[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] Safe Run As

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: [Full-Disclosure] Safe Run As
From: offtopic <offtopic@xxxxxxx>
Date: Mon, 28 Feb 2005 18:16:17 +0300

Safe Run As - keylogger protection

This tool is created to protect administrative passwords against keyloggers. 
Administrator's passwords are stored in the AES encrypted file on the 
removalable storage (flash-drive, floppy). Then you need to use "run as" 
command you launch saferunas.hta, and provide username and encryption key. 
Passwords are decrypted and cmd.exe is launched with selected user's 
privileges. 
Edit.hta tool can be used to create and modify file with encrypted passwords. 

Attention! 
- This tool doesn't protect against smart malware which can copy password file 
and steal encryption key. 
- You can't choose program to run. Coming soon. 
- In this version password entered is used as AES key directly. This is bad 
idea. PKCS#5 version is coming soon. 
- Attention - when you run GUI application as high privileged user, you are 
vulnerable for Shatter-style attacks (see shatter vbs for example).

http://www.security.nnov.ru/soft/srunas/ 


(c)oded by offtopic@xxxxxxx
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: [Full-Disclosure] [USN-89-1] XML library vulnerabilities
Next by Date: [Full-Disclosure] Possible XSS issue on Windows XPSP2 IE6 via MIME Encapsulation of Aggregate HTML
Previous by thread: [Full-Disclosure] [USN-89-1] XML library vulnerabilities
Next by thread: [Full-Disclosure] Possible XSS issue on Windows XPSP2 IE6 via MIME Encapsulation of Aggregate HTML
Index(es):
- Date
- Thread