English
Regulars table & Café

@CB => REG

 
Hello Christian...

there You well derjenige are, the itself so best auskennt, here something for your Forscherdrang (Perhaps interessierts you Yes) =>
[...] 
Blaues area =>
..._USERS (white eachone, think I.)
GroupMembership (best Thanks!)
Security...Accounts... (Mamamia ! caution! Zugriffsrechte!!!)

not on companies PC! Runs on NT naturally not!!!

best Regards and many Thanks
 
06/29/05  
 




CB
@AH: make I gladly with next opportunity! See PM!

Sincerely,
Christian
 
XProfan 8/9.1, Win XP, AMD 64/3200
06/30/05  
 



Hello Christian...

best Thanks for your PM, there the Perhaps yet others interested, make I it time public.

testing should You nothing, I have me only virtual, that you as Registrymeister Perhaps some things interested could. You can the too with Regedit understand, with PA is the but Perhaps yet something plainer.
I have your Tipp with GroupMembership then correctly. class found!
as small Thanks on you have I PA so rebuilt, that SIDs now directly in Accountnamen transformed go can. you see now means very, where in the Registry SIDs stored are, The Accounts or groups verkörpern.
under XP might it whom commands AT give. this commands allows you, one Program as service to execute.

If you PA or Regedit over AT as service in the system-Account ausführst, have you got without any Zugriffsrechte To Change Zugriffsrechte on The Registry, How tappt im dunkeln otherwise only the system has.
You canst then directly in versteckte Key the Registry look - u.a. into Key Security.
here there whom Unterschlüssel Accounts - if You there whom SID of Administratoren anklickst (this is the Gruppenname the Administratoren), there there whom Key Privlgs (or so similar).
The first number, The You there see, is de Number of Privilegien, The one Admin own (Doubleword), followed of 4 Nullbytes.

each privilege is on the computer as LUID abgespeichert.
One LUID is So one 8 byte great area, the local on one computer one bestimmtes privilege identify. One LUID for a privilege can very simply by the API LookupPrivilegeValue determined go.
rate time, what in this Registryschlüssel behind the Number of Privilegen standing - each too separated through 4 Nullbytes...

Greeting

Andreas
 
06/30/05  
 



alas Yes...

as i me The API LsaAddAccountRights hither respected have, have I me already virtual where very there things hingeschrieben go - there's only a place in the system, where by me The Festplatte so awful rattert .

I had but at least so calculated, that Microsoft so plenty worth on one Herzstück the windows safety places, that these Entries there codiert are!
this is - in the contrary - not the case.

The data there are for each, the itself grabbed verschaffen can, simply einseh- and änderbar. so simply einsehbar, as would one purposely with a ruddy blinkendem sign-post directly on these place show (erschreckend).
If no NTFS-Partition on the Systemlaufwerk vorliegt, there differently Tricks, with them itself without further one own Programmaus from each Account out as service started can.
even if over The Policies then defined Zugriffe blocked his should, can each Kleinkind then these uncodierten Key read and Change => Privilien until Abwinken for each Guest-Account and user having suddenly More rights as eachone Admin .

self with NTFS will each smallest Sicherheitsloch, in the it possible is Own Applications in the system-Account to start, as barn door for each Eindringling erweisen. Why codiert Microsoft these Key not? The SAM is indeed codiert - Accountname as UNICODE is readable, Password thereafter is verschlüsselt...
 
06/30/05  
 



and Why write You do not simply time one small Program the one Guest z.B. these (any) rights einräumt?

and How behave it itself if one Guest not even programs started must?

salvo.
 
06/30/05  
 



I Have 2 Beispielcodes, How one his Program in the windows-Firewall freischaltet. the can in the Grunde eachone Script-Kiddy. One is it over COM, can z.B. too in VB-Skript make, or simply through Registrierungseinträge, The can with almost eachone Language create. means Sicherheitslücken becomes it of course always give, but sometimes can itself only on whom head grasp, How slight the still everything is.
 
06/30/05  
 



Well then time since with the Codes.
 
06/30/05  
 



Hello IF...

an Possibility, on a service To come, would the rename of/ one own Files in whom Login Screensaver z.B. on CMD. the functions naturally but not under NTFS Partitionen (habs from the internet => not yet tested, will be but something write).
with Policies (only defined programs to permit) know I fine from, are really in the rule for hardly something some Hinderungsgrund - therefore work You in the moment too with of/ one NT-Version, and not windows95/98/ME Clones.
my Posting relating itself neither hereon, How simply its windows To cracken, separate that I it for extreme leichtsinnig stops, Privilegien - really almost the most important each windows Netzwerksystems - uncodiert in a Registryschlüssel To write.

me comes The thing so to, as would Microsoft quasi on The front-door Windows write here in the first Geschoß lying behind of/ one copy one Bildes with Sonnenblumen of Van Goch in a Safe cache a millions Euro. the House is thereby unbewacht, any Haustüren are open and only the Safe is with a fat Vorhängeschloß not zugänglich.

is no NTFS Partition present, sees the for me in the moment even so from, as would the Key for the castle yet somewhere moreover lying.

@Thomas - very this is it. an Firewall might in the system Account or in a Account with steepened Privilegien walk. Gelingt it by a irgendeinen ploy control a such service To get, is the thing in the case.
Each small Sicherheitslücke, alike whether in the service or in the Betriebssystem self, could used to be freely Access to these Key to obtain.
and there standing even yet plenty, plenty More in this Schlüsseln - uncodiert and then integrally without Problems auslesbar.
I must confess, in the moment be I it, the itself on whom head almost.
there standing in a Registryschlüssel here stand The Accounts and here stand The Privilegien. Dahinter is then The Number of Privilegien and each, the time something with Privs zusammengeschrieben has, quasi in Klarschrift each single privilege.
If I there instead of with Regedit with PA browse, see I even ex windows2000 immediate, for whom Account each String-SIDs stand. ought to one such a thing not plenty, much better absichern?

PS: On the Codes would so did i interested. time look, what it there yet for Tricks gives.
 
06/30/05  
 



Guck it you simply first on: [...] 

whom second, short code could I you to Profan umsetzen. with the be I me but not so sure, obs hinhaut. The first code working, but the installing COM on, than this successor of Ole. or I mach you a Exe, which in your Firewall enters. Kanns but not testing, there by me a right Firewall in the background runs
 
06/30/05  
 



Hello Thomas...

best Thanks for Link, I will me soon standing. Übersetzen must You nothing - if I self übersetze, relieved me that the understand one Quelltextes. and I not understand can, of it let I rather The fingers.
 
07/01/05  
 



<offtopic>

time biserl offtopic - The ham Yes only 1720 Members (means The .com) - the dismay me - I had virtual the are at least ten time so many!

salvo.

</offtopic>
 
07/01/05  
 



Hello Thomas...

I habs me already respected. who as Admin Internet surfing, could itself there gamnz angry what einhandeln. The Firewall might then not any more come along, if the so announced virus its data to outside mail. surfing one with a Benutzerkonto exists in the rule only Lesezugriff on HKEY_LOCAL_MACHINE and the Trojaner can itself usually there not present.
what I meant, reicht but yet moreover.
there's since the so-called Chatter-Attack, The a service with designed Sicherheitsmängel moreover bring, code in the Account the Services to execute.
If you you of me beschriebenen Key once hither ansiehst, become You check, that the system Account there Vollzuriff has.
D.h. with Access to whom system Account must one not yet once The LSA API LsaAddAccountRights bemühen (no idea whether this Account hereon - means the Policy lever - at all grabbed has), separate can integrally simply its Privilegien without Umwege into Registry write. the would In any drop weg.
Desweiteren would it evtl. even possible, whom Registry Hive the XP for automatic Systemwiederherstellung abgespeichert becomes directly anzugreifen and To Change.
and How said, not only Privilegien stand there, separate yet integrally others things should there stand - of course in Unicode, otherwise but uncodiert. Since I over no networking verfüge and Windows2000 not at me on the internet depends (ächst anyhow integrally beautiful with 133MHz and 40MB RAM), can I unfortunately some things not to check on and say moreover first time nothing moreover.
 
07/01/05  
 




Answer


Topictitle, max. 100 characters.
 

Systemprofile:

no Systemprofil laid out. [anlegen]

XProfan:

 Posting  Font  Smilies  ▼ 

Please register circa a Posting To verfassen.
 

Topic-Options

14.888 Views

Untitledvor 0 min.
Hans Hermann08/10/13

Themeninformationen



Admins  |  AGB  |  Applications  |  Authors  |  Chat  |  Privacy Policy  |  Download  |  Entrance  |  Help  |  Merchantportal  |  Imprint  |  Mart  |  Interfaces  |  SDK  |  Services  |  Games  |  Search  |  Support

One proposition all XProfan, The there's!


My XProfan
Private Messages
Own Storage Forum
Topics-Remember-List
Own Posts
Own Topics
Clipboard
Log off
 Deutsch English Français Español Italia
Translations

Privacy Policy


we use Cookies only as Session-Cookies because of the technical necessity and with us there no Cookies of Drittanbietern.

If you here on our Website click or navigate, stimmst You ours registration of Information in our Cookies on XProfan.Net To.

further Information To our Cookies and moreover, How You The control above keep, find You in ours nachfolgenden Datenschutzerklärung.


all rightDatenschutzerklärung
i want none Cookie