Penetration Testing mailing list archives
Windows Internationalization?
From: Jon Kibler <Jon.Kibler () aset com>
Date: Wed, 18 Nov 2009 16:00:35 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I have been approached about doing a pen test job that would involve a target organization whose native character set is not ASCII. So, I have a few questions and would appreciate some pointers to help me decide if I really want this assignment. Questions that immediately come to mind are: 1) On a Windows system that uses a non-ASCII character set (Chinese, Arabic, Russian, etc.), how does that effect Windows? -- Are registry key names still ASCII? Key values still ASCII? -- Are Windows directories still ASCII? -- Are Windows file names still ASCII? English language file names? -- Are there any differences in how internationalization works between Windows versions, such as W2K3 and XP/Vista? -- Are standard user names such as "administrator" and "guest" still ASCII, or have they been internationalized, too? -- Are file extensions (.exe .bat .ini, etc.) still ASCII or have they been internationalized? -- Are INI file contents ASCII or internationalized? -- Any changes to the SAM file? (Will pwdump still work against it?) I guess the bottom line is, what gets changed and what is left in ASCII on an internationalized Windows box? 2) Are there any tools that have been customized for use with non-ASCII character sets, such as non-ASCII nikto databases? 3) What are the issues that I should be aware of when pen testing an internationalized target? I would be working with a native speaker of the language who is a sys admin, but not a security expert. (Unfortunately, I would not get to speak to them until after I agree to the assignment!) Most of the stuff I find when googling the subject gives links to old pages that really do not give much specific information. Thoughts, comments, suggestions? Thanks in advance for any/all help! Jon - -- Jon R. Kibler Chief Technical Officer Advanced Systems Engineering Technology, Inc. Charleston, SC USA o: 843-849-8214 c: 843-813-2924 s: 843-564-4224 s: JonRKibler e: Jon.Kibler () aset com e: Jon.R.Kibler () gmail com http://www.linkedin.com/in/jonrkibler My PGP Fingerprint is: BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAksEYHMACgkQUVxQRc85QlMmUACfeaUvnSiYJBTG4cJ0jSnDKHkd zNkAn3SxetV7AV1z4uN/FzD89oaeNo24 =XVHd -----END PGP SIGNATURE----- ================================================== Filtered by: TRUSTEM.COM's Email Filtering Service http://www.trustem.com/ No Spam. No Viruses. Just Good Clean Email.
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Windows Internationalization? Jon Kibler (Nov 19)
- Re: Windows Internationalization? Robert Portvliet (Nov 23)
- Re: Windows Internationalization? τ∂υƒιφ * (Nov 30)