Bugtraq mailing list archives
Re: FoolProof for PC Exploit
From: maxinux () BIGFOOT COM (William Tiemann)
Date: Mon, 9 Nov 1998 20:23:07 -0800
On Wed, 4 Nov 1998, Krish Jagannathan wrote:
I figured this much out -- if you are running on FoolProof for the PC (Win9x) and you boot up in safe mode (with or without network support) it will bypass the FoolProof TSR and enable full privileges, even deleting the FoolProof directory. --- Krish Jagannathan krisjag () juno com YCHJCYADTKCF
This may be true(infact it is true) but is a sign that your administrator forgot or did not know about F8. This was the case at a school i know that just setup FoolProof, forgot F8, and diskette booting, but that was negligence. So here is another problem in foolproof Bug/flaw: A bug that for all intensive purposes is a bug. If you can execute 'echo' with 4 command line arguments you can disable (esentially delete) foolproof. Implication: Disable _protection_ (if you can call it that) from FoolProof. Exploit: echo Hi > c:\fool95\fooltsr.exe Do this with every file in the foolproof dir (The install directory may vary). Fix: Run a UN*X os instead of a Microsft product? Seriously though, I have not looked into side effects(or if even possible) to disable 'echo', so making all files in the foolproof dir (and elsewere through out the computer, have not looked for them all) read only so you _cant_ write to them, but also disable attrib changes. -- Max Inux <maxinux () openpgp net> Hey Christy!!! KeyID 0x8907E9E5 Kinky Sex makes the world go round O R Strong crypto makes the world safe If crypto is outlawed only outlaws will have crypto Fingerprint(Photo Also): 259D 59F7 D98C CD73 1ACD 54Ea 6C43 4877 8907 E9E5
Current thread:
- FoolProof for PC Exploit Krish Jagannathan (Nov 04)
- Re: FoolProof for PC Exploit The Tree of Life (Nov 09)
- Re: FoolProof for PC Exploit William Tiemann (Nov 09)
- <Possible follow-ups>
- Re: FoolProof for PC Exploit Erik Soroka (Nov 09)
- Re: FoolProof for PC Exploit axon (Nov 09)
- Re: FoolProof for PC Exploit Darren Rogers (Nov 09)
- Re: FoolProof for PC Exploit pcsupport () smartstuff com (Nov 10)