Hack BIOS Password For Windows95 98
You should realize, however, that there are many ways around this including BIOS password crackers, known backdoors and so forth. This site provides site links for major bios manufactures: More information on bypassing BIOS password is at: _hack.htm.
Hack BIOS Password for Windows95 98
DeepFreeze does not place anyrestrictions on a machine like FoolProof or FullControl does. Sowhatever you want to do, whether it's downloading mp3's or downloadingand installing ICQ or browser add-ons or WHATEVER, DeepFreeze does notprevent it. What matters much more as far as that goes is how you arelogged in: as User, Power User, or Administrator. True, on aDeepFreeze protected computer you'll have to install/download yourstuff every time you sit down at the computer, but hey! you CAN!That's the beauty of DeepFreeze: it places no restrictions on themachine. Take a look at Microsoft TechNet:Default Access Control Settings =/TechNet/prodtechnol/windows2000serv/maintain/security/secdefs.aspThe entire white paper is very helpful in understanding the differencebetween Users, Power Users, and Administrators. NOT understanding thisissue causes more problems on Windows 2000 than all other problems puttogether. Example: you installed WinZip and don't understand why thefuck it won't work right, or only half works. Answer: you were notlogged in as administrator when you installed it.And, along these lines, you can ask your teacher/computer lab admin topromote you to Power User, because Power Users have access to HKLM(HKEY_LOCAL_MACHINE) in the registry and can manipulate a lot more onthe system (read the paper). For example, let's say there is anannoying content filtering program such as CyberPatrol preventing youfrom accessing 2600 or other web sites. CyberPatrol startsautomatically from a key in HKLM underHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunSimply delete the key and restart the computer, and the program willnot be running. A User cannot do this, a Power User can. So... try tobecome a Power user. If you explain to your teacher that being just aUser is a real pain in the butt and that you NEED to be PowerUser inorder to do things, he/she MIGHT make you one. You don't know untilyou try. Frequently, they will think it is an innocent request,because they are too stupid to know the difference.Now, about hacking DeepFreeze. DeepFreeze was developed with sneakyhackers, intent on getting into computers, in the FOREFRONT of thedeveloper's minds. The developers of DeepFreeze knew and know how tothink like hackers. They were in high-school once, too!! And, if thatwere not enough, they also know how to program at a very low-level(we're talking LOW, LOW level!!) in order to protect the computer. Doyou know how to load and unload kernel-mode device drivers which youdid not write and develop? NO?! Do you know how to program in assemblyREALLY well?? NO?! Do you understand encryption and how it interactsin different parts of a program? NO?! Do you know how to determine howa program is packed in order to reverse-engineer it? NO?? Well, theseare the skillz you would need before even having a ghost of a chancegetting around DeepFreeze.On Windows 95/98/Me:DeepFreeze is a Ring 0 VxD (Virtual Device Driver) located inc:\windows\system\iosubsys\persifrz.vxd The only way to hackDeepFreeze is to boot from a boot-disk and delete this file if bootingto the a:\ has not been disabled. Deleting the filez inc:\progra1\hypert1\deepfr1 works also to prevent DeepFreeze fromrunning, because it contains persis0.sys, the password file. AndDeepFreeze won't start without reading it. The most important file todelete though is the actual DeepFreeze driver, persifrz.vxd. I'm justgiving you the best and easiest way. Delete persifrz.vxd andDeepFreeze is deader than a doorknob. AND it's only one file.persifrz.vxd IS DeepFreeze.If you CAN boot to a:\ then you can delete persi0.sys and replace itwith your own copy containing a known password. From my experience,the persi0.sys filez from the trial versions work to replace the one'sfrom regular installations. persi0.sys also runs in Ring 0 and cannotbe deleted while DeepFreeze is running. Not with a process killer, notwith DOS, not with Process Explorer. If you ever figure it out, postit for all to see and congratulate you!Can't boot to any drive except c:\? And CMOS setup ispassword-protected? Oh well, you're not gonna hack DeepFreeze.DeepFreeze prevents, BY DESIGN, BIOS password-crackers from working.HOWEVER, some newer computers , especially Compaq's, now havemotherboards with a simple pushbutton to reset the CMOS to itsdefaults. Open up the case, push a small red button on the motherboardand the CMOS is reset! Yeah! You can then boot to a:\.The following instructions come straight out of the online .pdfmotherboard manual for Compaq Evo Deskpro D300 and D500, availablehere: -003_rev3_us.pdfClearing CMOS:The computer's configuration (CMOS) may occasionally be corrupted. Ifit is, it is necessary to clear the CMOS memory using switch SW50.To clear