---

---

Analysis of the Security of  Windows NT 1 March 1999 47 6.1.3  Maintenance programs The purpose of maintenance programs is twofold: to alter system functionality, or to attend bugs and shortcomings. Among the former we find programs for recovering a computer after system failure or when it fails to boot, possibly due to a faulty configu- ration. An example of such a utility is NTRecover. NTLocksmith is a program that circumvents the NT security system to allow replace- ment of an administrative password in case it was lost. Other examples are  netinstall for UNIX and Ghost for NT, which are tools that can be used to install a new operating system on a client machine over the network. 6.2  The Source Code Problem Many of the public domain programs have, what we might call, open source code which is a nice way of learning how they work and how to construct these types of tools. One of the problem here is that some of these tools rely on undocumented fea- tures or loopholes in the operating system. All of these types of programs will teach an attacker how to construct software to exploit the hidden functionality and loopholes without knowing much about the operating system or, in some cases, programming. Another problem is that some, seemingly harmless, utilities could be quite dangerous after modification. An example of the latter is  Ctrl2Cap. With  Ctrl2cap for NT it is possible to convert the control key to the shift key, which can be useful for people that migrated from UNIX to NT and are used to a different location of the control key. Using this principle it is possible to catch and manipulate any key on the keyboard, which makes it possible to sniff passwords when they are entered.