[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ntbugtraq
Subject:    Re: KSSA-003 - Multiple windows file wiping utilities
From:       Frank Heyne <fh () RCS ! URZ ! TU-DRESDEN ! DE>
Date:       2002-01-22 19:51:14
[Download RAW message or body]

On 21 Jan 2002, at 17:46, Stewart Berman wrote:

> Again, the user I was logged in with did not have access to the
> Administrator directory or subdirectories.  So how did LADS enumerate the
> directories and files and open the file.txt file to check for an alternate
> data stream?

May I guess you tried it with an account which was a member of the
admin group, or at least with an account with backup privs?
Someone with these privs is allowed to backup the entire partition, even
without explicit access rights.

The trick is old and simple:
LADS just uses backup functions to access the files ;-)



Frank Heyne

oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Delivery co-sponsored by VeriSign - The Internet Trust Company
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
FREE E-COMMERCE SECURITY INFRASTRUCTURE GUIDE
When building an e-commerce site, you want to start with a strong, secure
foundation. Learn how with VeriSign's FREE White Paper, "Building an
E-Commerce Trust Infrastructure." See how you can authenticate your site to
customers, use 128-Bit SSL encryption to secure your web servers, and accept
secure payments online. Click here:
http://www.verisign.com/cgi-bin/go.cgi?a=n116965650045000
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
[prev in list] [next in list] [prev in thread] [next in thread]