Access Linux and Windows without a password using Kon-Boot

Having finally read Claus' post about Kon-Boot from the 25th, I thought it pretty cool and felt like posting about it over here.

He goes into some detail about the tool, so you can check it out if it interests you. But here are the juicy and important points.

What it does is modify the operating system kernel in memory (grabbing control at the BIOS to bootloader handoff), changing the necessary parts to disable the need to use a password to log in. It runs off of a CD (or a floppy… maybe you could get it to work off a USB stick, too). Hot stuff.

From what I read at GSD, such techniques aren't new, but this is a pretty sweet implementation. It doesn't work with computers on a domain setup, but that makes sense; you would have to inject code into the server, too, to make it work, because the computer needs to authenticate with the server, and unless the server is compromised, too, it's not gonna let you login with out proper credentials (password, keycard, whatever). And even if you could get through to a local account on the computer, you might not be able to nab anything important since user data might be stored on the server. I'm not sure about the caching methods used, though (I'm talking about Windows here; I don't even know if Linux has domains). Maybe some user data would still be cached on the hard disk, I don't know.

In any case, it's a pretty cool technique, even if I'm not so geek about it as Claus.