Blocking DreampackPL?
Results 1 to 5 of 5

Thread: Blocking DreampackPL?

  1. #1
    Junior Member
    Join Date
    Nov 2007
    Posts
    2
    While i was talking to a friend the other day, the topic of DreampackPL came up. I'm not sure if you all are familiar with this software, or even if you have talked about it, but my question is, has any of the known anti-spyware/virus programs other than McAfee been able to block the software from being used? I have seen the program in action, and it is very, very resourceful. It can bypass any user login screens, and can crack any passwords that are there. It attaches itself to the sfcfiles.dll, and allows pretty much anything to be bypassed security wise. I personally use linux, so i'm not affected, but a lot of others still use Windows. Any suggestions?

  2. #2
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    Deamor3, I moved this post from the old thread you had put it on. It seems more appropriate to have it on it's own discussion.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  3. #3
    Senior Member
    Join Date
    Oct 2007
    Location
    do a whois search on my ip...
    Posts
    268
    This is a very "cute" program, and very easily rendered useless. The program has three options in which to use it. All of the options do the same thing, which is replace the sfcfiles.dll file

    (The file sfcfiles.dll, is required by windows and is used to verify the integrity of files that are required for the system to operate. If it finds that critical system files are missing or damaged, it will attempt to automatically fix them. You should leave this file, as it may improve the reliability of your system.)

    with a "patched" version of the file. Now every option requires physical access to the box your attacking, which means that the very obvious single way to fix this "exploit" is to deny access to your bios and make your hdd what you boot from first...

    Since I am bored I'll run through each option and how to disable its use.

    Option 1. "Install" to install this program you will have to replace a file in system32, which means you need admin rights. So dont give any users admin rights =)

    Option 2. "Create CD" which is making a livecd that replaces the file from your original microsoft install disk. This means you have to have an original install disk. Just deny access to bios, and make your cd drive boot after your hdd.

    Option 3. "Extract" this means it gives you the file and leaves it up to you to replace it with the original... this just spells trouble! again you have to have admin rights to do this, so dont allow users admin rights!

    You don't have to have a spyware/virus tool, windows will stop this program for you =)

    This program only works on Microsoft Windows 2000/XP operating systems (from what it says, I personally would never use this program.) I would not recommend using this, replacing system files is always a scary thing. If you intend on using it on your system to see if it works or whatever, just do yourself a favor and backup your system.

    There is a reason this program has a disclaimer on its website saying "THIS SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND.
    YOU USE THIS SOFTWARE ONLY FOR OWN RISK."

    Good Luck. hope this helps
    Last edited by ArPaNET; November 26th, 2007 at 09:10 AM.

  4. #4
    Junior Member
    Join Date
    Nov 2007
    Posts
    2
    True, true, but i have used it myself. It is very user friendly...

    It is also true that people could use a bios password, but how many people other than someone who actually knows their way arround a computer would even think to put a bios password on a computer. It backs up the original sfcfiles.dll, but you're right, it can screw up your computer if you don't know what you're doing = P. Luckly enough i will never have to worry about this because of linux. It has no windows base except the fact that it's off the same original kernel. I'm just saying, very few people even think to put a bios password on their systems.

    The issue with having to find a copy of Windows XP is not an issue either, most people have a copy lying around their computer desk somewhere, i have 3 copies myself. You only need the XP installation CD to get a base image, the program uses the CD and creates an ISO that is burned to another. Booting from it makes things so you don't need the admin pass at all.

    I cracked the public schools network in under 10 minutes with it, and caught the administration password in the process. It's more dangerous than people take it to be.
    Last edited by Deamor3; November 28th, 2007 at 12:28 AM.

  5. #5
    Senior Member
    Join Date
    Oct 2007
    Location
    do a whois search on my ip...
    Posts
    268
    Quote Originally Posted by Deamor3
    The issue with having to find a copy of Windows XP is not an issue either, most people have a copy lying around their computer desk somewhere, i have 3 copies myself.
    Why? that is unusual, anyone else have copies of install disc just laying around their computer? I realize that getting one and making the livecd would not be very hard but that too would be foiled by a bios password; to a certain extent!

    It came to my attention that there are a long list of default passwords for bios to use (sorta like backdoor passwords) I have a list of around 30 passwords for award bios, and around 60 for phoenix bios... If the attacker really wanted to get into your system, they could even just open the case and pull out the bios battery to reset your bios!

    It is a nifty little program, but nothing that hasn't been seen before...

Similar Threads

  1. Are Hotmail And Yahoo! Blocking Gmail Invites?
    By yourdeadin in forum AntiOnline's General Chit Chat
    Replies: 12
    Last Post: September 16th, 2004, 11:55 AM
  2. Ad Blocking w/o Third Party Software
    By Soda_Popinsky in forum Other Tutorials Forum
    Replies: 3
    Last Post: June 19th, 2004, 01:42 AM
  3. Pop-up blocking = thievery?
    By ZeroOne in forum Web Development
    Replies: 7
    Last Post: January 12th, 2003, 03:52 AM
  4. Blocking content with squid
    By Phat_Penguin in forum The Security Tutorials Forum
    Replies: 2
    Last Post: December 14th, 2002, 05:05 AM
  5. Blocking POP UP Ads
    By bombayofpigs in forum AntiOnline's General Chit Chat
    Replies: 7
    Last Post: July 16th, 2002, 03:03 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •