Bugtraq mailing list archives
Re: FoolProof for PC Exploit
From: ttol () STUPH ORG (The Tree of Life)
Date: Mon, 9 Nov 1998 13:04:53 -0800
This is true for some cases, but the latest FoolProof allows a option that will prompt for a password if someone presses F5 or F8 at bootup. It will then allow you unlimited tries, but you can't resume normal bootup unless you reboot. FoolProof also doesn't protect the 'Press Del to enter Setup' at bootup, so you can reset the boot sector to default (this works on some models where it resets the boot sector to factory default), which I think bypasses the F5 thing. Before that happens though, the boot sector has to be in memory already (the old one), so that the system can replace the new one with the old one. Oh, I've seen a QB program where it records keystrokes, even ctrl and shift. Since FoolProof doesn't allow people to run programs externally, but could open up a text file, just load the .bas file in QB.EXE and maybe if someone could get it to run in low priority (background process), it could capture the hotkey. another thing is that i *think* it is possible (i'll try it tomorrow in school) is to copy command.com onto a disk, rename it to temp.txt, and load it in wordpad. then save it as c:\windows\help\wordpad.hlp (answer no when it asks you to convert it), and go to help and you'll be dropped to dos. I hope that helps. btw: That gay jester at startup sucks..it's very annoying :) On Wed, 4 Nov 1998, Krish Jagannathan wrote:
I figured this much out -- if you are running on FoolProof for the PC (Win9x) and you boot up in safe mode (with or without network support) it will bypass the FoolProof TSR and enable full privileges, even deleting the FoolProof directory. --- Krish Jagannathan krisjag () juno com YCHJCYADTKCF ___________________________________________________________________ You don't need to buy Internet access to use free Internet e-mail. Get completely free e-mail from Juno at http://www.juno.com/getjuno.html or call Juno at (800) 654-JUNO [654-5866]
-t .--------------------------------------------------------------------------. |The Media and the Monster: Which is the Creator and which is the creation?| |--------------------------------------------------------------------------| | System Administrator/DNS Network Administrator/Keeper of Gods | |Kalifornia.com (c)1998 | ttol () stuph org | http://www.ttol.stuph.org| `--------------------------------------------------------------------------'
Current thread:
- FoolProof for PC Exploit Krish Jagannathan (Nov 04)
- Re: FoolProof for PC Exploit The Tree of Life (Nov 09)
- Re: FoolProof for PC Exploit William Tiemann (Nov 09)
- <Possible follow-ups>
- Re: FoolProof for PC Exploit Erik Soroka (Nov 09)
- Re: FoolProof for PC Exploit axon (Nov 09)
- Re: FoolProof for PC Exploit Darren Rogers (Nov 09)
- Re: FoolProof for PC Exploit pcsupport () smartstuff com (Nov 10)