| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20051001192322.4ECEA6BC@lists.grok.org.uk> Date: Sat Oct 1 20:23:28 2005 From: mail at hackingspirits.com (Debasis Mohanty) Subject: Re: Bypassing Personal Firewall (Zone AlarmPro)Using DDE-IPC FW, Just to clarify: >> If I understand things correctly, in the attack Thierry describes, you don't send window messages >> to windows of the Zone Alarm process (which might be protected indeed), but to the Internet Explorer windows. Well, I was refering to sending windows messages from any programs to any other program (not necessarily ZA Processes) -> The latest version of ZA prevents against windows messaging inbetween two different programs / processes and pop-up for user's permission to allow access. So it will be a vague attemt to even try sending anytype of msgs to ZA via windows messaging. - D -----Original Message----- From: Florian Weimer [mailto:fw@...eb.enyo.de] Sent: Sunday, October 02, 2005 12:11 AM To: Debasis Mohanty Cc: 'Thierry Zoller'; full-disclosure@...ts.grok.org.uk Subject: Re: [Full-disclosure] Re: Bypassing Personal Firewall (Zone AlarmPro)Using DDE-IPC * Debasis Mohanty: > I tested this earlier, SendMessage() / SetDlgItem() / SetWindowText() > doesn't work for the current version of ZA Products (ZA Pro / Internet > Sec Suit). > > This helps preventing the most wellknown windows local attack - > Shatter Attack. If I understand things correctly, in the attack Thierry describes, you don't send window messages to windows of the Zone Alarm process (which might be protected indeed), but to the Internet Explorer windows.
Powered by blists - more mailing lists