|
For days I have been searching for a security hole for
policy editor on the Internet. It wasn't the program or
tutorials on poledit that was of interest to me, but a way
to circumnavigate policy editor and to have complete access
to the windows system. I was able to locate this particular
method wherein rebooting to a dos prompt and deleting the
registry files: user.dat and system.dat
would erase previous editing of the registry and allow free
access on the next login. This method, although efficient
for getting through, left no way to cover the fact that you
had pushed aside the policy and entered into full access
mode. When these two files are removed, any policies that
had been set are also done away with, meaning, the next time
the admin checks the machine, and realizes that security has
been compromised, he will then take measures to try
something new. While the net was of no help this time, I was
able to find a better "fix".
If you boot a machine that contains policy editor as a
means of security, you will be asked for the windows login
name and password.
And, of course, if you guess wrong or just click cancel,
you will receive an error stating that all is not accessible
to you as the default user. You may not even be able to see
any icons on the desktop.
The Fix:
Task Scheduler is a big part of the windows 9x OS. It is
used to schedule programs to run at certain times of the
hour/day/week/and so on. For instance, many like to schedule
for defrag to run on every Tuesday night. Here's the idea;
Poledit can be set too run as well.
If after boot, and canceling out of the login, you scan
down to the bottom right of your screen you'll notice the
icon for scheduled tasks.
In Windows 95 the scheduler is not always there. If you are
using 95, you can right click on the taskbar, select
toolbars, and click desktop. This gives you the icon for "My
Computer". By opening this icon you will have another way to
get to "Scheduled Tasks".
1.) Double Click "Scheduled Tasks" and click next.
2.) Scroll down until you see "System Policy Editor"
4.) Select "System Policy Editor" and click next.
5.) Select any of the following list, and click next.
6.) Click Finish
Back at the selection of scheduled tasks, you'll see the
"System Policy Editor". Right click this task and click run.
Policy Editor will open and allow you to change any policies
that have been set. If you take note, you can reapply them
when you have finished on the machine. This leaves the
owner/admin unaware of the break.
You may be required to relogon, but in most cases just
refreshing the screen will set the new policies.
Credits
For any Questions/Comments email: jknave@ev1.net |