Archive for the ‘Uncategorized’ Category

Scan for Blank Admin Passwords without Commercial Software

Tuesday, August 7th, 2007

I’ve seen blank administrator passwords at every organization I’ve worked. Without fail there will be some user that manages to get a PC onto your network without setting a password. This type of scenario opens up Pandora’s box into the number of vectors that could be created. Once a malicious user has control over a machine on your network its essentially game over. So as someone with security and risk management in mind you want to periodically scan for such activity, but your organization isn’t gonna spring for some fancy tool. Luckily this task can be put into a windows script that can check for this condition, see the script below.


I’m back

Thursday, July 12th, 2007

I started this journey back in October of 2006 but took a break because of several reasons. New job, new town, new hosting provider, and last but not least my first child. Just about everything in my life has changed, but its all been for the better. I’m still getting paid to break information systems so that part hasn’t changed. I’ll repost some of my older articles and hopefully future posts will be chock full of hackery and more frequent.