Andoza:Infobox dasturi Kon-Boot (aka konboot, kon boot) bu dasturiy ta'minot yordam dasturi bo'lib, u foydalanuvchilarga Microsoft Windows parollari va Apple”ni chetlab o'tish imkonini beradi. macOS parollari (Linux qoʻllab-quvvatlashi eskirgan) amalga oshirilayotgan tizimda doimiy yoki doimiy oʻzgarishlarsiz. Bu, shuningdek, Windows 10 onlayn (jonli) parollarini chetlab o'tish va Windows va macOS tizimlarini qo'llab-quvvatlaydigan birinchi xabar qilingan vositadir.[1] Bu shuningdek, kompyuter xavfsizligida keng qoʻllaniladigan vositadir, ayniqsa kirish testi.[2][3][4] 3.5 versiyasidan beri Kon-Boot SecureBoot funksiyasini ham chetlab o‘tishga qodir.[5]

Kon-Boot yuklash jarayoni

Kon-Boot dastlab kontseptsiyaning isboti, bepul xavfsizlik vositasi sifatida ishlab chiqilgan bo'lib, asosan parollarini unutishga moyil bo'lgan odamlar uchun mo'ljallangan. Asosiy g'oya foydalanuvchilarga to'g'ri parolni bilmasdan va u amalga oshirilayotgan tizimga doimiy o'zgarishlar kiritmasdan maqsadli kompyuterga kirishga ruxsat berish edi.

Birinchi Kon-Boot versiyasi 2008 yilda DailyDave pochta ro'yxatida e'lon qilingan.[6] Versiya 1.0 (bepul) foydalanuvchilarga Linux-ga asoslangan operatsion tizimlarga kirish va autentifikatsiya jarayonini chetlab o'tish imkonini berdi (tizimga kirish huquqisiz) parolni bilish).

2009 yilda ushbu dastur muallifi Linux va 32-bitli Microsoft Windows tizimlari uchun Kon-Boot-ni e'lon qildi.[7] Ushbu nashr har qanday kompyuterda Windows tizimlari parollarini chetlab o'tish uchun qo'shimcha yordam berdi. Windows operatsion tizimi Windows Server 2008 dan Windows 7 gacha. Ushbu versiya hali ham bepul dastur sifatida mavjud[8]

Eng yangi Kon-Boot relizlari faqat tijorat mahsulotlari sifatida mavjud[1][9] uchun vosita va hali ham saqlanib qolmoqda.


Joriy versiya quyidagi operatsion tizimlarda parollarni chetlab o'tishga qodir:

Qo'llab-quvvatlanadigan Microsoft Windows operatsion tizimlari[10]
Microsoft Windows XP
Microsoft Windows Vista Home Basic 32Bit/64Bit
Microsoft Windows Vista Home Premium 32Bit/64Bit

Microsoft Windows Vista Home Premium 32Bit/64Bit

Microsoft Windows Vista Business 32Bit/64Bit
Microsoft Windows Vista Enterprise 32Bit/64Bit
Microsoft Windows Server 2003 Standard 32Bit/64Bit
Microsoft Windows Server 2003 Datacenter 32Bit/64Bit
Microsoft Windows Server 2003 Enterprise 32Bit/64Bit
Microsoft Windows Server 2003 Web Edition 32Bit/64Bit
Microsoft Windows Server 2008 Standard 32Bit/64Bit
Microsoft Windows Server 2008 Datacenter 32Bit/64Bit
Microsoft Windows Server 2008 Enterprise 32Bit/64Bit
Microsoft Windows 7 Home Premium 32Bit/64Bit
Microsoft Windows 7 Professional 32Bit/64Bit
Microsoft Windows 7 Ultimate 32Bit/64Bit
Microsoft Windows 8 va 8.1 barcha versiyalari (32Bit/64Bit -- jonli/onlayn parolni chetlab o'tishni o'z ichiga oladi)
Microsoft Windows 10 barcha versiyalari (32Bit/64Bit -- jonli/onlayn parolni chetlab o'tishni o'z ichiga oladi)
Microsoft Windows 11 barcha versiyalari (64Bit, UEFI - Windows 11 o'rnatish talablari)
Qo'llab-quvvatlanadigan Apple macOS / OS X operatsion tizimlari[11]
Apple OS X 10.6
Apple OS X 10.7
Apple OS X 10.8
Apple OS X 10.9
Apple OS X 10.10
Apple OS X 10.11
Apple macOS Sierra (10.12)
Apple macOS High Sierra (10.13)
Apple macOS Mojave (10.14)
Apple macOS Catalina (10.15)
Apple macOS Big Sur (11)
Apple macOS Monterey (12) [12]
Apple macOS Ventura (13)

