| From: | Alfredo B Alves <dghost@****.COM> |
|---|---|
| Subject: | Hacking Security Tallies (Was Re: Weird Campaigns) |
| Date: | Thu, 21 May 1998 09:46:13 -0500 |
>At 10:36 21/05/98 +0100, you wrote:
>[Hacking Security Tallies]
>>The way to go about this would, I guess, be to do a Locate File to find
>>the file (or memory address) containing the security tallies, and then
an
>>Edit File operation to change them.
>Memory address, almost certainly. Harder for the average person to mess
>with and less likely to be a victim of a
randomly-deleting-stuff-dork-hacker.
>
>I don't have VR2 right here, but Locate Memory Address would probably be
>much the same as Locate File.
Hmmmm.... VR2 doesn't have a listing for Locate Memory Address, but I
don't think it'd be like Locate File ... Dunno, I'm still *working on* my
computer savyness, but if SR computers are like modern computers , they
don't have a FAT table like the File system does ... IIRC, the closest
thing is if a chunk of memory is needed for a proggie, the proggie needs
to tell the OS that and so in the OS section there's a map that says this
chunk is allocated for this proggie. This map would even have an entry
for the OS, but it wouldn't actually tell you what the little bits mean
... I would say to remove the security Tallies you would need to:
1) Get a memory dump (shouldn't be too hard)
2) Find the OS section
3) Locate/decrypt the Security Tallies section
4) Find the Security Tallies in Active Memory
5) Alter the Security Tallies in Active Memory
How much time would all this take? Quite a bit, I think, but once you do
it the subsequent attempts should be easy ... unless the OS shifts in
memory (not a good idea, IMO).
>>However, I think there'd be some protection built into the system, for
>>example that only supervisor-level users can alter security tallies.
Any
>>thoughts?
>I think it would be nice to have longer days and require less sleep.
Oh!
>Thoughts about this stuff! Well, it makes sense -- if the computer does
>something, it has to be poking bytes somewhere, and a skilled "user"
should
>be able to manipulate those bytes.. and yes, modifying something like
that
>would obviously be superuser only -- that's the point of superusers, to
fix
>shit when users break it, right? :)
>
>Back to the time thing, I really need some time to work on JIaFU.. :/
>
>-Adam
<SNIP Sig>
Query: Win 95 gives GPFs (General Protection Faults) when a proggie tries
to access memory outside of the general block it was assigned (It can
jump out of the memory assigned to it a little sometimes ... but
sometimes it'll GPF [Blue Screen of Death!]) ... Does this happen to
Deckers or is this what Masking is for?
D.Ghost
(aka Pixel, Tantrum)
_____________________________________________________________________
You don't need to buy Internet access to use free Internet e-mail.
Get completely free e-mail from Juno at http://www.juno.com
Or call Juno at (800) 654-JUNO [654-5866]
