|
-
September 9th, 2003, 12:50 AM
#1
Bypass "Access Denied" HD on NT Question?
I belive that the 3 below are ways to access an "Access denied" HD on windows NT.
1. Non working shortcut on startmenu. Click browse when it askes you to. then go to the desktop
hold up + enter (which goes up a directory level) and you're in the HD free to do whatever.
2. Create your own non working shortcut. On the Nt boxes at my school the admins disabled
the right click menu. No problem. I created a (dummy) document in word (you can use any program that
saves). and saved it to my folder. I opened up my folder and found the file I just saved. Right clicked (draged) on it to a different location, just maybe 10 pixels away on a empty spot in the folder. That brings up a menu. Copy here, move here, or create shortcut here. You want to create the shortcut here. So now you have the shortcut to the (dummy) file you just created.
Delete the original dummy file. Now click on the shortcut, which brings up the browse screen.
now goto desktop and push up + enter (which goes up a directory level). Or you can push the "up one level" button if it's there. And now you're in to do whatever.
3. The third way I know has nothing to do with the other 2 ways. I just heard about this one. but it works. open up internet explorer. goto tools, if it's there. goto tools, internet options, settings, and view files. and you're in to do whatever.
Is there any truth to this? is there a way to stop it?
-
September 9th, 2003, 01:18 AM
#2
Sza: I've seen a few of your posts so far... Some have been <yawn> material and others seem like you are trying to be creative.... In either case I get a feeling that you are trying to "buy" yourself some AP's.......
So here's a challenge - I can give fairly substantial AP's and I'm absolutely sure that there are a lot of others with far more "clout" AP-wise than me that would give you positive AP's if you take the challenge and win.
The challenge: Tell me _how_ to secure my system so that your three, (really only two), "exploits" can be secured against. Write us a paper with each "exploit" documented as to why it works and then tell me how to prevent you from doing it on my machines..... I, (as I'm sure others more talented than me), will test your fixes..... If your fixes are not easily breakable but "novice level" to implement, you win..... Manage that and I will positively AP you and I'm sure a bunch of others will do the same.....
Now.... See how much fun that will be........ 
Girls and boys..... Let's not help out here..... Help Sza to learn...... Sza: the ball is in your proverbial "court", have fun.
Don\'t SYN us.... We\'ll SYN you..... 
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
-
September 9th, 2003, 01:50 AM
#3
Amen.
Sza, its been discussed: http://www.antionline.com/showthread...ied+hard+drive
On the Nt boxes at my school the admins disabled
the right click menu. No problem. I created a (dummy) document in word (you can use any program that
saves). and saved it to my folder. I opened up my folder and found the file I just saved. Right clicked (draged) on it to a different location, just maybe 10 pixels away on a empty spot in the folder. That brings up a menu. Copy here, move here, or create shortcut here. You want to create the shortcut here. So now you have the shortcut to the (dummy) file you just created.
Heh, not cool. Don't be too smug, it may end up haunting you later, after you've been expelled.
EDIT: How about those Raiders, Tiger?
It\'s 106 miles to Chicago, we\'ve got a full tank of gas, half a pack of cigarettes, it\'s dark and we\'re wearing sunglasses.
Hit it!
-
September 9th, 2003, 07:33 PM
#4
Use NTFS.. Short of getting admin rights there is nothing you can do to change permissions on a folder that you do not have access to.
-
September 9th, 2003, 07:51 PM
#5
mohaughn..pardon me for asking what may seem like a completely ignorant question (I don't deny it, I am ignorant  )
Anyway, so are you saying that by merely using NTFS, IE will no longer allow you to view files? Or that it will disbale the ^+ enter combination?
I don't know squat about XP. Well, that's not exactly true. I know that I know less than squat, so I guess that is something
EDIT: Told you I was ignorant, I meant NT, not XP..
-
September 9th, 2003, 08:47 PM
#6
groovicus- The items that were listed are not capable of defeating NTFS permissions. At most they will beat some of the simple desktop changes that some administrators make to try and make it more difficult for users to get around on a system.
-
September 9th, 2003, 09:28 PM
#7
Ok..cool...
(files that info away for future reference)
-
September 9th, 2003, 09:44 PM
#8
I would go with mohaughn on this one. If you are using the NTFS file system and you have your workgroups and file/folder permissions correctly set, I don't think that these exploits would work.
Unfortunately, Szafran does not say if the drives are physical or logical, or if they are local, or on a server.
As he refers to "school" I suspect that the file systems are FAT32, as that will let more OSes "see" them. NT + FAT32 is not a great combination from a security viewpoint?
I just tried the Internet Explorer one on a secured logical drive (FAT32/WIN Me)............total failure (well success from my viewpoint!)...............didn't even get as far as asking for the password .......................and NTFS + NT/2K/XP are infinitely more secure than 9x/Me, provided that you set them up properly.
I won't say anymore as I don't want to spoil TigerShark's clallenge 
Cheers
-
September 10th, 2003, 10:47 PM
#9
I'm not really into AP's but i do like to share my information in hopes that people will share back.
-
September 10th, 2003, 11:39 PM
#10
I accept that you are genuine mate,
How about the OS environment that you are running your experiments in though. OK you said NT.........I have to assume 4.0 but what SP?......5, 6a?
And what FILE SYSTEM....because that is very crucial to any sensible debate on security! It is also relevant as to how many machines are actually involved.................
For example, I just unpacked an Acorn Archimedes 12/20 (I have just moved house)......the 12 I presume is 12Mhz processor (about a 386?) and the 20 will be 20MHz front side bus? 16Mb of RAM and a 151Mb HDD.
It runs on a Motorola chip with the RISK operating system...............there are 114 (one hundred and fourteen) known viruses for this OS/kit................as you are obviously wanting to learn, you have to be a bit more precise? .............we can all learn.........it is an upwards and downwards process.
There was an American philosopher called George Santayana (I probably did not spell that correctly?) who said something like:
"Those who do not learn from history, are condemned to repeat the past"............a lot of things in this world are not NEW, just re-marketed
Please feel free to PM me if you want to talk more detail
Good Luck
BTW..............do try to get hold of some old ex-corporate kit to experiment on...then we can start to learn!
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