Technology

tahrir

Kon-Boot works like a bootkit[13][14] (thus it also often creates false positive[15][16][17] alerts in antivirus software). It injects (hides) itself into BIOS memory. Kon-Boot modifies the kernel code on the fly (runtime), temporarily changing the code responsible for verification user's authorization data while the operating system loads.

In contrast to password reset tools like CHNTPW (The Offline NT Password Editor), Kon-Boot does not modify system files and SAM hive,[18] all changes are temporary and they disappear after system reboots.

Additional Features

tahrir

While by default Kon-Boot bypasses Windows passwords it also includes some additional features that are worth noting:

  • Kon-Boot can change Windows passwords due to embedded Sticky-Keys[19] feature. For example after successful Windows boot with Kon-Boot user can tap SHIFT key 5 times and Kon-Boot will open a Windows console window running with local system privileges. Fully working console can be used for a variety of purposes. For example in case of changing Windows password following command can be used:[20] net user [username] [newpassword](selected user can be later added as new Windows administrator by typing: net localgroup administrators [username] /add). Similarly following command:[21] net user [username] * will erase current Windows password for selected user. Obviously many other actions are available since the Windows console is running with system privileges.
  •  
    Kon-Boot automatically executing PowerShell script with system privileges
    In the commercial Kon-Boot editions it is possible to use Automatic PowerShell Script Execution feature [22] which automatically executes (after Windows boot) given PowerShell script with full system privileges. This feature can be used to automatize various tasks for example performing forensics data gathering task etc. To use this feature Windows needs to be installed in UEFI mode.

Limitations (prevention)

tahrir

Users concerned about tools like Kon-Boot should use disk encryption[23] (FileVault, Bitlocker, Veracrypt etc.) software as Kon-Boot is not able to bypass disk encryption.[24] BIOS password and enabled SecureBoot[25][26] feature is also a good prevention measure. However Kon-Boot since version 3.5 is able to bypass SecureBoot feature.[27] Kon-Boot does not support virtualization and instructs users to turn it off in the bios.[28] Kon-Boot does not support ARM devices such as Apple's M1 chip.

