|
Posted by Victek on March 28, 2008, 12:09 pm
If you were Registered and logged in, you could reply and use other advanced thread options
>> I saw you once post proof of concept code to prove that any software
>> firewall can be bypassed. Would you please post that again as I want to
>> read it again, thanks.
>
> Hi,
>
> for my part: first I wrote http://www.dingens.org/breakout.c (for IE6)
> and http://www.dingens.org/breakout-mozilla-firefox.c (for Firefox 1.x).
>
> After that, at least Zone Alarm and Comodo tinkered again. Then I wrote
> breakout-wp.cpp - and they lost again.
>
> This topic is somewhat boring now.
>
> Yours,
> VB.
No security is perfect. Why does the fact you can break it imply that it
has no value?
|
|
Posted by Volker Birk on March 28, 2008, 12:21 pm
If you were Registered and logged in, you could reply and use other advanced thread options
>>> I saw you once post proof of concept code to prove that any software
>>> firewall can be bypassed. Would you please post that again as I want to
>>> read it again, thanks.
>> for my part: first I wrote http://www.dingens.org/breakout.c (for IE6)
>> and http://www.dingens.org/breakout-mozilla-firefox.c (for Firefox 1.x).
>> After that, at least Zone Alarm and Comodo tinkered again. Then I wrote
>> breakout-wp.cpp - and they lost again.
>> This topic is somewhat boring now.
> No security is perfect. Why does the fact you can break it imply that it
> has no value?
Because I needed 15 minutes to break the first time, and a meal with
friends on a Saturday evening to fuck up the second time.
And: we had a closer look onto common "Personal Firewall"
implementations, and all what I saw was a terrible, incompetent mess.
Yours,
VB.
--
The file name of an indirect node file is the string "iNode" immediately
followed by the link reference converted to decimal text, with no leading
zeroes. For example, an indirect node file with link reference 123 would
have the name "iNode123". - HFS Plus Volume Format, MacOS X
|
|
Posted by Sebastian G. on March 28, 2008, 1:28 pm
If you were Registered and logged in, you could reply and use other advanced thread options
>>> I saw you once post proof of concept code to prove that any software
>>> firewall can be bypassed. Would you please post that again as I want to
>>> read it again, thanks.
>> Hi,
>>
>> for my part: first I wrote http://www.dingens.org/breakout.c (for IE6)
>> and http://www.dingens.org/breakout-mozilla-firefox.c (for Firefox 1.x).
>>
>> After that, at least Zone Alarm and Comodo tinkered again. Then I wrote
>> breakout-wp.cpp - and they lost again.
>>
>> This topic is somewhat boring now.
>>
>> Yours,
>> VB.
>
> No security is perfect. Why does the fact you can break it imply that it
> has no value?
Security requires reliability. The above shows a reliability of zero.
|
|
Posted by Victek on March 28, 2008, 12:09 pm
If you were Registered and logged in, you could reply and use other advanced thread options >> I saw you once post proof of concept code to prove that any software
>> firewall can be bypassed. Would you please post that again as I want to
>> read it again, thanks.
>
> Hi,
>
> for my part: first I wrote http://www.dingens.org/breakout.c (for IE6)
> and http://www.dingens.org/breakout-mozilla-firefox.c (for Firefox 1.x).
>
> After that, at least Zone Alarm and Comodo tinkered again. Then I wrote
> breakout-wp.cpp - and they lost again.
>
> This topic is somewhat boring now.
>
> Yours,
> VB.
No security is perfect. Why does the fact you can break it imply that it
has no value?
|
|
Posted by Rat River Cemetary on March 28, 2008, 10:19 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> Hi,
>
> for my part: first I wrote http://www.dingens.org/breakout.c (for IE6)
> and http://www.dingens.org/breakout-mozilla-firefox.c (for Firefox 1.x).
>
> After that, at least Zone Alarm and Comodo tinkered again. Then I wrote
> breakout-wp.cpp - and they lost again.
>
> This topic is somewhat boring now.
>
> Yours,
> VB.
Man on the inside says this.
"Neither the batch commands, nor the .c programs are remote exploits of
a firewall. The batch files just seems to copy prefs.js around the
system, it doesn't attain Admin from a limited user nor does it execute
code on remote sysems, so it's not an exploit. Ditto for the .c
programs, they just send messages to other windows, windows is designed
to allow that. That is not demostration of a remote exploit or local
privilege escalation exploit.
Also, in Vista you can't send a high integrity process (admin services
and programs with admin privileges) a message from a lower integrity
processes, like say medium integrity (non-UAC prompting programs)
processes or low integrity processes (sandboxed programs like IE7). And
neither can low integrity processes send message to medium integrity
processes.
Ergo, something like this might work in XP but not in Vista if you run
as the system was designed to run (with UAC on).
What you asked about is Vista, and these are not Vista exploits."
|
| Similar Threads | Posted | | Re: Microsoft Firewall vs ???? | April 1, 2008, 12:36 am |
| Microsoft Windows Firewall | February 28, 2005, 9:34 am |
| How can I make sure I use Zonealarm not Microsoft firewall | October 31, 2005, 5:58 am |
| NIS Norton/Symantec firewall compromised for MicroSoft | May 24, 2006, 12:14 pm |
| microsoft hacked | June 3, 2005, 6:08 pm |
| IPs Owned by Microsoft? | January 11, 2007, 9:55 pm |
| Microsoft Firewall client and Cisco VPN Client | June 23, 2005, 9:45 am |
| Question about microsoft network | October 18, 2005, 1:05 pm |
| Microsoft websites are inaccessible | January 2, 2007, 2:47 pm |
| Symantec CEO rips Microsoft...but not by name | March 16, 2007, 4:32 pm |
|
XML site map