lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 3 Oct 2006 09:45:14 -0700
From: "Pink Hat" <pinkhat.h4x0r@...il.com>
To: "Tonnerre Lombard" <tonnerre.lombard@...roup.ch>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Removing the NIC cable = EoP?

Wrong.

It is about getting local admin rights in this case as the so called attack
scenario requires it.

List -- this is so easy to disprove yet we have all kinds of so called
security professonals and in this case a (wow, I am almost pissing myself)
BSD Kernel hacker, stating that they feel its a possible attack.

Go grab VMWare and various windows versions from your favorite warez site
and spend the time to actually try things and understand how the technology
works before you comment.

The bottom line is that what was posted on that site about "hacking high
school computers" is false.


On 10/3/06, Tonnerre Lombard <tonnerre.lombard@...roup.ch> wrote:
>
> Salut,
>
> On Tue, 2006-10-03 at 14:33 +0530, crazy frog crazy frog wrote:
> > I doubt it will work on any windows OS. If a user is logged in as a
> > user who dont have admin rights then unplugging network cable does not
> > give him admin.
>
> AFAICT this is not about gaining admin rights (which one would if the
> machine is a non-NT based Windows) but rather about gaining the right to
> surf whatever website one wants. This can indeed be achieved by not
> loading the group policies. (If I'm not mistaken here. I'm a BSD kernel
> hacker, not a Windows supporter...)
>
>                                Tonnerre
> --
> SyGroup GmbH
> Tonnerre Lombard
>
> Loesungen mit System
> Tel:+41 61 333 80 33    Roeschenzerstrasse 9
> Fax:+41 61 383 14 67    4153 Reinach BL
> Web:www.sygroup.ch      tonnerre.lombard@...roup.ch
>
>
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