References

tahrir
  1. 1,0 1,1 /all/kon-boot/ „Rasmiy Kon-Boot vositasi veb-sayti (Windows paroli va macos parolini chetlab o'tish)“. www.piotrbania.com. Qaraldi: 2019-07- 26.
  2. 2018/09/18/bu-bir martalik-qalam-test-qism-3-qanday-i-energiya-kompaniyasini-o'g'irlagan/ „Penetratsion test hikoyalari: Energetika kompaniyasini qanday o'g'irlaganim“ (en). Rapid7 Blog (2018-yil 18-sentyabr). Qaraldi: 2019-yil 22-noyabr.
  3. Andoza:Kitobdan iqtibos
  4. Andoza:Kitobdan iqtibos
  5. [https: //kon-boot.com/docs/windows_guide/#secure-boot-bypass „Windows Guide - KON-BOOT GUIDE - Unutilgan parollarni bartaraf etish (Windows va Mac)“]. kon-boot.com. Qaraldi: 2020-yil 3-noyabr.
  6. „Dailydave: TOOL: Kon-Boot v .1.0 - yuklash vaqti yakuniy linux xakerlik yordam dasturi ; )“. seclists.org. Qaraldi: 2019-yil 26-iyul.
  7. „Full Disclosure : Windows va Linux uchun KON-BOOT (Boshlarni unutish uchun parolni chetlab o'tish uchun yordamchi dastur)“. seclists.org. Qaraldi: 2019-yil 26-iyul.
  8. „[www.kon-boot.com KON-BOOT - ULTIMATE WINDOWS/LINUX HACKING UTILITY :-)“]. www.piotrbania.com. Qaraldi: 2019-yil 26-iyul.
  9. „Kon-Boot - Eng yaxshi parol windows paroli, mac paroli, unutilgan parollar, windows 10 paroli“ (en). kon-boot.com. Qaraldi: 2019-yil 26-iyul.
  10. „KON-BOOT GUIDE“. kon-boot.com. Qaraldi: 2021-yil 12-noyabr.
  11. „KON-BOOT GUIDE“. kon-boot .com. Qaraldi: 2019-yil 26-iyul.
  12. „Developer veb-sayti“. www.piotrbania.com. Qaraldi: 2021-yil 12-noyabr.
  13. Moabi.com (2012-07-29). [Defcon Hardware backdooring is practical]. https://www.slideshare.net/endrazine/defcon-hardware-backdooring-is-practical. 
  14. „Computer Emergency Response Team - Industrie Services et Tertiaire“. www.cert-ist.com. Qaraldi: 2019-yil 22-avgust.
  15. VirusTotal tackles the tricky false positives problem plaguing antivirus software
  16. Rubenking, By Neil J. „False Positives Sink Antivirus Ratings“ (en). PCMag (2015-yil 15-aprel). Qaraldi: 2019-yil 26-avgust.
  17. „False positives - What are they?“ (en-US). Panda Security Mediacenter (2010-yil 8-sentyabr). Qaraldi: 2019-yil 22-noyabr.
  18. „Security Accounts Manager - TechNet Articles - United States (English) - TechNet Wiki“. social.technet.microsoft.com. Qaraldi: 2019-yil 1-oktyabr.
  19. „In Windows, what are Sticky Keys, and how do I enable them?“. kb.iu.edu. Qaraldi: 2021-yil 24-iyun.
  20. „Windows Guide - KON-BOOT GUIDE - Remedy for forgotten passwords (Windows and Mac)“. kon-boot.com. Qaraldi: 2021-yil 24-iyun.
  21. M, John „How to Reset Your Forgotten Windows 10 Password“ (en-US). Solution to Windows and Mac password problems (2021-yil 26-mart). Qaraldi: 2021-yil 24-iyun.
  22. „Windows Guide - KON-BOOT GUIDE - Remedy for forgotten passwords (Windows and Mac)“. kon-boot.com. Qaraldi: 2021-yil 24-iyun.
  23. „What is Full-Disk Encryption? - Definition from Techopedia“ (en). Techopedia.com. Qaraldi: 2019-yil 23-avgust.
  24. „KON-BOOT GUIDE“. kon-boot.com. Qaraldi: 2019-yil 26-iyul.
  25. What is UEFI Secure Boot, 2022-04-12da asl nusxadan arxivlandi, qaraldi: 2023-09-17
  26. „Frequently Asked Questions about Secure Boot“ (en). Intel. Qaraldi: 2019-yil 26-avgust.
  27. „KON-BOOT OFFICIAL GUIDE - Remedy for forgotten passwords for Windows and Mac! Can't login? Use kon boot password software“. kon-boot.com. Qaraldi: 2020-yil 15-iyun.
  28. „Bypass Windows password with Kon-Boot (GUIDE) - KON-BOOT GUIDE - Remedy for forgotten passwords (Windows and Mac)“. kon-boot.com. Qaraldi: 2021-yil 27-avgust.
tahrir