Last night while learning Snort I headed towards Ask Raymond site, and came across this cool tool called Kon-Boot it’s a live linux boot disc. What this can do is bypass the domain or local administrators account. I tested this on one of my end users with special permission through my co-partner, this boot CD got me through the account with no interruption no password required. I realized while on line, it locked out the account, but when offline I did not have any issues. Now just to make sure my account being the Local Domain Admin I went ahead and tested myself a few times, and thank God can’t access my account,only as a local administrator it’s possible. This is very scary because it forces you to set a bios password, and encrypt your hard drive. So far I have not tested on Vista or Windows 7, but I’m sure someone out there can give us some feedback, try it on a 64bit OS maybe it might work. Once you reboot back to your system without the Cd everything should be back to normal.
Link to Kon-Boot---- http://www.piotrbania.com/all/kon-boot/
Ask Raymond Site-http://www.raymond.cc/blog/archives/2009/04/29/login-to-windows-administrator-and-linux-root-account-without-knowing-or-changing-current-password/
PS -Please do things ethical this teaches us to warn others about exploits like this one.