Re: KSSA-003 - Multiple windows file wiping utilities do not properly wipe data with NTFSFrom: Frank Heyne (fh@RCS.URZ.TU-DRESDEN.DE)
- Previous message: Patrick Chambet: "Re: The "Lunch Break Hole""
- In reply to: Stewart Berman: "Re: KSSA-003 - Multiple windows file wiping utilities do not properly wipe data with NTFS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 22 Jan 2002 20:51:14 +0100 From: Frank Heyne <fh@RCS.URZ.TU-DRESDEN.DE> To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
On 21 Jan 2002, at 17:46, Stewart Berman wrote:
> Again, the user I was logged in with did not have access to the
> Administrator directory or subdirectories. So how did LADS enumerate the
> directories and files and open the file.txt file to check for an alternate
> data stream?
May I guess you tried it with an account which was a member of the
admin group, or at least with an account with backup privs?
Someone with these privs is allowed to backup the entire partition, even
without explicit access rights.
The trick is old and simple:
LADS just uses backup functions to access the files ;-)
Delivery co-sponsored by VeriSign - The Internet Trust Company
FREE E-COMMERCE SECURITY INFRASTRUCTURE GUIDE
When building an e-commerce site, you want to start with a strong, secure
foundation. Learn how with VeriSign's FREE White Paper, "Building an
E-Commerce Trust Infrastructure." See how you can authenticate your site to
customers, use 128-Bit SSL encryption to secure your web servers, and accept
secure payments online. Click here: