- Jul 12, 2014
- 195
Arakasi's Home Rig
- Thread starter Arakasi
- Start date
- Jul 12, 2014
- 195
For those that are hunting for that one reason to switch to encryption.
Try Deslock, it was the most simplest encryption i ever had the pleasure of setting up for FDE (Full disk encryption).
It can be standalone, or can be installed on an enterprise server and deployed to hundreds of workstations.
I also sell it officially now and it is a product that ESET picked for themselves. So you know its good stuff.
Try Deslock, it was the most simplest encryption i ever had the pleasure of setting up for FDE (Full disk encryption).
It can be standalone, or can be installed on an enterprise server and deployed to hundreds of workstations.
I also sell it officially now and it is a product that ESET picked for themselves. So you know its good stuff.
Last edited:
- Aug 3, 2013
- 1,879
- Jul 12, 2014
- 195
- Jul 12, 2014
- 195
While we're on topic of UAC.
3 or 4 years ago there was a zero day that compromised UAC.
It exploited the windows kernel and allowed elevation of privilege by way of impersonation(programming tactic to impersonate the caller application at the service so that the service can access system resources on behalf of the caller).
Microsoft patched the vulnerability, but don't think it can't be attacked from a different vector, or from history we have found that patching isn't always fool proof. Usually patching is rather lazy and there is always room for re-opening what they have done.
Just sayin, if malware wanted to get through. It would
. This is where the common sense needs to take over and you can't just have faith UAC is always going to do its job.
I am sure everyone here has heard this already time again. Be Smart. Good habits etc.
3 or 4 years ago there was a zero day that compromised UAC.
It exploited the windows kernel and allowed elevation of privilege by way of impersonation(programming tactic to impersonate the caller application at the service so that the service can access system resources on behalf of the caller).
Microsoft patched the vulnerability, but don't think it can't be attacked from a different vector, or from history we have found that patching isn't always fool proof. Usually patching is rather lazy and there is always room for re-opening what they have done.
-Blackhat Quote
Just sayin, if malware wanted to get through. It would
. This is where the common sense needs to take over and you can't just have faith UAC is always going to do its job.I am sure everyone here has heard this already time again. Be Smart. Good habits etc.
While we're on topic of UAC.
3 or 4 years ago there was a zero day that compromised UAC.
It exploited the windows kernel and allowed elevation of privilege by way of impersonation(programming tactic to impersonate the caller application at the service so that the service can access system resources on behalf of the caller).
Microsoft patched the vulnerability, but don't think it can't be attacked from a different vector, or from history we have found that patching isn't always fool proof. Usually patching is rather lazy and there is always room for re-opening what they have done.
-Blackhat Quote
Just sayin, if malware wanted to get through. It would
you still have some "tools" but most UAC bypassing are via user interaction in a way or another.
- Jul 12, 2014
- 195
This is true, its fairly easy to program and find windows threads or similar and send commands to the active window.
Check this out : http://www.autoitscript.com/site/autoit/
Check this out : http://www.autoitscript.com/site/autoit/
- Jul 12, 2014
- 195
I met some of them metasploit guys last year at BH.
I have used some of their stuff in Kali Distro while providing work for clients.
In fact rapid7 spams my mailbox every week haha
I have used some of their stuff in Kali Distro while providing work for clients.
In fact rapid7 spams my mailbox every week haha
- Oct 23, 2012
- 12,527
Similar threads
