Comments on: Bypassing file system security in Windows with no hooking or patching

By: Ron

Ron — Sun, 21 Feb 2010 15:27:32 +0000

NTFS “security” is a joke anyway. I have just began testing NTFS security on Server 2008 and have found that if you give a non-admin modify rights to a folder, then remove their modify rights. Then have an admin create a file in that folder the non-admin can delete the file even though you can look at the permission levels and they clearly show that user should not be able to.

By: Daryll

Daryll — Wed, 30 Sep 2009 12:14:08 +0000

Would it be okay if I just copy and paste the .sys file into windows system path without executing the .inf file? Let’s say in a Network.

By: Bogdan

Bogdan — Wed, 30 Sep 2009 08:37:17 +0000

Yes, it should work the same way although FAT32 doesn’t implement any kind of file security (as NTFS does).

By: Daryll

Daryll — Wed, 30 Sep 2009 00:29:14 +0000

I see, by the way does this tool work with fat32 file system?

By: Bogdan

Bogdan — Tue, 29 Sep 2009 06:14:27 +0000

Hi Daryll,

The tool doesn’t currently work on 64bit systems as the driver is not signed. You can however disable Driver SIgnature Enforcement by pressing F8 at boot time and it should work.

Moreover, this is only a proof of concept so it is not intended for commercial/production environments.

One of the limitations would be the fact that it facilitates opening any file but not creating files anywhere (e.g: you can not create a file in a read-only folder).

By: Daryll

Daryll — Tue, 29 Sep 2009 00:25:57 +0000

What are the limitation(s) of this tool?

By: Twindows Internals : Cum sa scapi de securitatea din NTFS

Twindows Internals : Cum sa scapi de securitatea din NTFS — Wed, 14 Jan 2009 09:39:16 +0000

[...] detalii tehnice, puteti accesa post-ul in limba engleza ce contine un video si un document PDF:http://www.hobeanu.com/blog/bypassing-file-system-security-in-windows/ Aceasta metoda nu este considerata o gaura de securitate deoarece necesita incarcarea unui driver. [...]