Vulnerability Development mailing list archives
Re: local security workaroudn through IE
From: kotz () FLASH NET (Robert)
Date: Fri, 24 Mar 2000 20:02:18 -0600
This isn't something that can be stopped (not to my knowledge at least without messing with the OS itself). Most software companies just rely on the fact that no one will notice that you can browse the HD with a http browser, or any other program that has file->open. However, if the software is good, then the only thing this will let you do is find out what packages are installed because they will have blocked the opening of any critical files (like *.bat, *.ini, et al). As well, most software doesn't let you run system critical executables (stuff like regedit which would allow you to turn off the software altogether). Anyway, it is a nifty little trick cause it lets you browse the HD when everyone else is sitting there thinking you can't. Oh, one more thing, if the 'run' option is still left in the start bar, the world is your oyster, pretty much. The final interesting thing I have noticed in poking around at my school is that Fortres101 (Grand Corporation's windows security program) stores all of its setup files and default stuff in a hidden directory in C: Well, that's all well and good, but netscape and IE don't care about the hidden attribute, so you can browse through all the default install information, and some admins won't change the default settings, which is not a good thing. So basically, this really isn't that much of a problem, that is, if the software is good, but then again, we ARE talking about Windows "security" software :P. As for the OOBing, no comment. Robert Kotz
Current thread:
- Re: local security workaroudn through IE Robert (Mar 24)
- Re: local security workaroudn through IE H D Moore (Mar 24)
- Re: local security workaround through IE Andrew Bennieston (Mar 31)
- <Possible follow-ups>
- Re: local security workaroudn through IE BLiND _ (Mar 27)
- Re: local security workaroudn through IE H D Moore (Mar 24)