Hacking Windows Security Principal

From: Rene (nospam_at_nospam.com)
Date: 01/26/05

  • Next message: JohnHorb: "RE: Strange 'bug' with Windows Authentication"
    Date: Tue, 25 Jan 2005 23:30:46 -0600
    
    

    According to my research, it looks like I can use the Windows Security
    Principal to verify that a user is authenticated or to see if they belong to
    a certain group etc.

    The thing that bothers me is that this object resides in the client computer
    memory and everybody knows that this makes this object more vulnerable to
    hacker attacks.

    My question is, how difficult would be for a hacker to go directly to memory
    and flip the IsAuthenticated bit from 0 to 1? or go directly through memory
    and change a group name from "ZeroControl" to "FullControl"? Once those
    changes are made, the attacker would be able to easily bypass my roll base
    security and I will be... Oh my, I don't even what to think about that.

    This is just a silly example but I hope it gets the point across, thank you
    for any information.


  • Next message: JohnHorb: "RE: Strange 'bug' with Windows Authentication"

    Relevant Pages

    • RE: Hacking Windows Security Principal
      ... If the attacker has access to a debugger so that they can modify arbitrary ... bits in your process's memory, ... it looks like I can use the Windows Security ... > hacker attacks. ...
      (microsoft.public.dotnet.security)
    • Re: Can LoadIcon be used to load the icon of another process
      ... have access to the app file for sake of windows security (the app is ... How can I get the icon? ... Is it possible to dump the memory of the process and get the ... If it were that easy to work around Windows security, ...
      (microsoft.public.vc.language)