the nail . These issue do not prove /disprove the superiority of window over linux, or vice versa (security wide) . The simple point is as long as the partition is not encrypted, whether it is a window or linux file system , and as long as a bootable cd /dvd /usb or any other bootable media is available , you are able to read the files on the partition.

Don't forget it is also possible to make live window cd , for eg using Bart PE.
 
SCBrazil
wrote 7 years ago


reply
Hotdawg,
I agree with the guys. I like the fact that I can access my Windows files through Slax. But it is your right to believe otherwise. Nevertheless, I suggest you....
Use this surprise as a lesson in life - just when you thought it was safe to go back in the water.... Do not be gullible, do not believe in hype and when it comes to your digital security, believe in no one.
Even without Slax mounting a Windows partition, there are boot CDs that can reset your Windows password in about 10 minutes. Google the subject and you'll probably have downloaded a free version of one of these programs in about thirty minutes. If such things didn't exist, there would be no market for stolen laptops now would there?
Really, I can't believe that you ever believed you would be safe behind a Windows admin account anyway.
If you are very privacy conscious, buy yourself a good encryption program and even then be careful.
 
SCBrazil
wrote 7 years ago


reply
And by the way, jcsoh....
I read in another post that you are from Malaysia. You have helped me so many times that I'm pleased to be able finally to help you back.
The English expression is,
'hit the nail on the head'.
 
jcsoh
wrote 7 years ago


reply
@ SCBrazil

"The English expression is,
'hit the nail on the head'."

Thanks . When I used the expression , I sort of knew it wasn't quite right , but I couldn't recalled the proper expression.
 
tonio
wrote 7 years ago


reply
jcsoh wrote:
@ Hiram

"You can also use Linux distro's to read other Linux partitions too."

You hit the point right on the nail . These issue do not prove /disprove the superiority of window over linux, or vice versa (security wide) . The simple point is as long as the partition is not encrypted, whether it is a window or linux file system , and as long as a bootable cd /dvd /usb or any other bootable media is available , you are able to read the files on the partition.

Don't forget it is also possible to make live window cd , for eg using Bart PE.


True most of the way. However only partially true as Slax cannot see ext4 partitions. I have Fedora 11 installed and is formatted ext4 and Slax cannot see it. Maybe new Slax can and will :)


EXT4-fs warning (device ram0): ext4_fill_super: extents feature not enabled on this filesystem, use tune2fs.

EXT4-fs: ram0: not marked OK to use with test code.
 
villain
wrote 7 years ago


reply
SCBrazil wrote:
[...] there are boot CDs that can reset your Windows password in about 10 minutes.
It doesn't take that long ;)

SCBrazil wrote:
Google the subject and you'll probably have downloaded a free version of one of these programs in about thirty minutes.
Let me speed this up for you: http://www.2shared.com/file/6302335/3da4a92d/chntpw-samdump2.html

SCBrazil wrote:
If you are very privacy conscious, buy yourself a good encryption program and even then be careful.
No need to waste money on something like that - Truecrypt is free.
 
hoanglong1712
wrote 7 years ago


reply
that is why i love slax, it give me my own computer without any stupid barrier that was create by password.
Indeed, if you can lay your hand on the pc, there is no barrier could stop read its data.
I do not like ubuntu much because it can not delete file in folder system32 of windows, I had an experience with this, my friend's computer was inflict with virus an its lay in system32, he also have unbuntu on hardisk but it did not allow him to remove that virus file because of the stupid right. That is why I like slackware and slax, they let me have time to slack
 
Korence
wrote 315 days ago


reply
To access Windows account without password, the method to me is to use Windows Password Recovery.It is a tool that can help me remove lost or forgot Windows password in quickest way.

See more at: http://www.recoverlostpassword.com
 

  » search  » forum index  

Post your reply

Your name (Login):

Message:

These HTML tags are allowed: <quote>, <b>, <u>, <i>, <pre>, <code>, <small>, <h1>, <h2>, <h3>, <li>



Slax is generously supported by: P&P Software GmbH and wisol technologie GmbH