Penetrating Windows OS Security

Goswami Hardik K, Sagar Acharya B,Vankhede Vijay S

CSE Department,EC Department,Gujarat Technology University HJD Institute Of Technical Education & Research
geniushkg@gmail.com sagar.acharya21@yahoo.com

Vamkhede_vijay@yahoo.com HJD Institute of Technical Education & Research

Abstract This document Is a study on penetrating Windows operating System Security Using Linux Kernel and other open source drivers , manuplating SAM databse where Windows OS Saves User Access Managment Informtion like User accounts Name ,Password.

So to penetrate windows operating system security ,Simply Get access to SAM database , This is stored in [windows/system32/config] directory of Windows installation drive. Windows use NTFS file system so we also need to read raw ntfs data ,means drivers which allow to read & write ntfs file system. We need a operating system to run ntfs drivers ,this need is satisfied easily using linux kernel available online. A boot loader to load our operating system from bootable Drive.

Keywords Windows Os,SAM database,CHNTPW.

I. INTRODUCTION Windows Operating System is worlds most used Operating System with market share over 90 %,this is primary reason for hackers to build tools and crack or penetrate windows security ,Similarly White Hat Hackers Also Target this Family of Operating System because nmore than 90 % of operating system installed in this world belongs to this Family, So to make Secured Operating System ,methods to penetrate operating system must be found. TECHNIQUE : Any Access Management penetrated easily System can be

A. SAM ( security access manager)

Only if its Database can be accessed,because any access management system needs to store user information like username,password,account type. Windows Access management System Stores User Information in SAM database, Security Access Manager

The Security Accounts Manager (SAM) is a registry file in Windows NT, Windows 2000, Windows XP, Windows Vista and Windows 7. It stores users' passwords in a hashed format (in LM hash and NTLM hash). Since a hash function is one-way, this provides some measure of security for the storage of the password

B. NTFS (New technology File System)

NTFS (New Technology File System)[1] is the standard file system of Windows NT, including Windows 2000, Windows XP, and all their successors to date.[6] NTFS supersedes the FAT file system as the preferred file system for Microsofts Windows operating systems. NTFS has several improvements over FAT and HPFS (High Performance File System) such as improved support for metadata and the use of advanced data structures to improve performance, reliability, and disk space utilization, plus additional extensions such as security access control lists (ACL) and file system journaling. C. Linux Kernel ,VMLINUZ

II. PRECOIMPILED-TOOL A. CHNTPW This is ready to use tool to penetrate windows security,everything described above is precompiled to work Efficiently,just get files burn to a cd or usb drive And boot From it.

1) Bootmenu: Below display an image of first Bootmenu

vmlinuz is the name of the Linux kernel executable. A kernel is a program that constitutes the central core of a computer operating system. It is the first thing that is loaded into memory (which physically consists of RAM chips) when a computer is booted up (i.e., started), and it remains in memory for the entire time that the computer is in operation. An executable, also called an executable file, is a file that can be run as a program. vmlinuz is a compressed Linux kernel, and it is bootable. Bootable means that it is capable of loading the operating system into memory so that the computer becomes usable and application programs can be run.
D. Boot Loader (Syslinux Isolinux) SYSLINUX is not normally used for booting full Linux installations since Linux is not normally installed on FAT filesystems. Instead, it is often used for boot or rescue floppy discs, Live USBs, or other lightweight boot systems. ISOLINUX is generally used by Linux Live CDs and bootable install CDs. Nothing user input is required here it will move to next state given below. 2) User Input: In this state user have to input number of partition where Windows is installed.

3) Path to registry: After entering the number of partition where windows is installed user enters path to [Windows/system32/config]. B. Editing User password This will give option to edit user password In this user can: 1) Clear Password 2) Change Password

III. BUILING COMPILING THE TOOL

1)http://pogostick.net/~pnh/ntpasswd/ 2)Get linux flavour ubuntu suggested and compile use GCC tool Chain.

IV. CONCLUSION

Saving Password:
1) Enter : ! to go back 2) Enter: q to quit program 3) Enter: y to write changes to SAM And you Are Done , now restart computer after removing Pendrive or disc and computer will start without password if you have cleared or enter the changed password and you will be logged in.

Windows is not safe Operating System for sophisticated data,can be easily cracked by any one who have access to computer for 10-15 mins also data security is less.

V. ALTERNATIVES

There are lots of alternative which are open source Higly secured compared to windows but not as simple as windows this os are not user friendly so it takes time to get on some linux flavor after using windows for long time.

Reference [1] [2] [3] [4] www.google.com www.wikipedia.com.s http://pogostick.net/~pnh/ntpasswd/ Makeuseofus.com