Legalities of hacking utlities?

[[]V[]essenjah]

Are hacking utilities considered illegal if you are asked by someone to hack the machine that THEY, themselves own?

For instance.... a utility that is used to locate a user password if they forget it? I've run into a few cases like this and always have turned them down in the past but I would like to verify this to be correct.

[CDN_Merlin]

If you can prove they asked you, like have someone there or it's written down, it's legal. If you do it without consent, it's illegal.

[MD-2389]

Not to sound like a me-tooer, but as long as you have consent of the owner its fair game.

[Krom]

Not to mention 9 times out of 10 you can break into a Windows XP Home account by booting into safe mode, logging into the administrator account which probably has no password, and then resetting the password on the user account in question.

But do be careful, if they set \"make files private\" when they set a password, you can accidentally nuke everything stored in their my documents folder. So back that up first. Also all their stored passwords for internet sites and stuff will be lost.

[Kilarin]

Don't be certain you are safe having, or especially providing, hacking utilities even if you are using them for honest and legal purposes.

http://www.schneier.com/blog/archives/2 ... _hack.html
This is a German law, but it's already got some US folks wondering if they could be prosecuted internationally. And it's a dangerous trend that could reach US law someday soon.

[[]V[]essenjah]

I can't open that site.



BTW I know about the backdoor, boot into safe-mode trick too. But sometimes people don't like their passwords being changed, necessarily. I've read about a couple utilities that simply give you the password without damaging anything.


They could just set up a law so that if you use these utilities, you have to have a license as a professional computer tech and have you sign an agreement that states that you can not distribute their password to anyone else, nor use it for your own purposes, other than those that the customer asks for or something to that effect.

[Kilarin]

I can't open that site.

UGH!!!! Sorry, bad link. I lost the h of the http:// when I did the cut and paste. I fixed it now. Many apologies.

[Wheeze87]

But do be careful, if they set "make files private" when they set a password, you can accidentally nuke everything stored in their my documents folder. So back that up first. Also all their stored passwords for internet sites and stuff will be lost.

.....As i realised only too late, not so long ago either *slaps face*.....

[ccb056]

In XP you can reset the admin password to anything you like without knowing the original password ....

[heftig]

Only if you already are administrator.

[suicide eddie]

with consent with `on-site` hardware its normally ok but check the purchase warrentee if its new. if you need to remote to it across a network/telecoms line etc check with the provider if poss first.

[ccb056]

Only if you already are administrator.

No, I have a bootdisk where you just pop it in, boot, and you can replace the password.

You don't have to have any credentials at all to change the admin password on an xp machine.

[Genghis]

No, I have a bootdisk where you just pop it in, boot, and you can replace the password.

You don't have to have any credentials at all to change the admin password on an xp machine.

Nor on any OS. Physical access to any machine == total compromise.