Announcement

Collapse
No announcement yet.

Win32: From Guest to Local system in 5 steps

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Win32: From Guest to Local system in 5 steps

    Read here: http://security.tombom.co.uk/shatter.html
    Tags: None
  • #2
    And it works great too.

    At my bank I just browsed through the assets, found a chunk of old low-yield bonds no one will miss, ordered sale and made it payable to my account.


    Comment

    • #3
      Dogbert,

      Actually, while that article makes it look very simple, the hard step is the one he leaves out - paging through memory with a debugger, trying to find the signature of a program with system privileges... never an easy task, if it's possible at all on the system you want to hack.

      - Gurm
      The Internet - where men are men, women are men, and teenage girls are FBI agents!

      I'm the least you could do
      If only life were as easy as you
      I'm the least you could do, oh yeah
      If only life were as easy as you
      I would still get screwed

      Comment

      • #4
        Ususally it's used for hacking from within.
        Meaning - using your private workstation to hack further into your workplace's network.

        Comment

        • #5
          Yes, but it's still hard to find a local_system process with a debugger. Trust me.

          - Gurm
          The Internet - where men are men, women are men, and teenage girls are FBI agents!

          I'm the least you could do
          If only life were as easy as you
          I'm the least you could do, oh yeah
          If only life were as easy as you
          I would still get screwed

          Comment

          • #6
            I agree with Gurm....
            He only makes it look easy...
            If there's artificial intelligence, there's bound to be some artificial stupidity.

            Jeremy Clarkson "806 brake horsepower..and that on that limp wrist faerie liquid the Americans call petrol, if you run it on the more explosive jungle juice we have in Europe you'd be getting 850 brake horsepower..."

            Comment

            • #7
              Sometimes you CAN'T even find it, if it's swapped out.

              I mean, if that local_system process isn't getting CPU time, odds are it's in virtual memory and can't be gotten to at all with a debugger.

              That article presumes a lot. Microsoft is pretty much in the right to declare this a non-issue. You have worse problems than this if someone has persistent physical access to your network (like that nifty Dreamcast disc that turns it into a network hijack box!).

              - Gurm
              The Internet - where men are men, women are men, and teenage girls are FBI agents!

              I'm the least you could do
              If only life were as easy as you
              I'm the least you could do, oh yeah
              If only life were as easy as you
              I would still get screwed

              Comment

              Previous template Next
              Working...
              X