Step 1: Guess BIOS passwords yourself

The first in a series of how to get into a system - all to easily

Published: 02 Aug 2006 1:00

Unlike many password-cracking programs that allow you to simply boot from CD or floppy to crack Windows-based passwords, if there's a power-on password setup in the BIOS, your options can be limited. The best way to get rolling is to simply try and guess the password yourself. For starters, on desktop and server systems, there are a lot of default backdoor passwords you can try. A previously published article, How to Bypass BIOS Passwords, and Computer Hopes' all-in-one reference guide to hacking BIOS passwords contain comprehensive lists.

If you know who is/was the user or previous owner of the computer, you should try some common passwords such as their user's name, company name and so on to see if you can get it. Unless you're really into computer hardware hacking and can create a keyboard simulator to send your passwords brute-force style at wire speed, you'll have to enter each password manually. It's slow, but it can work, especially given the fact that most passwords are trivial.

There are a couple of other published tricks for getting around BIOS passwords on Toshiba and IBM Aptiva computers. If you have a Toshiba system, hold down the left shift key during boot. If you have an IBM Aptiva, the trick is to press both mouse buttons in quick succession during boot. You can also hold down one ore more keys on your keyboard during boot to try and overload your keyboard buffer. Odds are you'll just end up getting a lot of angry beeps back from your computer, but it's worth a try. You can also take a crack at repeatedly hitting the F1, F2, F10, F11, F12 or ESC key as well.

BIOS password hacking

Home: Introduction
Step 1: Guess BIOS passwords yourself
Step 2: Fiddle with the hardware
Step 3: Crack them with software
Step 4: Managing the BIOS password

ABOUT THE AUTHOR:

Kevin Beaver, CISSP, is an independent information security consultant, author and speaker with Atlanta-based Principle Logic LLC. He has more than 18 years of experience in IT and specialises in performing information security assessments. Beaver has written five books including Hacking For Dummies (Wiley), Hacking Wireless Networks For Dummies, (Wiley) and The Practical Guide to HIPAA Privacy and Security Compliance (Auerbach). He can be reached at [email protected].
Copyright 2006 TechTarget

Step 1: Guess BIOS passwords yourself

The first in a series of how to get into a system - all to easily

Read more on IT risk management

How to change UEFI and BIOS password on Windows 10

BIOS password

Laptop encryption tips: How to secure a laptop

Step 1: Guess BIOS passwords yourself

SearchCIO

4 IT contract negotiation strategies to drive value in 2021

Turning data into actionable insights with machine learning

Evolving role of the CIO key to the future of work

SearchSecurity

12 Microsoft Exchange Server security best practices

Cring ransomware attacking vulnerable Fortigate VPNs

Utilizing existing tech to achieve zero-trust security

SearchNetworking

Common network vulnerabilities and how to prevent them

Understand top SD-WAN advantages and disadvantages

Arista simplifies network management in latest CloudVision

SearchDataCenter

New Intel Ice Lake processors boost performance, security

IBM tools speed mainframe application modernization projects

Nvidia vs. AMD: Compare GPU offerings

SearchDataManagement

Why consider an augmented data catalog?

Alation brings data catalog technology to the public cloud

Yellowbrick Manager embraces Kubernetes for data warehouse