IT folks, got a question for ya

B

bham_brotha

Rising Star
Registered
So, let's say hypothetically you got laid off by a company that subsequently ended up closing. Tried to go the legit way of sending the shit back but it ended up coming back to you because the office was closed. Laptop, thinkpad of the ryzen cpu family. Sat in the closet for months and eventually I said fuck it, let me see if I can actually do anything with this shit. BIOS is locked down obviously, however, I was able to actually wipe the SSD and reinstall windows from an external drive. Shit works fully, only thing is I've kept the internet disconnected considering the BIOS is still locked even though I have full administrative control over it. Would I be crazy to think that connecting it to the net would be a bad idea considering the BIOS is still locked or nah? I mean I've already installed games and everything on this bitch. What say you?
 
The question is if you can bypass it with a generic BIOS password?

Most have a generic password like 1234, 0000, etc.

To enter the BIOS. If you're apart of your companies IT team you should have the admin for that.

FYI, your administrative permissions may not be the same as your IT manager.
 
Corporate workstations usually have protections built into the hard drive/OS, not BIOS. When you connect to the internet the system pings home usually via an installed agent. Other systems require you to VPN in, in order for the system to check in.

Paranoid mode advice: If you have wiped the drive, I'd still hook it up to a network monitor to see what IPs it is talking to.
 
HellBoy said:
Corporate workstations usually have protections built into the hard drive/OS, not BIOS. When you connect to the internet the system pings home usually via an installed agent. Other systems require you to VPN in, in order for the system to check in.

Paranoid mode advice: If you have wiped the drive, I'd still hook it up to a network monitor to see what IPs it is talking to.
Click to expand...
i'm wondering how he has full access to it but the BIOS is password locked..
 
HellBoy said:
Corporate workstations usually have protections built into the hard drive/OS, not BIOS. When you connect to the internet the system pings home usually via an installed agent. Other systems require you to VPN in, in order for the system to check in.

Paranoid mode advice: If you have wiped the drive, I'd still hook it up to a network monitor to see what IPs it is talking to.
Click to expand...

Yea it let me reinstall windows easy as fuck. I was expecting for it to stop me on the windows install but once I got to the part where it asked what drive to install to it allowed me to delete the m2 drive. And then proceeded to install.
 
yaBoi said:
i'm wondering how he has full access to it but the BIOS is password locked..
Click to expand...

I don't. I just went to the bios to check to see if it was actually password protected and it was so I left it at that. But still it let me install windows over the drive with no issues.
 
HellBoy said:
BIOS doesnt need to be accessed in order for a system to boot. You only need the password if you are editing the settings.
Click to expand...
na must be a different kinda lock...he might be able to bypass that some kinda way


but typically if you put a password in BIOS it won't even POST before you put a password in
 
See that's why i'm asking yall I may have described it wrong lol. Basically I busted it open, pulled the battery and the m2 ssd. Connected a windows boot usb and went through the install. I never actually got into the bios, I just saw that it was password protected. But hell, the shit is working fine I just dont know if it's safe to connect this bitch to the net or if it's gonna ping some mofo somewhere.
 
yaBoi said:
na must be a different kinda lock...he might be able to bypass that some kinda way


but typically if you put a password in BIOS it won't even POST before you put a password in
Click to expand...
You are talking about endpoint protection. Those have internally cached credentials pulled from AD. Evidently this company wasn't that advanced.
 
bham_brotha said:
See that's why i'm asking yall I may have described it wrong lol. Basically I busted it open, pulled the battery and the m2 ssd. Connected a windows boot usb and went through the install. I never actually got into the bios, I just saw that it was password protected. But hell, the shit is working fine I just dont know if it's safe to connect this bitch to the net or if it's gonna ping some mofo somewhere.
Click to expand...
yeah that's what i figured

LOL they don't care if you wipe the hard drive....... hell they prefer it ........it was probably encrypted anyway

but that BIOS password gone be a bitch

find the model number of the laptop and replace the motherboard is all i can tell you LOL

probably not worth all that...
 
booty_visionary said:
You should be ok to use it. Company has probably already written it off anyway. You tried to give it back.
Click to expand...
And this, its probably been removed out of their monitoring system (depending on what your company uses for encryption and MDM) so they won't even see it come online when it connects.
 
