Network Security: Detailed info on RE: [Full-disclosure] bypassing Windows Domain Group Policy Objects

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security FullDisclosure

[Top] [All Lists]

RE: [Full-disclosure] bypassing Windows Domain Group Policy Objects

from [Neil Hunt] Network Security

[Permanent Link]

Subject:	RE: [Full-disclosure] bypassing Windows Domain Group Policy Objects
Date:	Fri, 28 Apr 2006 08:51:14 +0800

Michael Holstein said:


Other possible solution, cripple gpupdate.exe (XP) or

secedit.exe (2K)

through permissions (eg: remove 'localsystem:execute').

Deleting them will

just trigger WFP to replace.

/mike.

Exibar said:



   Hmmmm.....  sounds like a good plan :-)   I'll test that 
out!   thanks!

  Ex


This does indeed work, but, if the site is using WSUS or similar, then
the machine will stick out like a sore thumb.  The windows admin here,
however, doesn't monitor WSUS, so that fact that my machine hasn't
reported in 90 days hasn't registered.

Neil

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
RE: [Full-disclosure] bypassing Windows Domain Group Policy Objects, Neil Hunt <= Re: [Full-disclosure] bypassing Windows Domain Group Policy Objects, KF (lists)

Previous by Date:	Re: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability, Brian Eaton
Next by Date:	Re: [Full-disclosure] bypassing Windows Domain Group Policy Objects, KF (lists)
Previous by Thread:	[Full-disclosure] [USN-275-1] Mozilla vulnerabilities, Martin Pitt
Next by Thread:	Re: [Full-disclosure] bypassing Windows Domain Group Policy Objects, KF (lists)
Indexes:	[Date] [Thread] [Top] [All Lists]