[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Unsecure file permission of ZoneAlarm pro. (ZA will fail to load)
- To: full-disclosure@xxxxxxxxxxxxxxxx
- Subject: Re: [Full-Disclosure] Unsecure file permission of ZoneAlarm pro. (ZA will fail to load)
- From: bipin gautam <visitbipin@xxxxxxxxx>
- Date: Sun, 22 Aug 2004 12:09:06 -0700 (PDT)
>ZoneAlarm does not rely on file permissions to
protect
>any configuration files. Configuration files are
protected
>by our TrueVector(r) driver in the kernel.
>then ALL YOU NEED TO DO,
>is to change the folder permissions to EVERYONE:
DENY, and NTFS will
>not EVER allow you to recover this folder. ZA will
thus never operate
>properly on this machine again.
Not really, I've discoverd a NTFS feature (BUG?).
well... If you have system/administrative privilages
in a disk.... you can read/modify a file even though
it has "EVERYONE: DENY" permission set.
All you have to do is read the file through RAW disk
access... instead of going through the standard
procedure.
This will let you read/modify the file even-though it
has the permission "EVERYONE: DENY" For quick demo.
use any, file delete/recovery utility... to read a
file that has EVERYONE: DENY permission set.
--------------
But, this trick isn't limited to this... i've foud
some intresting thing.
--------------
EVEN THOUGH ZA has its 'SECURITY' feature enabled, all
a attacker has to do is,
E:\WINDOWS\Internet Logs\> attrib/s +h +s +r +a
{{{ and compress the folder (optional) }}}
Next time, when ZAP or PC restarts... its so called,
TrueVector(r) driver in the kernel will fail to load
at all. (cheese!)
Now, DOES ANYONE SEES A HOLE..... (O;
bipin
__________________________________
Do you Yahoo!?
Read only the mail you want - Yahoo! Mail SpamGuard.
http://promotions.yahoo.com/new_mail
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html