Developer(s) | Piotr Bania |
---|---|
Initial release | July 15, 2008; 12 years ago |
Stable release | |
Operating system | Windows and macOS systems |
Website | www.piotrbania.com/all/kon-boot/ |
Download UnetBootin for Windows, Mac or Linux (Kon-Boot is an application which will silently bypass the authentication process of Windows based operating systems. Without overwriting your old password! In other words you can login to your Windows profile without knowing your password. Kon bootcd free download - BootCD, and many more programs. Kon bootcd free download - BootCD, and many more programs. Creates a disk image to burn a Mac OS X boot CD.
Kon-Boot (aka konboot, kon boot) is a software utility that allows users to bypass Microsoft Windows passwords and Apple macOS passwords (Linux support has been deprecated) without lasting or persistent changes to system on which it is executed. It is also the first reported tool capable of bypassing Windows 10 online (live) passwords and supporting both Windows and macOS systems[1]. It is also a widely used tool in computer security, especially in penetration testing[2][3][4].
Kon-Boot boot process
History[edit]
Kon-Boot was originally designed as a proof of concept, freeware security tool, mostly for people who tend to forget their passwords. The main idea was to allow users to login to the target computer without knowing the correct password and without making any persistent changes to system on which it is executed.
First Kon-Boot release was announced in 2008 on DailyDave mailing list[5]. Version 1.0 (freeware) allowed users to login into Linux based operating systems and to bypass the authentication process (allowing access to the system without knowing the password).
In 2009 author of this software announced Kon-Boot for Linux and 32-bit Microsoft Windows systems[6]. This release provided additional support for bypassing Windows systems passwords on any Windows operating system starting from Windows Server 2008 to Windows 7. This version is still available as freeware[7]
Newest Kon-Boot releases are available only as commercial products[1][8] and are still maintained.
Current version (3.1) is able to bypass passwords on the following operating systems:
Kon Boot 2.5 Free Download
Supported Microsoft Windows operating systems[9] |
---|
Microsoft Windows XP |
Microsoft Windows Vista Home Basic 32Bit/64Bit |
Microsoft Windows Vista Home Premium 32Bit/64Bit |
Microsoft Windows Vista Business 32Bit/64Bit |
Microsoft Windows Vista Enterprise 32Bit/64Bit |
Microsoft Windows Server 2003 Standard 32Bit/64Bit |
Microsoft Windows Server 2003 Datacenter 32Bit/64Bit |
Microsoft Windows Server 2003 Enterprise 32Bit/64Bit |
Microsoft Windows Server 2003 Web Edition 32Bit/64Bit |
Microsoft Windows Server 2008 Standard 32Bit/64Bit |
Microsoft Windows Server 2008 Datacenter 32Bit/64Bit |
Microsoft Windows Server 2008 Enterprise 32Bit/64Bit |
Microsoft Windows 7 Home Premium 32Bit/64Bit |
Microsoft Windows 7 Professional 32Bit/64Bit |
Microsoft Windows 7 Ultimate 32Bit/64Bit |
Microsoft Windows 8 and 8.1 all versions (32Bit/64Bit -- includes live/online password bypass) |
Microsoft Windows 10 all versions (32Bit/64Bit -- includes live/online password bypass) |
Supported Apple macOS / OS X operating systems[10] |
---|
Apple OS X 10.6 |
Apple OS X 10.7 |
Apple OS X 10.8 |
Apple OS X 10.9 |
Apple OS X 10.10 |
Apple OS X 10.11 |
Apple macOS Sierra (10.12) |
Apple macOS High Sierra (10.13) |
Apple macOS Mojave (10.14) |
Apple macOS Catalina (10.15) |
Technology[edit]
Kon-Boot works like a bootkit[11][12] (thus it also often creates false positive[13][14][15] alerts in antivirus software). It injects (hides) itself into BIOS memory. Kon-Boot modifies the kernel code on the fly (runtime), temporarily changing the code responsible for verification user's authorization data while the operating system loads.
