Physical Access won't always yield root access or even ability to read the drives unless you have the ability to freeze the machine (literally reduce temperature), kill the power , and have the equipment necessary to steal the contents of the RAM in a very quick manner. Of course, very few people take their security seriously enough to encrypt their disks and their swap so you probably have an easier time than that, but even so, even retarded admins should have their systems setup to not boot single user without a password to at least make you boot into a different OS via usb/cdrom (which should itself be disabled in the server's firmware) and then rewrite the password file.

Nobody worth the money will legitimately respond to a question like this on public boards unless they're just looking to fuck you over (which while funny, doesn't generally give us any extra money and thus isn't worthwhile). Also, hiring someone to attack a system is probably more expensive than just paying a lawyer to file some documents. Depending on what the security was like on the server to begin with, it might even be faster.

Under FreeBSD you can configure the console as "insecure" which means that single user mode will ask for a password. I always set this for boxes that aren't located on my own property.

You can do something similar under Fedora/RHEL/CentOS by configuring a file inside directory /etc/init or a line in the file /etc/inittab depending on the particular version you're using. All major linux distros provide similar facilities to prevent entering single-user without knowing the root password.

:1orglaugh:1orglaugh That about sums it up.

You are seriously arguing that while advertising security services? Two words - boot disk.
I was actually looking for someone to conduct the types of audits you advertise, but your
posts here have me a little worried about your level of knowledge. I also noticed you don't
have your license number on your site. There in Illinois it's a $10,000 fine for practicing without
a license. I haven't been able to locate you on the Illinois DPR site either. Are you licensed and
insured, or are you practicing illegally? if you are licensed and have the require $1,000,000
insurance, please email that info and let's talk some more to see if there are some ways we
can work together.

http://whois.domaintools.com/nlaudits.com :1orglaugh:1orglaugh:1orglaugh

I bet they are out of the UK... most of the fly-by night, non-adult, money grabbers are.

Free Kevin (marx)

Welp,

.......

l333333333333tt

This thread sucks. Place an ad in 2600 or something, lol!

50 "legal" hacks.

i loled
:1orglaugh :1orglaugh:1orglaugh :1orglaugh

I just came back and read all this shit on this thread as I actually abandoned it almost right after I wrote it. Actually some good advice and some funny shit too.

Yeah... my bad for the whole thread and especially the "completely legal". Stupid to have created it, stupid to have written it. I especially liked the OJ comments. I dunno, he batted .500, he'll be out eventually, right? :1orglaugh

The whole thing took 6 months to straighten out through legal channels. Turns out the code that we wanted back and that we were strongarmed into signing new legal documents to get back was copyrighted code that they had previously sold to someone else for BIG money. I hope they enjoy the flesh eating lawyers of the original company now.

thread forwarded to authorities, you're gonna wish you never bumped this one.

LOL, funny. Thx. I'm sure I'll have a great conversation with them explaining how I was looking for something on a message board. I'm sure they will want to follow up on that one, especially since it's all been taken care of through legal channels anyway.

If you will ever need someone for a job like this... just ping me, I know someone very professional.

Why spend for assholes in white collars and wait freakin 6 months while you can have your job done within a few hours by some nice techie guy...

This video is so stupid that it's not even funny. :1orglaugh

:1orglaugh

I am with you Dave hell yeah shut down ALL of the tubes even those so called legit tubes.