and reset the configuration, perform the following procedure:1. Prepare the computer for disassembly. CAUTION: The power cord mustbe disconnected from the power source before pushing the Clear CMOSButton (NOTE: All LEDs on the board should be OFF). Failure to do somay damage the system board.2. Remove the access panel.3. Press the CMOS button located on the system board and keep itdepressed for 5 seconds.4. Replace the access panel.5. Turn the computer on and run F10 Computer Setup (delete-utility) toreconfigure the system. When the CMOS button is pushed or the jumperis removed, both the power-on password and the setup password becomeinvalid because both are stored in the configuration memory. You willneed to reset the passwords.If you hit PAUSE during POST, you can note the BIOS manufacturer, BIOSversion, and BIOS date of manufacture. There MAY be a permanent,hard-coded master password you can use, if you can research it andfind out what it is. (Probably too hard to be a pragmatic solution)Most of the BIOS password lists you find on the internet areworthless.Go to the computer manufacturer's web site and download themotherboard manual for your school's computer and look up how to resetthe CMOS. If it's designed to be a tool-free process, like onCompaq's, AND you can open up the computer case without drawingattention to yourself and getting in big trouble, then this might bean option for you. And, of course, if you can boot to a:\, it's allover. If you have an NTFS drive though, you'll need NTFSPRO fromSysinternals. ;-)On Windows 2000/XP DeepFreeze consists of several important filez:There are 2 drivers and 1 service (i'll let you figure out the paths):DepFrzLo.sys (kernel driver)DepFrzHi.sys (filesystem driver)dfservex.exe (service)frzstate.exe (password dialog)persi0.sys (password file and "on/off switch") This file strangelybecomes over 7MB immediately after installing DeepFreeze, yet thesetup program is less than 2MB. And it cannot be copied on 2000/XPwhile the system is running. Focus on this one.Probably you will need NTFSDOSPRO to boot up and mount an NTFS drive:there's not too many FAT32 drives any more. And if you're elite, youwon't have any problem getting that from someone or finding it, orcarding it from an internet cafe... If you do card it from a cafethough, don't use a yahoo or hotmail e-mail address. And make sure youknow the CVV on the card. Use something different like boxfrog.com orrock.com. NTFSDOSPRO is available from andcosts $300. True: there is a free LINUX boot-disk which also mountsNTFS drives, but it's not nearly as good. One last thing aboutNTFSDOSPRO. There is no free support AND it is kinda tricky creatingand using the NTFSDOSPRO boot disk(s). IT DOES NOT COME READY TO USE(shame on them for being so friggin smart, and not making ituser-friendly). After using the program to create three differentdisks, of which only the first is necessary, but not enough, you haveto then boot with a regular boot disk, then put in your NTFSDOSPROboot disk to mount the NTFS drive. You'll see what I mean, it's notvery user-friendly and little explanation is given on how to really gothrough with the entire operation. But being tech-savvy, you'llfigure it out. Also, it becomes very confusing also if the NTFS driveyou're mounting has a c: and a d:.persi0.sys is the file containing the password. persi0.sys containsthe password and the on/off switch which the driver checks to see ifit should start the computer in thawed mode or frozen mode. Replacingpersi0.sys with your own copy containing a known password ispreferable to deleting the DeepFreeze driver filez on Windows 2000/XPwith a boot disk. All pertinent encryption seems to be contained inthis one file. And, a persi0.sys from a totally different DeepFreezeinstallation doesn't seem to matter (as in one from a trial version).After replacing it and thawing the computer, you can uninstallDeepFreeze if you choose. Before attempting to delete the drivers onWindows 2000 with a boot disk, try it at home. Because the computermay not start up. In other words, it may be necessary to deletecertain keys in the registry as well, in order for the computer tonot "crash" before it even starts! Use InCtrl5 to monitor your owninstallation of DeepFreeze 2000/XP. Available here: It will tell you each and every file and registry key installed by theprogram. There may be serious problems if you don't delete certainimportant "pointers" and "references" to the DeepFreeze drivers in theregistry. I don't know. Try it and see. Maybe not. Make a batch fileto delete all the filez and registry keys/entries, if that's the routeyou want to go.Now, here are TWO methods of hacking DeepFreeze you probably haven'tthought of:#1 IF your school/lab is using the trial version of DeepFreeze (andthis is more common than you think: schools are really hurting formoney nowadays!!), and IF you can access BIOS setup, you can forwardthe BIOS date more than 90 days and DeepFreeze will no longer work(you'll see the blinking red X flashing on the DeepFreeze system-trayicon.) Then