Found out the other day just how easy it is to bypass the vista logon.

All you have to do is copy "cmd" and rename it Magnify then copy it to system 32.

Then at the logon screen press "windows key" + "u" then click magnify and "cmd" pops up and you can just type "explorer" and you are in wihout logging in!

I hope microsoft find a fix for this soon.

so be carefull!!

surely it is just faster to log on??:confused:

so be carefull!!
I will be. I'm not letting you in my house...lol

I will be. I'm not letting you in my house...lol same i will think twice

The drawback being you have to had logged in at least once to be able to bypass the login inthe future.

yeah true so if you were hacking into the mi5 computers it won't work...:(

...or you could boot in safe mode and log in as the Administrator...

The drawback being you have to had logged in at least once to be able to bypass the login inthe future.

Why do you say that? I mean, to boot a PC off a USB key or CD would allow one to make the file changes. Unless you are eluding to the fact that explorer won't launch otherwise...

I'm going to try this just now - I can't wrap my head around the idea of a user session without a user hive registry loaded, etc.

This 'bug' has been around over 10 years!!! Atleast since NT server, i remember doing exactly the same and yes it gots you in, but not with any useful rights, just file ones. Turned out to be pretty useless, although back then it was renaming it to the screensaver default filename instead, and waiting for it to kick in.

Would it not be easier to boot off a CD and just reset the local admin password? Which I hasten to add is quicker than boiling a kettle. (Was into a mates vista computer before my wife had managed to make me a cup of tea - my 'fee' :D )

Nox

sounds like more hassle UNLESS you really wanted to hack in

But you'd have to be logged on once already to copy cmd and name it magnify?

Why would you have access one minute, to create a copy of cmd etc, then not have access?

I wouldn't go to my mates house, ask him if I could use his pc, let him log on for me, then do all that, so next time in his house I can bypass his password...

you could boot off a linux CD to do it, but if you're doing that, why not just replace the sam file instead...

no hum

Nox

Would that bypass any security on work machines?

Security is login based so no login should mean no security?

yeah it might do but i'm not smart enough to know :):thumbs:

carn't you just use the admin account??
on xp you can press ctrl alt deleat twice to and put Administrator and unless the use disabled or pass protected it will work.
i wonder if mi5 have thought of that!!!!:D

Those who say log in as Admin, dont most have a password, and you cant reset it without knowing the original password, or am I missing something?

Would that bypass any security on work machines?

Security is login based so no login should mean no security?

This is one reason why data is on a server, you cant walk into a server room and start messing with them! in this instance, bypassing vista, or any windows credentials, will not get you authenticated to the server with data on it.

Nox

I didn't work for me on my work lappy, although when in explorer CMD opens from the log in it doesn't.

at the end of the day if you want to keep your data safe you wont be relying on windows logon lol.