bypassing user permisions?
Results 1 to 6 of 6

Thread: bypassing user permisions?

  1. #1
    Senior Member
    Join Date
    Apr 2002
    Posts
    214

    bypassing user permisions?

    Hey everyone,
    I haven't posted here for a while, but I was just wondering....on a linux or windows 2000 (or any other multi-user OS), is it possible for a normal user to install a program to read raw disk sectors to bypass any security protecting files on the OS?
    Either get busy living or get busy dying.

    -The Sawshank Redemption

  2. #2
    Of course there are ways to bypass certain security files but they will always be 'protected' by the SAM. The reason that it is basically impossible to tap 'files' is because the SAM on windows 2000 marks just about everything with a 'user ID'. Also, trying to manipulate (with disk sector software/command prompt ) the SAM would disable your system. Trust me.

    I'm not sure about LINUX. I assume you probably could.

    Scatman
    If the scatman can do it so can you.

  3. #3
    Senior Member
    Join Date
    Oct 2002
    Posts
    314
    If the user can boot the system from a floppy they can change the passwords, that bypasses everything...
    Quis custodiet ipsos custodes

  4. #4
    AO Veteran NeuTron's Avatar
    Join Date
    Apr 2003
    Posts
    550
    Originally posted here by R0n1n
    If the user can boot the system from a floppy they can change the passwords, that bypasses everything...
    This is true, the easiest and most dangerous exploits in Windows are local(someone sitting in front of you computer) A bootdisk with ATTRIB on it can let you in to any Windows box. Remotely, it is far more difficult to break in to an NTFS system with well chosen passwords and maybe a router or firewall.

  5. #5
    Junior Member
    Join Date
    May 2003
    Posts
    1
    Just wondering, is there any other way you can bypass if you dont have the boot disk.

    my life

  6. #6
    Senior Member
    Join Date
    Jan 2002
    Posts
    1,207
    Hey everyone,
    I haven't posted here for a while, but I was just wondering....on a linux or windows 2000 (or any other multi-user OS), is it possible for a normal user to install a program to read raw disk sectors to bypass any security protecting files on the OS?
    No, of course not.

    A normal user can install the program to read raw disk sectors, but it won't work unless you're Administrator (or root, or similar).

    Like other posters said, with the ability to boot off an alternate source (CD, floppy etc), an attacker can read any file on the disc which isn't encrypted (*and* plant a keylogger or trojan to get at the encrypted stuff)

    Unlike what the other posters said, NTFS does not make it significantly more difficult to read (or write) protected files - many tools are available. It will only stop the most l4m3 script kiddies (and not even that is guaranteed)

    The trick is to ensure that users cannot bypass the normal boot process
    - Password protect the bios setup
    - Boot from the HD only
    - Password protect the bootloader (where necessary - for example lilo)
    - If physical security is a real problem, put the machine in a locked box.

    finally

    - Never log on to a workstation in an unprotected physical location with a network admin or any other kind of privileged account
    Because if the machine was compromised, it could have a keylogger on.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •