Jump to content

Konboot


Guest Deleted_Account
 Share

Recommended Posts

Guest Deleted_Account

Hello i am currently using KonBoot on my 8GB flash drive (multipass). It works perfectly on my Netbook and most comps, However i had a few weird problems:

1) Probably some grub problem but on some pc's i get a boot error

2) Konboot boots and then blue screens when XP starts

3) BIOS freaks out and puts computor in reboot loop :s (GRUB?)

thanks for any help

Link to comment
Share on other sites

I've read before on a different thread, that Konboot can sometimes have undesirable effects. You might also wanna give ophcrack a try.

Link to comment
Share on other sites

The XP machine you tried it on, is it tied to a domain controller, or just a local workstation? Also, Konboot patches the kernel in memory on the fly, so if the machine you are trying to logon to is patched to a certain level Konboot is not written for, then you may have the error you are getting, or the machien itself is just having a hardware (bluescreen diver) issue and possibly just foobared to begin with.

Link to comment
Share on other sites

Guest Deleted_Account
I've read before on a different thread, that Konboot can sometimes have undesirable effects. You might also wanna give ophcrack a try.

ophcrack is what i normally use but i just wanted to show a friend how insecure her laptop could be. Also oph crack would not be that usefull in this case she (like me) uses a 32 char. alphanumeric password and last time i checked (correct me if i am wrong) ophcrack can only crack up to 14 char. before it is no longer any more efficient then a normal brute-force.

The XP machine you tried it on, is it tied to a domain controller, or just a local workstation? Also, Konboot patches the kernel in memory on the fly, so if the machine you are trying to logon to is patched to a certain level Konboot is not written for, then you may have the error you are getting, or the machien itself is just having a hardware (bluescreen diver) issue and possibly just foobared to begin with.

The laptop wasnot connected to a domain however konboot did say a "dumping bios" was detected (it does that on mine too and still works however). The tower was on a network however the day before it worked and i got into the only local acount (Administrator) but now it either gives me a "boot error" or blue screen maybe they patched it? is it possible to patch against konboot? the driver issue might be it is a well since it took about five reboots after words to get the keyboard and mouse to work again.

Link to comment
Share on other sites

By the way, there is also a more simple method for gaining access to a computer, without the use of dictionary or brute force attack and plus no one would never notice any changes to their computer. You can get in and out, without leaving any traces behind.

Check this link out.

http://pubs.logicalexpressions.com/pub0009...icle.asp?ID=305

Link to comment
Share on other sites

By the way, there is also a more simple method for gaining access to a computer, without the use of dictionary or brute force attack and plus no one would never notice any changes to their computer. You can get in and out, without leaving any traces behind.

Check this link out.

http://pubs.logicalexpressions.com/pub0009...icle.asp?ID=305

Don't purchase something when there are tools out there to do this for free. If you wanted to reset a password to an account to logon, use something like UBCD4WIN, which has tools for resetting (local) NT Passwords and they work every time I have used them, unlike Konboot. You could also boot any live linux cd and access whatever you want, defeating a need for a windows password, or you can do the utilman rename and use the cmd.exe in its place so when booting, you hit the shortcut key "windows+u" and it launches your CMD window. You then tpe explorer.exe and it bypasses the windows logon giving you a normal windows shell.

All bets are off if you have physical access to a machine. Short of full drive encryption there isnt much you can do to save your machine from being accessed.

Link to comment
Share on other sites

Don't purchase something when there are tools out there to do this for free. If you wanted to reset a password to an account to logon, use something like UBCD4WIN, which has tools for resetting (local) NT Passwords and they work every time I have used them, unlike Konboot. You could also boot any live linux cd and access whatever you want, defeating a need for a windows password, or you can do the utilman rename and use the cmd.exe in its place so when booting, you hit the shortcut key "windows+u" and it launches your CMD window. You then tpe explorer.exe and it bypasses the windows logon giving you a normal windows shell.

All bets are off if you have physical access to a machine. Short of full drive encryption there isnt much you can do to save your machine from being accessed.

You are absolutely right, and I know for a fact that there are tools out there for recovering windows password for free. But at the time when I needed a tool for recovering my administrator's account password, the windows installation CD served me well.

But I do appreciate your comment as well.

Thank you.

Link to comment
Share on other sites

Guest Deleted_Account
By the way, there is also a more simple method for gaining access to a computer, without the use of dictionary or brute force attack and plus no one would never notice any changes to their computer. You can get in and out, without leaving any traces behind.

Check this link out.

http://pubs.logicalexpressions.com/pub0009...icle.asp?ID=305

So this is basically a "professional" version of konboot? It seems like the tool my office used to use before i worked there. I would only look into such a tool for the support aspect of it. Thank you for the link though it does seem promising in the event of an emergancy when KonBoot doesn't work.

