Re: KSSA-003 - Multiple windows file wiping utilities do not properly wipe data with NTFS

From: Frank Heyne (fh@RCS.URZ.TU-DRESDEN.DE)
Date: 01/22/02

Date:         Tue, 22 Jan 2002 20:51:14 +0100
From: Frank Heyne <fh@RCS.URZ.TU-DRESDEN.DE>

On 21 Jan 2002, at 17:46, Stewart Berman wrote:

> Again, the user I was logged in with did not have access to the
> Administrator directory or subdirectories. So how did LADS enumerate the
> directories and files and open the file.txt file to check for an alternate
> data stream?

May I guess you tried it with an account which was a member of the
admin group, or at least with an account with backup privs?
Someone with these privs is allowed to backup the entire partition, even
without explicit access rights.

The trick is old and simple:
LADS just uses backup functions to access the files ;-)

Frank Heyne

Delivery co-sponsored by VeriSign - The Internet Trust Company
When building an e-commerce site, you want to start with a strong, secure
foundation. Learn how with VeriSign's FREE White Paper, "Building an
E-Commerce Trust Infrastructure." See how you can authenticate your site to
customers, use 128-Bit SSL encryption to secure your web servers, and accept
secure payments online. Click here: