| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 15 Oct 2004 14:11:05 -0400 From: "Polazzo Justin" <Justin.Polazzo@...ilities.gatech.edu> To: <americanidiot@...hmail.com>, <bugtraq@...urityfocus.com> Subject: RE: Writing Trojans that bypass Windows XP Service Pack 2 Firewall I am sorry, I thought (from a previous email in this or another list, I am getting forgetful in my old age) that editing these two registry entries would allow an app to, well if not bypass, at least be allowed thru the firewall. Application Exceptions: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters \FirewallPolicy\StandardProfile\AuthorizedApplications\List Port Exceptions: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters \FirewallPolicy\StandardProfile\GloballyOpenPorts\List Is there something I am missing (again)? Is this another example of "If you click on the .exe, you are exposed" type of exploit? Are you demo'ing the fact that you can attach yourself to a system process and not be detected by XPSP2? How did you get the code on the SP2 system? Email an .exe? I thought the best part of XPSP2 was prevention of code from running on your system. This includes password guesses, bunches of malware, NMAP scans, and compiled programs. To further demonstrate my point, I wrote this exploit that will disable the WinXP firewall as well, simply extract this text into a .bat file and double-click on it: net stop "Windows Firewall/Internet Connection Sharing (ICS)" -JP MCSEnator CCaNT CISSPell OPSTinate
Powered by blists - more mailing lists