Spoofing GUIDs
Results 1 to 6 of 6

Thread: Spoofing GUIDs

  1. #1

    Spoofing GUIDs

    Hi everyone
    I have checked around on google and search this forum but can't find a specific reference to it (which could well be my answer), however this does seem at least theoretically possible.

    Has anyone come across an instance of, or know about techniques where a machines GUID can be spoofed? I ask because my organisation is taking steps towards using GUIDs for particular functions and the ability to spoof a GUID would introduce a vulnerability.

    Any advice/experiences appreciated.

    Regards

    TG

  2. #2
    Senior Member treanglin's Avatar
    Join Date
    Dec 2003
    Posts
    111
    What is a GUID in your case? Can you be more specific?
    "Do you know why the system is slow?" they ask

    "It's probably something to do with..." I look up today's excuse ".. clock speed"
    -BOFH

  3. #3
    AO's Resident Redneck The Texan's Avatar
    Join Date
    Aug 2003
    Location
    Texas
    Posts
    1,539
    Sorry I cant be of much help but i searched under Google and MS.com and as far as i can tell a GUID is UNIQUE so, I dont believe that it can be spoofed of course i have nothing to back this up on since i searched and searched but couldnt find anything to proof otherwise... I mean no technology is foolproof there is always a way to beat it but, I am lead to believe that a GUID presently is truely unique and cant be spoofed... sorry I couldnt be more help but i wanted to give it a shot. goodluck man.
    Git R Dun - Ty
    A tribe is wanted

  4. #4
    Originally posted here by The Texan
    Sorry I cant be of much help but i searched under Google and MS.com and as far as i can tell a GUID is UNIQUE so, I dont believe that it can be spoofed of course i have nothing to back this up on since i searched and searched but couldnt find anything to proof otherwise... I mean no technology is foolproof there is always a way to beat it but, I am lead to believe that a GUID presently is truely unique and cant be spoofed... sorry I couldnt be more help but i wanted to give it a shot. goodluck man.
    Thanks for trying Texan. You helped confirmed my nil result search. While not conclusively turning up a "no it can't be done" I think we have determined that it is something that hasn't yet been exploited (possible thing to look forward to I suppose).

    Treanglin - In this case I am referring to a GUID as an identifier for a machine on a network.

    TG

  5. #5
    2 entries found for GUID.

    GUID

    \Guid\, n. A flower. See Gold. [Obs.] --Chaucer.

    Source: Webster's Revised Unabridged Dictionary, 1996, 1998 MICRA, Inc.

    GUID

    GUID: in Acronym Finder

    Source: Acronym Finder, 1988-2004 Mountain Data Systems





    this is the best answer i can give... i don't know either that's why i try it in the dictionary

  6. #6
    Senior Member
    Join Date
    Oct 2001
    Posts
    748
    Originally posted here by TechGrunt
    Thanks for trying Texan. You helped confirmed my nil result search. While not conclusively turning up a "no it can't be done" I think we have determined that it is something that hasn't yet been exploited (possible thing to look forward to I suppose).

    Treanglin - In this case I am referring to a GUID as an identifier for a machine on a network.

    TG
    I think he was asking what type of network, more specifically what type of OS. If you are referring to a Windows 2000/2003 server based network and windows XP clients you would have to find a flaw in their CSP(cryptographic service provider) implementation to spoof a GUID.

    The CSP is what generates the GUID and insures that it is authentic for each machine.

    It is also possible that someone could compromise a system and extract the GUID from the registry and then apply that guid to another machine. It is stored here-

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\MachineGuid

    I'm not sure what would happen if both machines were on the network and trying to authenticate to AD at the same time using the same GUID.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •