I just confirmed that NT SIDS has been broken but the group that broke it
(private corporation / security specialist - actually corporate hackers) do
not
want this known to the general public (at least not yet!).
The demo I was given on how to change NT System Registry entries is
actually
very technical yet effective. For those of you who requested the URL of
my web
page, I'm waiting to get legals recommendation.
Kelly
> yes this is a really big problem, yet the denial from m$ also states
> that it is not and has not
> been broken, i too am collecting and have collected information, mostly
> from the source or the problem.
>
> as with the netmon expolit, m$ is using a standard md4 one-way hash to
> secure the sids, this is not even close to
> the level or their so called cryptoapi kit.
>
> more info at
>
> http://odin.blkbox.com
>
>
>
> >Kelly Gibbs wrote:
> >
> > Anyone familiar with NT SIDS? Apparently it has been cracked and the
> > implication of doing so spells another "service-pack" from Microsoft.
> > Also,
> > I was given a demonstration on how to change the system registery.
It's
> > actually fairly easy and bypasses all the protection Microsoft setup.
I'll
> > be posting my findings on my web page soon. I'm still in the info
> > collection process and continuing to pursue this.
> >
> > Kelly
>
> --
>
============================================================================
===
> renegade @
blkbox .
com | great spirits have often faced violent
> opposition |
> | from mediocre minds. a.e |
>
============================================================================
===
|
|
