DeepFreeze: Here is a Challenge!

[itsme]

I must admit I am a bit saddened by the lack of participation from other AntiOnline members

would have loved to test it.sounds like a good one.
but we only have win nt or 2000 (yeah linux too) here

hope theres' one with win2k support soon!!

[DISLEX]

00110101,

[Focmaester]

Great solution for @ my school.
No Norton ghost imageing needed anymore.

[williamtell323]

DeepFreeze is the best program I have ever seen in any category, bar none. However, in spite of its mystical operation and very impressive security, it is vulnerable to booting from a floppy. It is easily removed if you know what to delete. So... hacking DeepFreeze is not a matter of hacking DeepFreeze, it is a matter of hacking BIOS and CMOS. Since most people who install DeepFreeze don't think to go into CMOS and disable A: in the bootup sequence, removing DeepFreeze from a computer is a cinch. However, if CMOS Setup is passworded and the floppy drive disabled in the bootup sequence, hacking DeepFreeze becomes a matter of hacking CMOS. DeepFreeze uses anti-debugging code to prevent BIOS/CMOS password crackers from working. But there are master passwords installed by most motherboard manufacturers. It didn't take me long to figure out mine. I have a DFI motherboard with an Award 4.51 BIOS, and the master password is Y. C. Lu, the name of the guy who started DFI! I know it may sound challenging to find out the master password to your BIOS, but it really works. OEM's use a program called MODBIN (for Award anyway) to program security default passwords into the BIOS's for their mobo's.

On most computer setups (schools, labs, etc.) it is usually not that hard to get access to the computer case either. I would download the mobo manual off the internet, find out the Clear CMOS jumper location, then get someone to watch my back, or find an opportune time to open the case and change the jumper, reboot, enable the floppy drive in the CMOS Setup, then change it back the way it was. Then boot from a BOOTDISK (created by format a: /s) and remove DeepFreeze.

The file which does all the magic in DeepFreeze is a system file called persis0.sys, located in the DeepFreeze folder. To view it from within Windows, you must make sure that "Show Hidden Files and Folders" is checked, AND UNCHECK "Hide Protected Operating System Files" right below it. All this under Tools, Folder Options in Windows Explorer. If you do this, you can see persis0.sys.

When you make the BOOTDISK, copy ATTRIB.EXE to it as well. You will need this to unhide persis0.sys before deleting it. Just attrib -r -a -s -h persis0.sys, then delete it, then the rest of the files, then the DeepFreeze folder, then the Hypertechnologies folder. Then restart the computer and Deep Freeze is GONE!!

They have no anti-tamper code to mess up your computer if you delete it from a BOOTDISK.

Deep Freeze 2000 Beta is out now.

www.deepfreezedownload.com/secure
User Name: df2000
Password: beta2a

DeepFreeze phone number: 800-943-6422

Happy Hacking!persis0.sys

[larryjs]

I use gateway's "goback" program. It suits my purpose well as I do not want to lose every change I make when I reboot. I just want to be able to recover to a decent past state after a bad crash. goback peroidicly(you can make a choice on how often) takes a system "snapshot" and saves it.If a crash happens just activate it at

[tazjam]

this sounds impressive, i think i'll try it. my school uses full armor, probably one of the worst ones out there IMO. at one building it continually corrupts system files so we have to use the undo32 utility that came with it. and the fact that my teacher wasn't paying attention and i watched her type in the pass isn't good for security either... so far i've only used it to fix up the pc's so they don't crash as much. the technician they have working at that same building, when he installed all 30 pc's, didn't know how to use win2000 so he uninstalled them all and put win98 on them. i think that's half the problem. that he didn't set it up right.

[DISLEX]

Thank you for the information williamtell323. I will play around with that and see what I come up with. It is good to see people getting involved in this! Thanks again!

Living To Learn,

[williamtell323]

You can reinstall DeepFreeze and get an infinite amount of 60 day trial periods by deleting the following two keys in the CurrentVersion folder of the registry:

HKEY_LOCAL_MACHINE\
SOFTWARE\Microsoft\Windows\CurrentVersion
NAffinityConfig (long alpha-numeric value)
Rebar_XXXXXXXX (eight digit alpha-numerica value)

There are a few other registry keys, but none that will prevent you from reinstalling DeepFreeze with a fresh 60-day trial period.
You will be prompted to "replace all" for the others when you reinstall.

Also, to launch the DeepFreeze password box (for those of you who may not know) shift+double click the DeepFreeze icon in the system tray. OR, Ctrl+Alt+Shift+F6. I do not know if these can be reconfigured or not in the purchased version. But those are the default methods of opening the password box. I think the password is stored in the swap file, but I'm not sure. I studied it thoroughly with RegMon and FileMon, but couldn't figure it out.

I would like to know though what the basic programming techniques are with DeepFreeze which allows all changes to be reversed. Does it do the same thing as GoBack? Someone else mentioned the FAT table. Did you know Bill Gates invented the first FAT? Anyway, we're making progress here. Let's get some more contributions from some of you out there.

What about a TSR or other program which would remain in memory and delete DeepFreeze on a warm reboot? I tried putting a shortcut on my desktop for "Exit 2 DOS", but DeepFreeze forced a complete restart when I double-clicked it.
There has to be a way to shut down/unload the persis0.sys file while DeepFreeze is running. If you talk to the people at the 800 number, they make a big deal out of the fact that DeepFreeze runs in "Ring 0" and can't be stopped because of that. Well, what about writing a special program to kill it. One C+ programmer told me you can do ANYTHING by calling API's. Let's get on the ball here folks!!! Let's torch this baby!!

[Craisins]

Originally posted by DISLEX
This will bring up the password screen also known as the "Token Screen". Once this screen is up you will see an alpha-numeric code. You type this code into the admin prog and it will then use it to give you a password which is also alpha-numeric.

Since it gives you a token to make a password, couldn't A) you get a copy of the admin software and use that key to get passed it or B) write your own code to do it.

If i'm missing something, tell me.

[Oso]

I have a hidden RUN command on my win98SE environment. I also hide FIND, SETTINGS, and some more features. Using Help I opened the add/remove programs and uninstall Deep Freeze...

Now I'm gonna go to see if this worked out!!!

I'll let you know.

(actually I did it a week ago, but haven't checked back)