Security Basics mailing list archives
Re: how to break a personal firewall
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Fri, 23 Dec 2005 02:59:53 +0100
On 2005-12-21 James Grant wrote:
On 2005-12-20 Ansgar -59cobalt- Wiechers wrote:On 2005-12-19 mahendra_yn () yahoo com wrote:Can anybody help with the information as to how we can break or bypass or cheat the personal desktop firewall and establish a remote session with that pc.
[...]
You may get some pointers from here: http://copton.net/vortraege/pfw/en.htmlThe article you point to is over a year old and doesn't apply to current releases - of ZoneAlarm at least.
While it's true that the speech was held a year ago your assumption that it wouldn't apply to current personal firewalls is wrong. In general we were exploiting a design flaw in Windows, not a bug or flaw in any specific personal firewall. Since the messaging system Windows uses for IPC between windows has not yet been re-designed, the things said back then still apply. As for Zone Alarm in particular: the free version is still susceptible to our attack. The pro version does intercept it, but since I doubt that they have patched the Windows messaging system my guess (from a quick glance, maybe I'll take a closer look after the holidays) is that they hook into the message queues to intercept such attacks. That attempt is futile, though, since I simply need to place my hook before any other hook to circumvent it. Besides, the additional PopUps make the program completely unusable for normal users, because they won't understand the question (what do users know about "windows messages"?). Even more since the PopUps won't give the full path of the executable but just the filename. Regards Ansgar Wiechers -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ----------------------------------------------------------------------------
Current thread:
- how to break a personal firewall mahendra_yn (Dec 19)
- Re: how to break a personal firewall Gene Cronk (Dec 19)
- Re: how to break a personal firewall Ippatsu Man (Dec 20)
- Re: how to break a personal firewall Ansgar -59cobalt- Wiechers (Dec 20)
- <Possible follow-ups>
- RE: how to break a personal firewall James Grant (Dec 21)
- Re: how to break a personal firewall Ansgar -59cobalt- Wiechers (Dec 26)