Don't purchase something when there are tools out there to do this for free. If you wanted to reset a password to an account to logon, use something like UBCD4WIN, which has tools for resetting (local) NT Passwords and they work every time I have used them, unlike Konboot. You could also boot any live linux cd and access whatever you want, defeating a need for a windows password, or you can do the utilman rename and use the cmd.exe in its place so when booting, you hit the shortcut key "windows+u" and it launches your CMD window. You then tpe explorer.exe and it bypasses the windows logon giving you a normal windows shell.

All bets are off if you have physical access to a machine. Short of full drive encryption there isnt much you can do to save your machine from being accessed.

Agreed. I have UBCD version 4.11 and 5RC1 on my multipass as well as that NT Registry tool (cant remember the name lets you remove passwords change passwords edit regestry etc.) As for live CD's that is why when i was on windows i used TC Whole Disk Encryption however now i am running Ubuntu i can't find a way to replicate that only have an encrypted home directory (is Whole disk even possible with linux? i would use it if it is an option). KonBoot does seem to have issues however i like to have it for when it does work saves me time in using ophcrack (which isnt always reliable either).

You are absolutely right, and I know for a fact that there are tools out there for recovering windows password for free. But at the time when I needed a tool for recovering my administrator's account password, the windows installation CD served me well.

But I do appreciate your comment as well.

Thank you.

I agree sometimes it comes down to the need to use proprietary tools even when there a free alternatives and although its not always the case most of the time if you pay for a tool you will get support and occasionally means fewer bugs but then again so do huge open source communities.

Thank you

Link to comment
Share on other sites

I've found it easier to either blank the password or just crack it with Ophcrack.

I've had both of those work for me on XP, Vista and 7.

EDIT: You can use TrueCrypt for full disk encryption.

Edited by Charles
Link to comment
Share on other sites

Guest Deleted_Account
I've found it easier to either blank the password or just crack it with Ophcrack.

I've had both of those work for me on XP, Vista and 7.

EDIT: You can use TrueCrypt for full disk encryption.

TrueCrypt doesn't support Linux or anything besides windows for Whole Disk Encryption because on linux /boot must remain unencrypted in order to boot. (however couldnt trueCrypt bootloader just pass it off to Grub (on the actual drive instead of the MBR and then Grub boots the /boot ? ie. boot comp loads TC bootloader --> enter pass --> boots to Grub/Grub2 on the HDD --> boots linux?) correct me if i am wrong.

thanks :)

Link to comment
Share on other sites

Guest Deleted_Account
Linux can do full disk encryption built in as far as I know.

http://www.exiletv.com/2009/09/29/linux-fu...isk-encryption/

Well i stand corrected :P Is it possible to do this after already installing? I want Whole Disk encryption but i already have ubuntu 9.10 and 10.04 setup the way i want would i have to reinstall or could i just make a /boot partition and encrypt the rest?

Link to comment
Share on other sites

Well i stand corrected :P Is it possible to do this after already installing? I want Whole Disk encryption but i already have ubuntu 9.10 and 10.04 setup the way i want would i have to reinstall or could i just make a /boot partition and encrypt the rest?

In any OS you can always encrypt the whole disk and since digip has already answered it then..

Link to comment
Share on other sites

Guest Deleted_Account

In any OS you can always encrypt the whole disk and since digip has already answered it then..

I did not here anywhere in that video an answer to my question:

Well i stand corrected :P Is it possible to do this after already installing? I want Whole Disk encryption but i already have ubuntu 9.10 and 10.04 setup the way i want would i have to reinstall or could i just make a /boot partition and encrypt the rest?

Read the BOLD words these are key to my question I already said i stood corrected on the Whole Disk Encryption what i asked after was different.

Link to comment
Share on other sites

I did not here anywhere in that video an answer to my question:

Read the BOLD words these are key to my question I already said i stood corrected on the Whole Disk Encryption what i asked after was different.

just wondering why haven't you posted these question on UBUNTU'S forum and asked on THIER irc chan, since they know about ubuntu not us, i run arch linux which is different to what you run

Link to comment
Share on other sites

Guest Deleted_Account
Linux can do full disk encryption built in as far as I know.

http://www.exiletv.com/2009/09/29/linux-fu...isk-encryption/

The question was directed at digip seeing how he pointed this out.

just wondering why haven't you posted these question on UBUNTU'S forum and asked on THIER irc chan, since they know about ubuntu not us, i run arch linux which is different to what you run

I have been trying to do this for about a year now the IRC and UBUNTU's forums are not helpful everyone says why bother. Not the attitude or response i am looking for. Not to mention it sounded like Digip knew about Whole Disk Encryption and i didnt think it hurt to ask if it would work on an already installed system or if i had to reinstall... If you dont like the question then why respond? Also take note in the fact i am running Ubuntu 10.04/9.10/Mint/Redhat/BT4/3/XUbuntu/Kubuntu/DSL/Chrome/Puppy/OSX on my system all of which have whole disk encryption setup besides 10.04 and 9.10 (and bt4/3) because i need to use the alternate disk and reinstall in which case it is not worth while to do so...