Kon Boot Latest Version
In contrast to password reset tools like CHNTPW (The Offline NT Password Editor), Kon-Boot does not modify system files and SAM hive[16], all changes are temporary and they disappear after system reboots.
Limitations (prevention)[edit]
Users concerned about tools like Kon-Boot should use disk encryption[17] (FileVault, Bitlocker, Veracrypt etc.) software as Kon-Boot is not able to bypass disk encryption[18]. BIOS password and enabled SecureBoot[19][20] feature is also a good prevention measure. However Kon-Boot version 3.5 is able to bypass SecureBoot feature[21].
References[edit]
- ^ ab'Official Kon-Boot tool website (windows password and macos password bypass)'. www.piotrbania.com. Retrieved 2019-07-26.
- ^'Penetration Testing Stories: How I Stole an Energy Company'. Rapid7 Blog. 2018-09-18. Retrieved 2019-11-22.
- ^Varsalone, Jesse; McFadden, Matthew (2011-09-07). Defense against the Black Arts: How Hackers Do What They Do and How to Protect against It. CRC Press. ISBN978-1-4398-2119-0.
- ^Velu, Vijay Kumar; Beggs, Robert (2019-01-30). Mastering Kali Linux for Advanced Penetration Testing: Secure your network with Kali Linux 2019.1 – the ultimate white hat hackers' toolkit, 3rd Edition. Packt Publishing Ltd. ISBN978-1-78934-061-7.
- ^'Dailydave: TOOL: Kon-Boot v.1.0 - booting-time ultimate linux hacking utility ; )'. seclists.org. Retrieved 2019-07-26.
- ^'Full Disclosure: KON-BOOT for Windows and Linux (Password Bypassing Utility for Forgetting Heads)'. seclists.org. Retrieved 2019-07-26.
- ^'[www.kon-boot.com] KON-BOOT - ULTIMATE WINDOWS/LINUX HACKING UTILITY :-)'. www.piotrbania.com. Retrieved 2019-07-26.
- ^'Kon-Boot - Best password tool for windows password, mac password, forgotten passwords, windows 10 password'. kon-boot.com. Retrieved 2019-07-26.
- ^'KON-BOOT GUIDE'. kon-boot.com. Retrieved 2019-07-26.
- ^'KON-BOOT GUIDE'. kon-boot.com. Retrieved 2019-07-26.
- ^Moabi.com (2012-07-29). '[Defcon] Hardware backdooring is practical'.Cite journal requires
|journal=
(help) - ^'Computer Emergency Response Team - Industrie Services et Tertiaire'. www.cert-ist.com. Retrieved 2019-08-22.
- ^VirusTotal tackles the tricky false positives problem plaguing antivirus software
- ^Rubenking, By Neil J.; April 15, 2015 8:14AM EST; April 15, 2015. 'False Positives Sink Antivirus Ratings'. PCMAG. Retrieved 2019-08-26.CS1 maint: numeric names: authors list (link)
- ^'False positives - What are they?'. Panda Security Mediacenter. 2010-09-08. Retrieved 2019-11-22.
- ^'Security Accounts Manager - TechNet Articles - United States (English) - TechNet Wiki'. social.technet.microsoft.com. Retrieved 2019-10-01.
- ^'What is Full-Disk Encryption? - Definition from Techopedia'. Techopedia.com. Retrieved 2019-08-23.
- ^'KON-BOOT GUIDE'. kon-boot.com. Retrieved 2019-07-26.
- ^What is UEFI Secure Boot
- ^'Frequently Asked Questions about Secure Boot'. Intel. Retrieved 2019-08-26.
- ^'KON-BOOT OFFICIAL GUIDE - Remedy for forgotten passwords for Windows and Mac! Can't login? Use kon boot password software'. kon-boot.com. Retrieved 2020-06-15.
External links[edit]
Retrieved from 'https://en.wikipedia.org/w/index.php?title=Kon-Boot&oldid=975443895'