lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <829b2de40701012344r1a41e46dx3adcb507049ab79b@mail.gmail.com>
Date: Tue, 2 Jan 2007 01:44:42 -0600
From: "Jason Miller" <jammer128@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Vista Reduced Function mode triggered

lol i want to see this happen in a .edu unit where you can only access the
internet by going through a limited HTTP proxy that does not allow the
connect function, think it would give humourous results. unless it 'phones
home' by visiting a page and printing said info, which in that case it would
probably be simple enough to modify the server it goes to and make it think
its going to microsoft, in that event you could easily get cd keys if thats
how it verifies its a real vista copy.

On 1/1/07, Geo. <geoincidents@....net> wrote:
>
>
> > It just can't be that simple. There has to be more to what happened to
> > the guy. Lots of computers are offline for several days at a time, it's
> > inconceivable that they didn't test that.
>
> Ok, as complete as I can be in the few minutes I have to post this.
>
> During those three days I did a lot of poking around, stopping and
> starting
> services, switching from wired to wireless and back, trying to view high
> def
> video (which I still am not able to do in any video player except WMP for
> some reason) installing codecs and software, running into the event ID
> 4226
> tcp security connect limit, etc.
>
> However I never got any notification of deactivation or any problem of
> that
> sort. Then on the third day suddenly solitaire would not start up and I
> couldn't get into network properties. I did a bunch of rebooting and
> trouble
> shooting trying to figure that out but got nowhere.
>
> So I went back to trying to get high def video to work in Media player
> classic and figured perhaps it was trying to download a codec so I removed
> the routes. It didn't help the video but I quickly found network
> properties
> started working. So then I tried solitaire and it worked. This was all
> directly after removing the routes, there wasn't but a few minutes between
> letting it talk to the net and these apps starting to work again.
>
> I decided this was probably reduced functionality in action but since I
> had
> never seen it before I needed some way to trigger it so I could compare
> since it would take 3 days to reproduce with route blocking. I disabled
> the
> software licensing service since it claims disabling that service will
> kick
> off reduced functionality mode. Nothing happened immediately but 24 hours
> later solitaire and network properties (and now control panel) would not
> start up. It was exactly the same apps and behavior. I enabled and started
> the software licensing service and in seconds things returned to fully
> functional just like removing the routes did.
>
> So it's possible the routes didn't trigger it, but removing them sure
> cured
> it quickly so that is my guess at this point. Further testing is needed. I
> won't be testing it for a couple days as I need the laptop connected to
> other networks to try some other software I need to test. (that tcp limit
> may prove a problem for network monitoring)
>
> Geo.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