Category: Hacking

Demonstration of Windows XP Privilege Escalation Exploit

This article is a tutorial on how to trick Windows XP into giving you system priviledges. Using simple command line tools on a machine running Windows XP, we will obtain system level priviledges. The system run level is higher than administrator, and has full control of the operating system and it’s kernel. On many machines this can be exploited even with the guest account. This system account allows for several other things that aren’t normally possible (like resetting the administrator password).
The Local System account is used by the Windows OS to control various aspects of the system (kernel, services, etc); the account shows up as SYSTEM in the Task Manager process list, as seen in the following screen shot:
Local System differs from an Administrator account in that it has full control of the operating system, similar to root on a *nix machine. Most System processes are required by the operating system, and cannot be closed, even by an Administrator account; attempting to close them will result in a error message.

The following quote from Wikipedia explains this in a easy to understand way:
Quote: In Windows NT and later systems derived from it (Windows 2000, Windows XP, Windows Server 2003 and Windows Vista), there may or may not be a superuser. By default, there is a superuser named Administrator, although it is not an exact analogue of the Unix root superuser account. Administrator does not have all the privileges of root because some superuser privileges are assigned to the Local System account in Windows NT.

Under normal circumstances, a user cannot run code as System, only the operating system itself has this ability, but by using the command line, we will trick Windows into running our desktop as System, along with all applications that are started from within.   Procedure to get system level access and previlege escalation in windows I will now walk you through the process of obtaining SYSTEM privileges and a demonstration of this Windows XP admin exploit / super user hack 

Continue reading

Guide on how to hack all kinds of Vending Machines

 In this tutorial, we are going to hack a Coke vending machine. While these machines might look dumb from the outside, underneath is a very simple Operating System on which it runs and we are going to try to hack into this to gain access to a debug menu and gain access to all sorts of information. This is something that almost no one ever notices, every coke machine with a LED screen is hackable. You can find out cool stuff like how much money is in the machine, how many times one soda has been bought, etc.Which machines work?
We are looking for COCA – COLA product vending machines, which means the picture outside the vending machine would be showing either Coke or Dasani or Vanilla Coke or Sprite or Fanta among other Coke pridcuts. Also the machine must have a LED screen which displays some sort of a scrolling text. Usually in most college campuses, they would be set to “Please swipe your card” or “Select your product”

Steps

  1. Find a Coke machine that has an LED screen.
  2. Push the following buttons in the order given 4, 2, 3, 1.
    • If the buttons are in a column the first button is the top one.
    • If they are in a grid or other format, the first button is usually the top left one.
      Continue reading