> If you can boot, it is possible to get a password with the same checksum > and enter the Bios. The checksum value is stored in Cmos. If you create a > recovery disk, this value is stored after the word "KEY" in the 1 first > sector (sector 0 is boot sector). Maybe you missed Oscar's point? His description explains how to break *power-on* security on a Tosh notebook. If you can boot it from a floppy, all bets are off... It appears Toshiba has been practising "security through obscurity" as in the past we were always told that the only way to recover from a lost/corrupted power-on password was to send the machine to Toshiba (*not* a Toshiba authorized service centre, to a genuine Toshiba service centre). Seems they were not splitting the cases and doing some extra magical internal hardware twiddling after all, but simply sitting on a stock of "magic disks". Of course, if anyone was "depending" on power-on passwords to protect their Tosh (or any other) notebook, they were slightly delusional to start with, as described in the usual dicta regarding attackers having physical access to a machine... > To crack Toshiba password (Award, AMI and some others models), you can > try CmosPwd (Dos/Win9x, WinNT, Linux versions) avaible at > http://www.esiea.fr/public_html/Christophe.GRENIER/ *If* you have boot access, this is a very handy little util! (If you don't have boot access, a screw-driver and a good memory for mainboard layouts and jumper positions helps...) -- Nick FitzGerald Computer Virus Consulting Ltd. Ph/FAX: +64 3 3529854
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:37:30 PDT