Full Armor.... Fool Proof etc... bugs

From: chameleon (chameleonat_private)
Date: Thu Jun 11 1998 - 19:15:49 PDT

Next message: tqbfat_private: "Re: Vulnerability in 4.4BSD Secure Levels Implementation"

Previous message: Ivan Arce: "CORE-SDI-04: SSH insertion attack"
Next in thread: Alan Ramsbottom: "Re: Full Armor.... Fool Proof etc... bugs"
Reply: Alan Ramsbottom: "Re: Full Armor.... Fool Proof etc... bugs"
Reply: Florian Weimer: "Re: Full Armor.... Fool Proof etc... bugs"
Reply: Joseph Gooch: "Re: Full Armor.... Fool Proof etc... bugs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I have seen a few post about the "Full Armor hacks" and thought I would drop
some info.

There are various programs that make a desktop "secure".  Full Armor and
Fool Proof are two of them. They both suffer from the same problems.

Below is basically how to bypass most "secure" desktop programs:
----------------------------------------------------------------------------
-----------------
Turn on your computer. (Tuff one there)
There will be a two or so second gap between seeing your windows desktop and
seeing the explorer bar across the bottom.
During that two second gap, hit control + alt + delete... this will load
task manager.
You now have taskmanager which will enable you to run whatever you like. You
also are able to do this without any restrictions because you froze windows
from loading explorer and Full Armor... Fool Proof etc...
----------------------------------------------------------------------------
-----------------
The first ladys post about this kinda said something about taskman but from
the people I have talked to... she either had an old version or something
wasnt installed right because it wont let you end task full armor.

This shouldn't be that hard to figure out. If you have problems re-creating
this then e-mail me... I don't think bugtraq readers would wana hear about
it.

In closeing... I havent seen a secure desktop program yet for windows95.
Also the MacOS doesnt seem to have a secure desktop program that "works". At
Ease is one of the most widely used "secure desktop" programs out there.
Most schools and stores etc.. use At Ease... You can easily crash At Ease by
holding down three keys on startup of the system (No not the key to bypass
loading startup programs ;-]) and then once your looking at the At Ease tab
folders... you can basically open a bunch of programs and if you do it right
At Ease will run out of room for itself in memory and dump it self to free
up resources... once its dumped your left looking at the neato mac finder
gui. If you want specifics on this At Ease bug drop me an e-mail.

Anyways thats just some info on all that.

Hackerly Yours,
chameleon
chameleonat_private
Rhino9 Security Team (www.rhino9.org)
InterCore Security

Crack the code:
----------------------
"Vjgtg ku pq itgcvgt vgcigfa vjcp fqkpi pqvjkpi hpt hgct qh fqkpi vqq
nkvvng"

No the above isnt a Microsoft encryption standard. ;-]

Next message: tqbfat_private: "Re: Vulnerability in 4.4BSD Secure Levels Implementation"
Previous message: Ivan Arce: "CORE-SDI-04: SSH insertion attack"
Next in thread: Alan Ramsbottom: "Re: Full Armor.... Fool Proof etc... bugs"
Reply: Alan Ramsbottom: "Re: Full Armor.... Fool Proof etc... bugs"
Reply: Florian Weimer: "Re: Full Armor.... Fool Proof etc... bugs"
Reply: Joseph Gooch: "Re: Full Armor.... Fool Proof etc... bugs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:57:37 PDT