Learnaseyego Posted September 17, 2010 Posted September 17, 2010 Just wondering what you all think of kon boot and wondering if there is any other software out there that might be any better. THANKS! Quote
Mr-Protocol Posted September 17, 2010 Posted September 17, 2010 My thought is, if you are going to run a CD boot anyways. Why not boot BT4 or any other linux OS and just access what you want which will not write anything to the actual disk. Helix 3 even. Quote
Infiltrator Posted September 17, 2010 Posted September 17, 2010 (edited) I used KonBoot in the past, but did not have much luck with it. Not as effective as Ophcrack is. Bear in mind that Ophcrack has limitations. So if you want to have a good rate of success when cracking passwords, you better off generating your own rainbow tables or you can buy the tables. http://www.freerainbowtables.com/ http://project-rainbowcrack.com/ Edited September 17, 2010 by Infiltrator Quote
SomethingToChatWith Posted September 17, 2010 Posted September 17, 2010 which will not write anything to the actual disk Kon-boot patches memory. I don't think it ever touches the disk. I've had problems with Kon-boot on some machines too. I'm hoping they'll come out with an improved version soon (my 6 month whatevers expiring). Kon-boot is still very useful, being the only one of its kind to completely bypass the need to enter a password at logon... and it does it quickly... a lot faster than dealing with booting livecds. Quote
Mr-Protocol Posted September 17, 2010 Posted September 17, 2010 (edited) Kon-boot patches memory. I don't think it ever touches the disk. I've had problems with Kon-boot on some machines too. I'm hoping they'll come out with an improved version soon (my 6 month whatevers expiring). Kon-boot is still very useful, being the only one of its kind to completely bypass the need to enter a password at logon... and it does it quickly... a lot faster than dealing with booting livecds. Konboot patches the kernel on the fly. I cannot remember if any modifications are written to the disk. I was taught with my forensic courses to kind of always think in a manner that will not alter data and keeping things from being modified as much as possible. That in a forensic case will not only kill your reputation as a forensic examiner, but may cause legal issues for tampering with evidence. Konboot just patches the kernel to avoid passwords. Same can be done with any linux live CD/DVD. I kind of don't understand the point in cracking user logins when you can just boot from a live CD/DVD and access all the files that way. Edited September 17, 2010 by Mr-Protocol Quote
Learnaseyego Posted September 17, 2010 Author Posted September 17, 2010 Konboot patches the kernel on the fly. I cannot remember if any modifications are written to the disk. I was taught with my forensic courses to kind of always think in a manner that will not alter data and keeping things from being modified as much as possible. That in a forensic case will not only kill your reputation as a forensic examiner, but may cause legal issues for tampering with evidence. Konboot just patches the kernel to avoid passwords. Same can be done with any linux live CD/DVD. I kind of don't understand the point in cracking user logins when you can just boot from a live CD/DVD and access all the files that way. Good info, Thanks! But I think the point of something like kon boot would be great for loading a computer into its native OS and settings so that if someones grandma (or something) forgot there password they could get in and go through and backup things they want before formating or something like that. If you tried to get my grandma to boot a live CD and use linux to browes her folders she would prbably catch on fire haha Quote
Mr-Protocol Posted September 17, 2010 Posted September 17, 2010 In the sense of data recovery. Don't give grandma a Admin account. Or at least know the password to the actual Administrator account so you can clear her password (why she has one in the first place i'll never know, can't remember to take pills). Quote
Infiltrator Posted September 18, 2010 Posted September 18, 2010 (edited) Konboot patches the kernel on the fly. I cannot remember if any modifications are written to the disk. I was taught with my forensic courses to kind of always think in a manner that will not alter data and keeping things from being modified as much as possible. That in a forensic case will not only kill your reputation as a forensic examiner, but may cause legal issues for tampering with evidence. Konboot just patches the kernel to avoid passwords. Same can be done with any linux live CD/DVD. I kind of don't understand the point in cracking user logins when you can just boot from a live CD/DVD and access all the files that way. Since you have done the forensic course, are you able to say whether Ophcrack will leave any traces behind. Edit: By the way, what was your forensic course titled, I am thinking in taking up one. Edited September 18, 2010 by Infiltrator Quote
Mr-Protocol Posted September 18, 2010 Posted September 18, 2010 Well I have taken 3 or 4 courses for an Associates in Computer Forensics and Data Recovery. We went over manually using a hex editor to read and repair partition tables, the chain of custody and lots of law on how to handle evidence; to having user policies and using FTK and Encase. There will soon be more as soon as my college gets the Bachelors polished out. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.