-
January 23rd, 2005, 08:14 PM
#11
You could also make an html link to "C:\windows\regedit.exe"... Or is it C:\windows\system32\regedit.exe? Hmm either way, you can go to notepad, and type:
<html>
<body>
<a href="C:\windows\regedit.exe">click here for registry</a>
</body>
</html>
This works incase your at the library or school and your doing stuff your not supposed to and they restricted your ability to type something like file:///%systemroot%/regedit.exe in the address bar. Be sure to save the file as .htm in notepad...
-
January 23rd, 2005, 08:24 PM
#12
or you could always keep a copy of the command.com (or cmd.exe) and regedit.exe on a usb flash drive cause then you can always get to them even if they have locked down permissions to it. i know at our college library they don't let us access network drives, but because i hate floppies and like to listen to music when i work, i used this trick to access my computer in my dorm room and then streamed the music to windows media player (which was also missing a shortcut)
[gloworange]find / -name \"*your_base*\" -exec chown us:us {} \\;[/gloworange] [glowpurple]Trust No One[/glowpurple][shadow] Use Hardened Gentoo [/shadow]
CATAPULTAM HABEO. NISI PECUNIAM OMNEM MIHI DABIS, AD CAPUT TUUM SAXUM IMMANE MITTAM
-
January 24th, 2005, 10:55 AM
#13
I like that solution!
This thread has prompted a related question for me: is it possible to disable COMPLETELY the use of regedit (and others such as gpedit.msc)? There are many workarounds demonstrated here and I just wondered if there are any techniques that are foolproof (or as near as possible). I know that I could delete the files then carry them around with me on a USB memory stick but that wouldn't *prevent* them being run in this way. Are there any settings the prevent their being run???
-
January 24th, 2005, 05:12 PM
#14
Originally posted here by Ignatius
I like that solution!
This thread has prompted a related question for me: is it possible to disable COMPLETELY the use of regedit (and others such as gpedit.msc)? There are many workarounds demonstrated here and I just wondered if there are any techniques that are foolproof (or as near as possible). I know that I could delete the files then carry them around with me on a USB memory stick but that wouldn't *prevent* them being run in this way. Are there any settings the prevent their being run???
if registry editing is disable to you, and some (basic) policies are applied at domain level, i doubt you can run regedit or any utility.... you dont need to delete anything from users disk..
Meu sítio
FORMAT C: Yes ...Yes??? ...Nooooo!!! ^C ^C ^C ^C ^C
If I die before I sleep, I pray the Lord my soul to encrypt. If I die before I wake, I pray the Lord my soul to brake.
-
January 24th, 2005, 06:16 PM
#15
Thank you - so it can be done! I know how to disable registry editing but don't know how to disable gpedit yet leave a "backdoor" for the Administrator to gain access. Can anyone tell me how to do this?
-
January 24th, 2005, 06:52 PM
#16
The answer is certainly yes it can be done. We prevent all of these vectors (and a few others not mentioned) through the use of local group policy, NTFS and system level lockdowns.
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
-
January 24th, 2005, 07:12 PM
#17
Originally posted here by Ignatius
Thank you - so it can be done! I know how to disable registry editing but don't know how to disable gpedit yet leave a "backdoor" for the Administrator to gain access. Can anyone tell me how to do this?
gpedit its a special right that only administrator (usually) have access.
if the user has access to local administrator, its useless any effort to block it
Basic security Administration:
"End User shall not have acess to Local Administration Rights".
Meu sítio
FORMAT C: Yes ...Yes??? ...Nooooo!!! ^C ^C ^C ^C ^C
If I die before I sleep, I pray the Lord my soul to encrypt. If I die before I wake, I pray the Lord my soul to brake.
-
January 25th, 2005, 06:08 AM
#18
Member
Since we're discussing the many fun ways of starting regedit you can use the 'at' command to start it under localsystem so you can see the SAM entries, etc
run this command (where xx is a time in the near future like 20:30)
at xx:xx /interactive regedit
-
January 25th, 2005, 08:28 AM
#19
Doesn't this need access to the cmd screen?
-
January 25th, 2005, 10:52 AM
#20
I believe that would require the command screen or a batch file, but what I think is being proposed is effectively to schedule regedit to run as a task. In this case you could use task scheduler/manager?
In WIN XP it will ask you for the user password, but in 9x (I have only tried it with Windows ME) you are automatically logged in as Administrator.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|