Are there known methods to bypass foolproof

[Terr]

Computer technician? I hope you aren't trying to pass yourself off as a teacher/fully-employed system administrator, because I find it hard to believe. Whatever the case...

The bottom line, DO NOT USE FOOLPROOF. I know from first hand experience that it is possible to grab the foolproof password from the computer's memory WHILE THE PROGRAM IS RUNNING. In other words, no matter WHAT you change the password to, a student who knows how can bypass the system. I know this because I was able to do it at my old school.

Excuse me if I don't outline the exact procedure here, I can't be sure if you aren't some student just looking for a way to bypass foolproof. But I would suggesting checking out DeepFreeze as an alternative. I highly recommend it (again, with personal experience as a student trying to get past it.)

You can check out more items in the Antionline Product Reviews forum.

[Valor]

Yeah...Foolproof is anything but. There's so many different methods of bypassing it, it's less secure than Bill Clinton's pants.

If you've got a boot disk with edit.com on it, you're in. Hell, if you've got a boot disk, you're in.

You can get it from safe mode, deleting the directory, and whee. Now you say that you have evidence that he didn't get into safe mode, yet, no logs are available for any information on said intrusion. Hmm...

Is the Help button, under Start, enabled?

Run MS Word, and open up a shell session using the macro Shell Environ$("COMMAND").

Can you open up a process viewing application?

You can rename any executable you want to .SCR, and Foolproof won't do anything about screensavers. The executable will then run.

Got an antivirus program? The user can right click the icon running, and go to the logs option, which will allow you to specify a new target folder - while in this mode, you can press F2 to rename anything, like the Foolproof folder.

What sort of network access do you have?

Sigh, if this kid was this much of a dumbass to make the machine unbootable, just press charges on him. And get DeepFreeze.

[linux_student]

Arminnius,
The rest of the gentlemen are correct; Its child's play to get into a Win9x system, with the lack of ability to restrict user permissions. NT is substantially more difficult, but can be done provided that you have boot access (there is a linux floppy image available specifically for resetting NT passwords). Rule #1: BOOT ACCESS IS ROOT ACCESS!
LS

[Arminnius]

Thank you very much

I was not there at the time however they did not format and then reinstall everything the recopied the contents from a saved image on the server which they seem to like doing rather often as you get a fresh computer in 20 minutes. I am simply a student and am unpaid simply working as a "computer technician" for expierence as the teacher relized i was not suited for the normal course. We will be changing to deepfreeze this summer i thank you for all this info i will confirm it is possible use it thanks alot sorry for any false impressions i portrayed.

[StressCrash]

Being a student i think that i can offer a unique perspective on this situation. We have FoolProof installed on our computers in school, needless to say its garbage. I had the pass in under a week. Then they reinstalled it and it took me longer, but i got it. Here are the methods i employed:

1) Keylogger

2) Memory Viewer (foolproof stores the password in PLAINTEXT in the applications TSR space while running, all you have to do is run FP and search its memory for the string FOOLPRO the password will follow that string)

3) Win32Dasm and HEIW (when all else fails, changes 1 number in the origional assembly code of the program and it became my bitch NOTE: this does not get you the pass, simply gets you access)


As far as bypassing it goes, that is much easier, you can disable it at startup, or you can cut and paste the folder SSS and it will not work on next startup.

Bottom line, its not a bad security program... but it will only work as good as its configured, our school had weak configuration on it, so i was able to beat it. But afterwords some other kids were trying to get it for malicious purposes and i took it upon myself to lock it down, and they never got it... and never will...

[psychosquee]

My school has Fool Proof as well, and of course it is easier than hell the either bypass it or get rid of it completely. We have Compaqs, so holding down a key while it is first booting will caus it to display an error and ask you if you want to boot in safe mode. Choose yes, move a .vxd file from the FP95 folder to the desktop, reboot, and have fun! http://www.holyzoo.com/media/Weeee.html

[ZeroOne]

Many programs/admins also forget to block executing *.reg -files. With those you can write anything to registry.

[burn_the_book]

Alright, if you want a list of bypass methods, go to jayb.net or blacksun.box.sk, they both have articles on the topic. i am a student, and at my middle school they used foolproof. listen: you will never secure a windows computer with foolproof or any other program. actually, you never will, period. there are hundreds of ways of messing up a windws box, so don't try with fp. now, if you want to have good security, i roccommend what my current (high) school does. have one server with all of the apps on it (i think they use novell as the client) and have all of the computers completely disabled from windows and just access those progs. even this is not secure, as i have bypassed it, but you need to know how to program, and know a lot about windows' internals. usually if someone is good enough to not just download something and make a boot disk, they'll be more concerned with the challenge than trashing your boxes. so, anyway, don't use a security prog, as it will just want them to hack more, and supervision is the key, don't assume there is some miracle program/method.

btw, linux is a good idea, and so is auto-format after shutdown and then auto-restore, i don't know how this is done, but i have heard of some colleges doing it. also, recruit a student hacker to help you.

[roswell1329]

Win95, 98, Me, have no security builtin at all. It's VERY hard (I'd personnaly say impossible) to keep users from messing with the system.

ammo -- That may not be entirely true, althought it's definitely true of the default install. If you use a smart combination of Windows 95/98 MS policies/profiles along with utilizing the BIOS password, you can lock a terminal down to nothing but a blank desktop with a disabled Start Menu (this would be completely impractical, but you can see the potential of policies and profiles). You can disable the Start Menu, My Computer icon, everything, and without access to the boot process (using the BIOS password), you can also block the use of a boot disk to bypass the Windows startup. This extreme scenario would require monitoring each boot process for each terminal and would require physical locks on the hardware casing to prevent the BIOS from being reset, but for good security this may be necessary.

The biggest problem I've had with policies/profiles is that there isn't a whole lot of documentation on the most effective use of these tools and how to implement them wisely.

[ammo]

That's why I was saying so. The effort would have to be so greate and chances of forgetting any stupid little detail ... And besides, how usefull is a blank desktop with disabled start menu?
Security basis are often stated on these 3 points:
Confidentiality, Integrity and Availability ( easy acronym to remember
Perfect "security" in terms of confidentiality and integrity would be to pull the plug on the box.
But you have availability to consider... (availability also means invulnerability to DOS attacks)

Ammo

"The perfect firewall is a pair of cisors... and perhaps a pair of rubber gloves to cut that power cord "