Security Basics mailing list archives
RE: How can I enable power users on W2k domain to defrag their hard drives??
From: Simon Zuckerbraun <szucker () sst-pr-1 com>
Date: Fri, 27 Aug 2004 00:07:31 -0500
The hack described there is a bad idea in terms of security. Despite any claims to the contrary, the password can definitely be retrieved from the executable.
When you run the compiled script, some process has got to take place that decrypts the password. (If not, the script wouldn't be able to use the password, would it?) Anyone who wants to retrieve the password from the executable can simply follow that very same process to decrypt the password.
For example, he could copy the compiled executable to a machine that he owns, and run it inside a debugger. The executable decrypts the password, at which point the password is visible in memory.
Simon -----Original Message----- From: Erich D. Heintz [mailto:lists () heintz us] Sent: Wednesday, August 25, 2004 3:00 AM To: 'AndrewC'; security-basics () securityfocus comSubject: RE: How can I enable power users on W2k domain to defrag their hard drives??
Short answer... The native defragger requires administrator rights, period.Long answer... Some of the commercial defraggers might allow it but you'd have to check with the app vendors. I did find a reference to a "hack" that would allow it by creating a compiled wrapper script that embeds the administrator password in an executable so that it can't be retrieved. I haven't tried it, but it originated in Win2K magazine, See http://groups.google.com/groups?q=allow+users+to+run+defrag&hl=en&lr=&ie=UTF
-8&selm=a833bbd9.0209130747.9a37ab3%40posting.google.com&rnum=1 --------------------------------------------------------------------------- Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ----------------------------------------------------------------------------
Current thread:
- How can I enable power users on W2k domain to defrag their hard drives?? AndrewC (Aug 24)
- RE: How can I enable power users on W2k domain to defrag their hard drives?? Erich D. Heintz (Aug 25)
- <Possible follow-ups>
- RE: How can I enable power users on W2k domain to defrag their hard drives?? Simon Zuckerbraun (Aug 30)