|
|
Atari demoscene BBS
| Re: Windowz |
|---|
|
Posted by: Ragstaff
|
May,29.2003-16:49
|
Hmmm, I don't want to encourage illegal behaviour here, or to get you fired, BUT...
1)try a keyboard capture program.
2)Depending on how stupid he is, try writing an html page with some bogus content, and a vb\javascript popup window that mimics the one where he enters his password, and write the value he enters in the password field to file. You may want to leave this page on the desktop, and he may think "oh, what's this?" and open it, or you could put it on the net and somehow get him to visit it (put some info about something he's interested in on it, then email him the link "thought you might like this".)
You can try mimicing the window, or another tactic, like "Please confirm your identity before viewing this page" (it depends how stupid he is ;-)
If the page is locally stored (eg desktop) it shouldn't bother him that it asks for a password, because a "legit" saved page could very well have banner ads or pictures that need to be loaded from a server.
And whatever you do, don't be stupid and create the text file with the password on the desktop! Save it to c:\temp or something...
3)get a packet sniffer if you are on the same network as he is. The password will probably be encrypted, but you might be lucky...
4) ask him?? if you have some reason to find something for work on the 'net, he may just tell you if you ask nicely and you promise not to tell anyone? I don't know what sort of bloke your boss is, so this might be a ludicrous suggestion :-)
5) Systematic approach with commonly used passwords. See this page:
http://www.businessweek.com/1997/06/b351314.htm
6) Your own idea about decrypting the .PWL file. I've know there are programs that do this (the encryption used is pissweak), but I can't repeat any names offhand. Try google...
There are more approaches I'm sure... you could come up with more if you sat down and thought about it, but that should be enough to get started for now.
haha, you should ask him to validate some site about "cracking passwords". That would be really funny, to see how he reacts. hehe
I don't want to preach, and I probably don't have to, but I feel I must include this if I give "hacking" tips....
ethic: don't abuse your power. Don't get other people in trouble (like leaving an audit trail back to the wrong person). Don't do any damage. Don't be an asshole!
|
[All messages in this thread] [Start new thread]
What's the anti-troll code?
That's your personal code to be able to add comments and messages on the dhs.nu site.
Don't have a code or forgot it? Fix it here.
|
