SecurityFocus

Changing local admin PW using vb logon script - can it be encrypted? Dec 01 2005 05:02PM
tth8 cornell edu (2 replies)

Re: Changing local admin PW using vb logon script - can it be encrypted? Dec 01 2005 10:27PM
Ivan Carlos (icarlos icarlos net)

i'm using this - http://www.sysinternals.com/Utilities/PsPasswd.html

The problem is: white the same password in all machines

i recommend to apply different passwords in groups, enumerating via script
logon (if necessary, u can use sanur - www.commandline.co.uk/sanur/)

[]'s!

Ivan "Doomer" Carlos
Network Admin & Security
Social Engineering Specialist
Cell.: +55 (11) 8112-0666
--
AIM / Gizmo / GTalk / Skype / Y!M: ivandoomer
E-mail / MSN: icarlos (at) icarlos (dot) net [email concealed]
WebSite: www.icarlos.net
--
Hacking: http://hacking.doomer.ws
--------------------------------------------------

----- Original Message -----
From: <tth8 (at) cornell (dot) edu [email concealed]>
To: <focus-ms (at) securityfocus (dot) com [email concealed]>
Sent: Thursday, December 01, 2005 3:02 PM
Subject: Changing local admin PW using vb logon script - can it be
encrypted?

> Hi all,
>
> Long time lurker, first time poster. We have roughly 500 computers that
> we'd like to change the local admin passwords on. We realize the security
> risks of having 1 password on all of our computers and are willing to
> assume that risk. We've developed a VB script that we can implement as a
> logon script that works perfectly to change the password. We do not want
> this script sent along as clear text if we can avoid it. Is there any way
> we can encrypt this script?
>
> We've looked at options such as using Windows permissions to either deny
> Domain Users access (preventing anyone from reading the script) or
> allowing only Domain Computers Read Only access.however I think that if
> you are logged into a local computer you should be able to read the
> script. Not to mention, if you could capture the packets, you could
> easily find the script and its contents so permissions would matter at all
> in that scenario.
>
> Any help and/or insight is greatly appreciated.
>
> Best,
> .tom
>
> ------------------------------------------------------------------------
---
> ------------------------------------------------------------------------
---
>
>

------------------------------------------------------------------------
---
------------------------------------------------------------------------
---

[ reply ]

AW: Changing local admin PW using vb logon script - can it be encrypted? Dec 01 2005 05:32PM
Info (Info hbdk de) (1 replies)

Re: Changing local admin PW using vb logon script - can it be encrypted? Dec 01 2005 10:02PM
Thor (Hammer of God) (thor hammerofgod com)