Nice Exploitable Flaw in Windows Registry

Melbosa · August 26, 2005, 10:30:55 AM

Thought this was a nice hack find. Seems registry keys with values over 254 chars are missed/ignored by a majority of our registry safegaurding products and our registry editing tools. Even Regedit makes the list, which is why I thought this was a nice hack hehe.

Source: http://isc.sans.org/diary.php

Shayne · August 26, 2005, 10:34:10 AM

That would explain a lot.

Lazybones · August 26, 2005, 10:35:40 AM

Ick, if it wasn't bad enough that apps can create folders with hidden characters that make them hard to delete, and install them selves as drivers in the system so that they can not be unloaded or deleted quickly and easily. :evil:

Darren Dirt · August 26, 2005, 01:55:44 PM

Quote from: "Lazybones"Ick, if it wasn't bad enough that apps can create folders with hidden characters that make them hard to delete, and install them selves as drivers in the system so that they can not be unloaded or deleted quickly and easily. :evil:

If by "apps" you mean "the secretive work of hackers who identify your FTP server as being less than secure", then I say from experience, "word up, bro".

Lazybones · August 26, 2005, 04:34:44 PM

Quote from: "Darren Dirt"
Quote from: "Lazybones"Ick, if it wasn't bad enough that apps can create folders with hidden characters that make them hard to delete, and install them selves as drivers in the system so that they can not be unloaded or deleted quickly and easily. :evil:

If by "apps" you mean "the secretive work of hackers who identify your FTP server as being less than secure", then I say from experience, "word up, bro".

Yes, and some spyware/adware use the same trick to make them more of a pain to remove.

Nice Exploitable Flaw in Windows Registry

Melbosa

Shayne

Lazybones

Darren Dirt

Lazybones