| Asunto: | Re: [aulainf] Sobre el DeepFreezer | | Fecha: | Domingo, 9 de Junio, 2002 09:34:48 (+0200) | | Autor: | Pepe Meneu <pepem @...........com>
|
| En respuesta a: | Mensaje 5670 (escrito por jpuig114) |
Hola jpuig114,
Con fecha Domingo, 09 de Junio de 2002, 16:58:44, escribió:
jpuig114> He descobert una cosa sobre el DeepFreezer. Si arrancas amb
jpuig114> disquet, escrius C:\>date 10/06/2003, després arranques el
jpuig114> windows, instal·las el deepFreezer, per primera vegada en
jpuig114> aquell ordinador, tornes a arrancar amb disquet i poses
jpuig114> C:\date 10/06/2002, doncs llavors enganyes el programa i et
jpuig114> caduca d'aqui 14 mesos.
jpuig114> Obviament, en lloc de 10/06/2003 podeu posar qualsevol data.
El meu anglés natiu de Vila-real no m'aplega per a comprendre si açò
seria una solució provisional
--------
Do you want to learn about how to hack the Windows security program
Deep Freeze? Well, I'm not gonna lie to you. There isn't one YET that
I know of, but there is a Yahoo group with some good information to
get you started on this Mt. Everest of hacks! It is located at
http://groups.yahoo.com/group/deepfreeze
True: you can delete DeepFreeze with a boot disk, but that's not an
honest hack. And most admins now know to password the CMOS and to
disable the a: in the bootup sequence.
Be sure to check out all the different sections: Bookmarks, Database,
Photos, etc.
The main program file for the Windows 9X version of Deep Freeze is a
dynamic Virtual Device Driver (VxD) located in the
c:\windows\system\iosubsys directory named PERSIFRZ.VXD. And, of
course, it runs in Ring0.
The password file for the Windows 9X version of Deep Freeze is located
in the c:\progra~1\hypert~1\deepfr~1\ and is called PERSIS0.SYS. It IS
true that deleting persis0.sys from a boot floppy in pure DOS will
disable Deep Freeze, but that is because they don't want Deep Freeze
to load if there is no password! (make sense?). The REAL Deep Freeze
action/protection is in the .vxd. Read about VxD's and you'll
understand why Deep Freeze is so hard to hack.
It remains to be seen whether it is possible to write a program which
can dynamically unload the Deep Freeze .vxd "on-the-fly". Or, whether
it is possible to delete the PERSIS0.SYS password file "on-the-fly"
and replace it with another one containing a known password. The file
is "in use" and seems strongly resistant to manipulation. Probably
because it is locked by the .vxd in Ring0. There is an API called
VxDCall which can access Ring0 from Ring3, and it is also possible
that another VxD could be written to unload PERSIFRZ.VXD. If anyone is
up to the challenge and figures this out, PLEASE post to
http://groups.yahoo.com/group/deepfreeze
Meanwhile Deep Freeze remains the ultimate and "Complete Windows
Protection" program, bar none. It has the respect of every hacker out
there. But then again, is there really such a thing as "hack-proof"?
We all know Deep Freeze can be deleted with a boot disk. But we want
to develop a true hack for it. Will you contribute to the effort??
-------------
--
Saludos,Salutacions
Pepe
pepem@maestroteca.com
--------------
http://www.maestroteca.com
--------------------------
¿Buscas una página educativa? En Maestroteca hay cientos.¿Está la tuya?
-------------------------------
_______________________________________________________________________
Visita nuestro patrocinador:
~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~
¡¡NO TE PIERDAS ESTA OFERTA!!
¡¡ TE DAMOS 20 EUROS DE GASOLINA GRATIS !!
POR CADA PRODUCTO QUE COMPRES ...
Discmans, equipos de música, cargadores de móviles,
Manos libres para móviles, equipos Home Cinema, etc.
Con la garantía de calidad de ELTA.
Haz clic aqui -> http://elistas.net/ml/64/
~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~
|
Re: Sobre el DeepF
Responder a este mensaje