RE: How can I enable power users on W2k domain to defrag their hard drives??
From: Simon Zuckerbraun (szucker_at_sst-pr-1.com)
Date: 08/27/04
- Previous message: Barrie Dempster: "RE: Blocking Access to Non-domain computers"
- Maybe in reply to: AndrewC: "How can I enable power users on W2k domain to defrag their hard drives??"
- Next in thread: AndrewC: "RE: How can I enable power users on W2k domain to defrag their hard drives??"
- Reply: AndrewC: "RE: How can I enable power users on W2k domain to defrag their hard drives??"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 27 Aug 2004 00:07:31 -0500 To: security-basics@securityfocus.com, lists@heintz.us, andrew@whirlow.plus.com
The hack described there is a bad idea in terms of security. Despite any
claims to the contrary, the password can definitely be retrieved from
the executable.
When you run the compiled script, some process has got to take place
that decrypts the password. (If not, the script wouldn't be able to use
the password, would it?) Anyone who wants to retrieve the password from
the executable can simply follow that very same process to decrypt the
password.
For example, he could copy the compiled executable to a machine that he
owns, and run it inside a debugger. The executable decrypts the
password, at which point the password is visible in memory.
Simon
-----Original Message-----
From: Erich D. Heintz [mailto:lists@heintz.us]
Sent: Wednesday, August 25, 2004 3:00 AM
To: 'AndrewC'; security-basics@securityfocus.com
Subject: RE: How can I enable power users on W2k domain to defrag their
hard drives??
Short answer... The native defragger requires administrator rights, period.
Long answer... Some of the commercial defraggers might allow it but
you'd have to check with the app vendors. I did find a reference to a
"hack" that would allow it by creating a compiled wrapper script that
embeds the administrator password in an executable so that it can't be
retrieved. I haven't tried it, but it originated in Win2K magazine, See
http://groups.google.com/groups?q=allow+users+to+run+defrag&hl=en&lr=&ie=UTF
-8&selm=a833bbd9.0209130747.9a37ab3%40posting.google.com&rnum=1
---------------------------------------------------------------------------
Computer Forensics Training at the InfoSec Institute. All of our class sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand skills of
a certified computer examiner, learn to recover trace data left behind by
fraud, theft, and cybercrime perpetrators. Discover the source of computer
crime and abuse so that it never happens again.
http://www.infosecinstitute.com/courses/computer_forensics_training.html
----------------------------------------------------------------------------
- Previous message: Barrie Dempster: "RE: Blocking Access to Non-domain computers"
- Maybe in reply to: AndrewC: "How can I enable power users on W2k domain to defrag their hard drives??"
- Next in thread: AndrewC: "RE: How can I enable power users on W2k domain to defrag their hard drives??"
- Reply: AndrewC: "RE: How can I enable power users on W2k domain to defrag their hard drives??"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
