Building a strong Win XP Password line

Case 1: use the net command vulnerability to add users to log on to Widows XP

Intrusion feasibility analysis: the partition File System of Windows XP is in FAT32 format, and the name of the Super Administrator Account Created in the Windows XP system to be intruded does not contain Chinese characters.

Whole intrusion process:

1. start Windows XP at startup. When the screen displays the "Starting Windows XP" step, press the "F8" key to bring up the system startup selection menu and select the "safe mode with command line" command item;
2. After a while, list the options of the Administrator and other users, select the Administrator, and press enter to enter the command line mode;
3. Enter the command "net user USERa 123456/Add" (excluding full quotation marks, the same below). After you press enter, the system automatically adds users with USERa name and password 123456. If the USERa user already exists in the system, you can change the password of the existing USERa user to 123456. Note that you can change the password without entering the original password;
4. Run the "net localgroup administrator USERa/Add" command to upgrade USERa users to the administrator level, that is, operating systems with all permissions;
5. The last step is to restart the computer, use the newly added account in the logon window, enter the new password you just changed, and log on successfully.

Preventive measures:

Precaution 1: Try to use the NTFS file system to install Windows XP. Although NTFS is in pure DOS Status, it can be accessed through the NTFS for dostool, but this also increases the difficulty of intrusion. If your Windows XP partition file system is in the format of FAT32, you can convert it to the NTFS format as follows:
1. Click "Start> Run", enter "cmd" in the text box, and press Enter;
2. in the new "command prompt" window, enter "convert C: FS: NTFS" (Suppose the partition of the XP system is drive C). Press enter, the system detects the file system of the current partition. After a short while, the system prompts you to enter the volume label. If the original partition has a volume label, you should enter the same volume label as the original one. Press enter to start the conversion of the file system.
Tip:

Convert is a doscommand of Windows XP. Its function is to convert the FAT file system to the NTFS file system, and enter "convert/?" in the "command prompt" window /?" You can view the specific parameters of this command (1 ).

Figure 1

3. after the conversion is successful, right-click disk C in the resource manager and select the "attribute" command. In the "disk C properties" window, select the "enable compression to save disk space" check box, after you click "OK", the system starts to compress the C drive file. Some files will pop up with a warning box. Select ignore all.

Precaution 2: Apply the password to the Administrator account with the "Administrator" name or modify the account name. The specific method will be mentioned later. It is recommended that the created Administrator account contain Chinese characters, the objective is to make the input process troublesome.

 

Case 2: intrusion into Widows XP by replacing the password management File

Intrusion feasibility analysis: Widows XP uses "SPOOLSV. EXE process (2) manages Windows XP login. Every time you log on to the system, the system first calls "SPOOLSV. EXE "process checks whether the current system uses a password. For accounts with no logon password set, the "SPOOLSV. EXE" process will remember and use the automatic logon method, that is, skip the password detection step. Therefore, the success of this case is very high.

Figure 2

Whole intrusion process:

1. find a Windows XP system without a password, go to the "WINDOWSsystem32" system directory on the XP system disk, and name it "SPOOLSV. EXE "(50 Kb) is copied to a floppy disk or flash memory (3 ).

Figure 3

Tip:

If the specified file is not found in the "WINDOWSsystem32" folder, the system file is hidden and displayed. In the resource manager, click "Tools> Folder Options" in the menu ", on the "View" tab, undo the "Hide protected operating system files (recommended)" check box and select "show all files and folders" as "show all files and folders.
2. after preparing the password file, first confirm the file system of Windows XP to be intruded. If it is FAT32, it will be very convenient. You only need to find a boot disk and put the "SPOOLSV" in the floppy disk. copy EXE to the "WINDOWSsystem32" folder of the target XP system partition to overwrite it. If it is an NTFS file system, Case 1 has mentioned access through NTFS for DOS. Of course, if it is an NT multi-system coexistence, you can enter another system to replace it. The final goal is to replace "SPOOLSV. EXE file.
3. after the file is replaced, start Windows XP normally. After a while, you will find that you can directly enter the Windows XP desktop without entering a password (the first user will be selected to log on to the Windows XP system for multiple users), and the intrusion has been successful.

Intrusion sequelae: Although Windows XP can be successfully entered in this case, the password is required after the user is switched or logged out. In other words, you only need to let the system start and skip the logon window. Once the logon window is activated (switching or canceling the user), the password detection procedure is normal. In addition, it will destroy the sleep function of the system.

Preventive measures: Pay attention to Case 1's "defense ADVICE 1", which brings some trouble to the intrusion. Enable the password policy function of Windows XP, that is, the topic of this article.

In the above two cases, it seems that the password of Widows XP is useless. In fact, this is only a risk of hiding the password set by default in Widows XP, the system's "Local Security Settings" tool is used to define more secure password rules. We can build a strong line of defense for Widows XP Passwords.

1. Run the "Local Security Settings" tool.

Click Start> Run and enter secpol. msc to activate it. In the left-side directory tree of the Main Window, expand "Account Policy> password policy". The password rule we want to define is the option displayed on the right panel (4 )!

 

2. Set various options for password rules

First, double-click "Password Must Meet Complexity Requirements" and set security to "enabled ", in this case, the password created in "Control Panel> User Account" must contain uppercase and lowercase English letters, Arabic numerals, and special characters (such as punctuation marks and ,! @ # $ % ^ & () And so on). If it does not contain one of the three types of characters, a dialog box is displayed.

Tip: Password Security Test conditions:

(1). Do not use your own name, birthday, or simple words or numbers found in the dictionary as all components of the password;
(2) Add special characters to your password, such as "+ -*/~" If necessary, it can be case-insensitive, although mostProgramThe Chinese character can be used as a password, but the disadvantage is that the Chinese character is entered in other text boxes, and the Chinese character password is not recommended;
If you think it is simple to create a password, but it is not easy to remember, you can try this method: first, create an English sentence that you are very familiar with and easy to remember. It can be a famous saying sentence, such as "Hello! Is it my Password ?" Similar sentences, so that we can work out "H!" step by step! IimPw ?" The short password. When you enter the password, read this sentence in your mind (never read it !), Enter a keyword.

Minimum password length (5): the minimum number of digits for creating a password. You can enter an Arabic number between 0 and 14. 0 indicates that the length of the created password is not required. Once the user-created password does not meet the required number of digits, a dialog box warning is displayed;

Figure 5

Maximum Password retention period (6): This option is interesting. It is used to set the password expiration time, that is, a new password that meets the requirements must be changed within the specified period. Of course, if it is set to 0, the password will never be voided, and the maximum cycle is 999 days;