Late to the thread, and I'm not sure if this would be doable on a laptop or even if it's still this way on newer desktops, but can you crack it open and remove the battery(on motherboard, not the big battery) for a second then pop it back in to kill that bios password? I remember doing that years ago when the person I was replacing at a job left their PC bios password in place when they left.



.
 
There are different levels of BIOS/Boot security. You can lock the BIOS without locking down the HDD/OS. There are various tools to remove the BIOS password as well but to answer your question, if the company is closed then going online with the laptop should not pose an issue since there is no "home" for it to report to and no one is monitoring for said ping.
 
misterX said:
There are different levels of BIOS/Boot security. You can lock the BIOS without locking down the HDD/OS. There are various tools to remove the BIOS password as well but to answer your question, if the company is closed then going online with the laptop should not pose an issue since there is no "home" for it to report to and no one is monitoring for said ping.
Click to expand...
I'm no expert by far.... but when he said that the company had closed, I was thinking what's he worrying about? But hey, best be paranoid and safe than not



.
 
crossovernegro said:
Late to the thread, and I'm not sure if this would be doable on a laptop or even if it's still this way on newer desktops, but can you crack it open and remove the battery(on motherboard, not the big battery) for a second then pop it back in to kill that bios password? I remember doing that years ago when the person I was replacing at a job left their PC bios password in place when they left.



.
Click to expand...
Depending on the bios, that won't lose the pw. That only makes it reset to default settings. But if a bios is locked by pw, there are other things out there to crack it. I'm not sure but I'd also look at upgrading the bios within windows if the manufacturer has it.

And to the OP, there's nothing that "calls back" to anything for bios being locked. That's more of security built into Apple devices. Not windows laptops and PC's. Just use that thing like it's yours. Nothing to worry about. Trust.

I've worked on tons of laptops and PC's over time. I've had stuff people "acquired" that were locked the same way. Doesn't stop you from doing anything but just make changes a company doesn't want a user to do to alter the hardware. But nothing in it for security purposes.
 
if they havent reached out to you to return it..............then i wouldnt worry about it too much.
If the company has closed down...........then everyone is out of a job.........including the Asset Manager.
 
As far as the laptop, I connected that joint to the internet and their IT department from where ever their parent company is emailed me within minutes lol. They definitely had something in that bitch that pinged them the second I connected it. I sent it back about a week ago.
 
bham_brotha said:
As far as the laptop, I connected that joint to the internet and their IT department from where ever their parent company is emailed me within minutes lol. They definitely had something in that bitch that pinged them the second I connected it. I sent it back about a week ago.
Click to expand...
That's after you installed your own windows over what they had?
 
Dude I work in IT. I have worked in asset management as well...THEY DON'T CARE ABOUT THAT SHYT!!!!! I have furnished my electronics with A LOT of former "assets". Windows, MAC, single board computers, memory, etc... Now with the company being closed they could come back and ask for it to sell it to make a couple buck back. But I seriously doubt it. You got a new laptop dawg!
 
bham_brotha said:
As far as the laptop, I connected that joint to the internet and their IT department from where ever their parent company is emailed me within minutes lol. They definitely had something in that bitch that pinged them the second I connected it. I sent it back about a week ago.
Click to expand...

So you never installed a network monitor like Hellboy suggested?
 
0utsyder said:
Dude I work in IT. I have worked in asset management as well...THEY DON'T CARE ABOUT THAT SHYT!!!!! I have furnished my electronics with A LOT of former "assets". Windows, MAC, single board computers, memory, etc... Now with the company being closed they could come back and ask for it to sell it to make a couple buck back. But I seriously doubt it. You got a new laptop dawg!
Click to expand...
This company definitely cared lol. To be fair though it was healthcare related so they probably looked at it as a security risk.
 
You must log in or register to reply here.
Back
Top