simply uninstall DeepFreeze. The same .exe is used toinstall and uninstall. By the way, there are two keys in the registryunder HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersionwhich must be deleted in order to be able to re-install a fresh trialversion of DeepFreeze: Rebar and NAffinityConfig#2 Find out which computer your computer lab administrator has theDeepFreeze Administrator program installed on. At his desk? In hisoffice? Most of the time now, administrators are taking advantage ofDeepFreeze's OTP (One-Time Password) feature. In order to thawDeepFreeze, they go to the computer which needs to be "thawed" andshift+double-click on the DeepFreeze icon in the system tray. Thisbrings up the password dialog box (frzstate.exe). They then jot downthe token which appears in the window's title bar. They then go backto THEIR computer which has the DeepFreeze Administrator program, openup DFAdmin, and enter the token in order to generate a one-timepassword. This OTP will work, one time only, to restart the computerin thawed mode. After restarting a second time, the computer is frozenonce again, automatically. Now, IF you can get your hands on aDeepFreeze Administrator program, maybe by purchasing it fromHyperTechnologies... then, all you need to do is copy one file fromyour administrator's DFAdmin program, take it home, place it in yourDFAdmin program, and you can generate OTP's for your school'scomputers. JUST ONE FILE: dfadmin.exe is necessary to copy andreplace, and it is small enough to save to a floppy or e-mail toyourself. You see, when DeepFreeze Administrator is first set up, theadministrator chooses a phrase or MASTER PASSWORD which is used tomake the encryption unique for his/her own DeepFreeze installations.And this encryption is contained totally in dfadmin.exe. You mightwant to think of a way to get your administrator to thaw the computer,and then watch which computer he goes to to obtain the OTP. NOTE: theMaster Password is not a permanent password. It is entered only oncewhen installing DeepFreeze Administrator. Are you with me?#3 IF your administrator is naive enough to be using permanentpasswords for DeepFreeze, then you can use something called KeyKatch.Go to This puppy works great. Just be sure toinstall it in the keyboard port, NOT the mouse port -- an easymistake. Regular software-based keyloggers, etc., won't work becausethey will not be there when the computer is restarted. Think about it:the administrator is never going to enter the password and then NOTrestart the computer! And when he/she restarts the computer, ofcourse, the keylogger would be gone. UNLESS your school's computershave two drives, and one is not frozen, and you can configure yourkeylogger to save the log file to the unfrozen drive. Of course,you'll have to re-install the keylogger program to read your log file.As you can see, except for #1 above, there is no EASY way to hackDeepFreeze. Because whatever you do, you're not really doing. It allgoes away when you restart the computer. I hope this little post helpsyou to understand more about how it might be done though, IF a personis DETERMINED to beat it. Of course, being THAT determined might getyou in serious trouble at your school, too. So, remember that, firstand foremost.One way to become a hero: approach your computer scienceteacher/network administrator and tell him or her that you know how tohack DeepFreeze and you would like his/her permission to hack it(they'll K*N*O*W you can't). Then, once permission is secured, getaccess somehow to the computer with DFAdministrator on it and copydfadmin.exe. If you have permission to hack DeepFreeze, you mighteven be able to get help from another teacher or teacher's assistantor someone in a position to help you get physical access to thecomputer which has DeepFreeze Administrator on it. You'll have to haveyour own copy of DFAdmin first. And then you'll have to be able to logon to the computer with DFAdmin on it. If winlogon greets you and youcan't log on, you'll need NTFSDOSPRO to copy dfadmin.exe using a bootdisk. The only other possibility would be to somehow e-mail theadministrator a trojan which would allow you to access his computerremotely and copy dfadmin.exe. (SubSeven, BackOrifice, etc.) I thinkthat's how the FBI would do it! he-he...And just for your information, DeepFreeze is not the only program outthere which does what it does, the way it does it. BUT IT IS THE BEST.The details of exactly how these programs work has yet to come out(I'm sure it will in time). Some say they take a snapshot of themaster boot record? or a copy of the FAT? Whoever knows FOR SURE, NOSPECULATING, please post it. But here are some other programs which dothe same thing DeepFreeze does, only not nearly as well, in myopinion:WinRollBack (click on the All Products link atthe top, then look under Desktop Security Business)DriveShield , after reading this, you won't feel as if you "have met yourmatch." Finally, you have some information to use to conquer aformidable foe: DeepFreeze. 350c69d7ab