Legodude522
Daemon Poster
- Messages
- 1,308
- Location
- Texas
Hello, the president of my company assigned me the task of testing how secure our computers actually are after he got word from the IT idiots that I had administrative privileges and they were furious as hell. (that's an understatement!) Fortunately the president of my company took it in good humour because he knew I never had any malicious intent in mind. I simply did it to get my job done. Our IT department is contracted so they only do the bare minimum.
This is what I originally did. Bought a hardware keylogger and placed it between the keyboard and the computer. Eventually the IT guy logged in with his account on my PC. Apparently they force us to change our password every 30 days, he hasn't changed his password in over a year and a half.
So now I need to make a slightly more elaborate scheme. Here is my theory... Unplug the PC from the network. Reset the local administrative account. Log in as administrator. Install whatever software I need for work. *Bonus* Install a software keylogger this time to log whatever the IT guy types in when he is remotely connected. This has to all be done when disconnected to the network because the next time I plug in the network, the security parameters will set back. Which is fine, I'll just log in on his account again using the newly lifted password and set my self as an administrator again on the network.
Ok, so here is what I need to know.
Right now I'm downloading UBCD for the password reset task.
This is what I originally did. Bought a hardware keylogger and placed it between the keyboard and the computer. Eventually the IT guy logged in with his account on my PC. Apparently they force us to change our password every 30 days, he hasn't changed his password in over a year and a half.
So now I need to make a slightly more elaborate scheme. Here is my theory... Unplug the PC from the network. Reset the local administrative account. Log in as administrator. Install whatever software I need for work. *Bonus* Install a software keylogger this time to log whatever the IT guy types in when he is remotely connected. This has to all be done when disconnected to the network because the next time I plug in the network, the security parameters will set back. Which is fine, I'll just log in on his account again using the newly lifted password and set my self as an administrator again on the network.
Ok, so here is what I need to know.
- Best and most discrete way of resetting the administrator account on Windows XP Pro SP2
- A discrete software keylogger that can log what is type in remotely.
Right now I'm downloading UBCD for the password reset task.