lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20130629205132.GH4143@prism.coolhandluke.org>
Date: Sat, 29 Jun 2013 20:51:32 +0000
From: Cool Hand Luke <coolhandluke@...lhandluke.org>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Abusing Windows 7 Recovery Process

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 06/29, Grandma Eubanks wrote:
> However, I think this is still interesting. It's been a while since I've
> played with Windows boxes and won't have access to one for a couple days,
> but isn't this triggering off of vendor supplied recovery partitions? This
> is a regular Windows 7 sole partition box you tried this one?

from a first look, i don't think a vendor-supplied recovery partition is
necessary. it appears that it would also be possible if the "system
restore" setting was enabled (but don't quote me on that).

i'm not sure how likely that is in your average large, corporate
environment. the ones i've seen have system restore disabled and opt to
reimage systems instead when issues occur. i'm sure there are some
environments where this could be useful, however.

- -chl

- --
cool hand luke


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQF8BAEBCgBmBQJRz0jUXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ5RUE3NjY3OTY3NTE0RjAyMDgyRTNBQzAy
QkE2NTVENTVDODgzNUVCAAoJECumVdVciDXraG4H/0rOTqDYy5wzmI5/Rs8n/1Ts
Z3/xwsUuSCQzFNmA6VuPD5hRNtygPVoq3nhcm4ADZzWHPwOy32RTbtriUgK4mAF/
S2yuGsGk1rszxPdW4/DZ+APInTCMxTwtViL5NGa9AsVRKAxQ87i9XyxTUeB4V0H5
XlUMCCzmX1yNupdyIEkE4zYc4RiNTaPeamXlnds+gaW+/hmMVz9d1tC6vYBmtaAz
urXy55TnEUoAwUlAGxgtwKappfKenggqFFEc2OY0s2HTRpd1WbVEiCW7VV3BR33z
JOpwwF3IfRbOvcrZai5BztyIRmSw1r5olymXr2l3PYLXNZVmLJXmQei1CzZJ58I=
=+kX6
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