A quick search of ubuntuforums listed a few threads on drive encryption. Most from a couple years ago. If you want any updated info you would be better off posting over there.

Again all of these threads (some of which i started) talk about LUKS installs and using the Alternative installation CD to do it. A method i already no about and i am not in the position to use, since my computer already has ubuntu installed. I asked Digip if he knew if i could do it with out reinstall None of the threads on Ubuntu's forums state this most of them have people complaining of how useless it is and how an encrypted home directory is enough which it isn't in my case i have millions of $$ worth of data that must remain a trade secret in this circumstance it is not useless which is why right now my data is secured on an encrypted partition with TC using Layered algorithms and a 63 char. alpha numeric password as well as approx. 10 key files stored in separate locations (one of which is in a Vault). You can see why i was intrigued by Digip's post of Whole Disk Encryption and why i asked if i could do it with out a full reinstall.

Any ways if you dont like the question dont respond it is simple.

Link to comment
Share on other sites

Guest Deleted_Account
I wonder if it would be easier just to add another hard drive, encrypt it, then copy the data over. Then shred the data from the other drive.

Check this out here:

http://www.ubuntugeek.com/emount-mount-enc...isk-drives.html

http://www.ossramblings.com/ubuntu_externa...pted_hard_drive

eMount looks promising i am trying it now with my 1TB external. i am just glad it allows AES 256 bit. How ever i cant tell if it is in XTS mode or not? I read the Documentation it didnt say. probably safe to bet it doesnt as the only program i can think of that supports XTS is TC and maybe PGP's OTFE app.

Thanks though :)

seems to be working nicely so far.

Link to comment
Share on other sites

Guest Deleted_Account
Good to hear.

Can't TC encrypt drives as well?

Yes TC can encrypt volumes and with layered algorithms too (my fav. being AES-SERPENT-TWOFISH) as well as support for XTS mode. But I have been having issues with true crypt and linux. maybe its just 10.04 i dont know but it crashes constantly on me sadly :(

Link to comment
Share on other sites

Kon Boot has been updated with numerous bug fixes, improvements, and support. The original free Kon Boot has some bugs, particularly with Windows 7. There are a few BIOS's which we are currently adding support for in some isolated cases; namely, select versions of phoenix 2005 bios. This is the only recorded BIOS (newer) which gives any problem. Of course, very outdated BIOS with small memory capability are not supported. The reason is simply not enough space/memory. Although, most of these older BIOS were for Win9X/ME and after XP was released, they have since been phased out. A new version (for a small fee) is available at the Kryptos Logic website, and I believe a few licenses will be given away sometime soon through hak5. On a side note, Kon Boot is not meant to compete or replace 0phtcrack or l0phtcrack, or any other password reset utility. Kon Boot is a password bypassing utility, leaving the original password intact. There are plenty of utilities to reset passwords which are freely available.

Link to comment
Share on other sites

Guest Deleted_Account
Kon Boot has been updated with numerous bug fixes, improvements, and support. The original free Kon Boot has some bugs, particularly with Windows 7. There are a few BIOS's which we are currently adding support for in some isolated cases; namely, select versions of phoenix 2005 bios. This is the only recorded BIOS (newer) which gives any problem. Of course, very outdated BIOS with small memory capability are not supported. The reason is simply not enough space/memory. Although, most of these older BIOS were for Win9X/ME and after XP was released, they have since been phased out. A new version (for a small fee) is available at the Kryptos Logic website, and I believe a few licenses will be given away sometime soon through hak5. On a side note, Kon Boot is not meant to compete or replace 0phtcrack or l0phtcrack, or any other password reset utility. Kon Boot is a password bypassing utility, leaving the original password intact. There are plenty of utilities to reset passwords which are freely available.

Interesting i just downloaded the new (free) version of konboot of the site it seems to fix the bluescreen problem on the win 7 machine how ever bios problem is still there and as it turns out it is a phoenix bios 2005 :( oh well ill figure it out :P

thank you :)

Link to comment
Share on other sites

Free version? It looks like you have to buy it. Am I missing something?

Konboot is free. if you paid for it, then you got it from the wrong place, and chances are its malware.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...