Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: How can I enable power users on W2k domain to defrag their hard driv

from [Simon Zuckerbraun] Network Security [Permanent Link]
Subject: RE: How can I enable power users on W2k domain to defrag their hard drives??
Date: Fri, 27 Aug 2004 00:07:31 -0500
The hack described there is a bad idea in terms of security. Despite any claims to the contrary, the password can definitely be retrieved from the executable.

When you run the compiled script, some process has got to take place that decrypts the password. (If not, the script wouldn't be able to use the password, would it?) Anyone who wants to retrieve the password from the executable can simply follow that very same process to decrypt the password.

For example, he could copy the compiled executable to a machine that he owns, and run it inside a debugger. The executable decrypts the password, at which point the password is visible in memory.

Simon


-----Original Message-----
From: Erich D. Heintz [mailto:lists@heintz.us]
Sent: Wednesday, August 25, 2004 3:00 AM
To: 'AndrewC'; security-basics@securityfocus.com
Subject: RE: How can I enable power users on W2k domain to defrag their hard drives??


Short answer... The native defragger requires administrator rights, period.

Long answer... Some of the commercial defraggers might allow it but you'd have to check with the app vendors. I did find a reference to a "hack" that would allow it by creating a compiled wrapper script that embeds the administrator password in an executable so that it can't be retrieved. I haven't tried it, but it originated in Win2K magazine, See http://groups.google.com/groups?q=allow+users+to+run+defrag&hl=en&lr=&ie=UTF
-8&selm=a833bbd9.0209130747.9a37ab3%40posting.google.com&rnum=1




---------------------------------------------------------------------------
Computer Forensics Training at the InfoSec Institute. All of our class sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand skills of
a certified computer examiner, learn to recover trace data left behind by
fraud, theft, and cybercrime perpetrators. Discover the source of computer
crime and abuse so that it never happens again.

http://www.infosecinstitute.com/courses/computer_forensics_training.html
----------------------------------------------------------------------------

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: educating rDNS violators, David Gillett
Next by Date:  Re: educating rDNS violators, Bryan S. Sampsel
Previous by Thread:  RE: How can I enable power users on W2k domain to defrag their hard drives??, Erich D. Heintz
Next by Thread:  RE: How can I enable power users on W2k domain to defrag their hard drives??, AndrewC
Indexes:  [Date] [Thread] [Top] [All Lists]