In dealing with the topic of IT Security I thought that I would share the story of how a colleague and I nearly gained administrator control of a computer. I say nearly, because it was possibly for us to have gained control of the computer, but it could have cost us our jobs, so we decided to rather wait a day and get the administrative rights to the computer the proper way.
So my colleague and I were busy deploying software to a workstation which was part of the work that we had to do. But we found that to install the particular software we required administrative rights to install the MSI (Microsoft Installer) package.
After a bit of googling on the internet we found quite clear instructions on how to give ourselves administrative access to the machine. The steps were quite simple all we needed to do was to overwrite the link to the Utilman.exe in the registry. Utilman.exe is a program which is normally used for people with disabilities which assist them to log onto the computer. You can press Windows Key + U to activate utilman. You then copy the program you would rather run over the utilman.exe. A program like cmd.exe would be quite useful as then with cmd you can run any command with Administrator rights, including resetting the Administrator account password.
I think that this will only work with older versions of Windows. But that is the story of how we nearly gained unauthorized access of a machine. I would never recommend gaining unauthorized access to a machine, always ensure that you have the appropriate authorization.
In order to protect your computer from hackers you should:
- make sure that your version of Windows has all the latest updates.
- put a bios password on your computer. This means your computer requires a password in order to boot up. Most of the password cracking tools these days require that your machine is rebooted.
I hope that you found this article helpful. Please leave a comment for me if it did.