|
For days I have been searching for a security hole for policy editor
on the Internet. It wasn't the program or tutorials on poledit that
was of interest to me, but a way to circumnavigate policy editor
and to have complete access to the windows system. I was able to
locate this particular method wherein rebooting to a dos prompt
and deleting the registry files: user.dat and system.dat
would erase previous editing of the registry and allow free access
on the next login. This method, although efficient for getting through,
left no way to cover the fact that you had pushed aside the policy
and entered into full access mode. When these two files are removed,
any policies that had been set are also done away with, meaning,
the next time the admin checks the machine, and realizes that security
has been compromised, he will then take measures to try something
new. While the net was of no help this time, I was able to find
a better "fix".
If you boot a machine that contains policy editor as a means of
security, you will be asked for the windows login name and password.
And, of course, if you guess wrong or just click cancel, you will
receive an error stating that all is not accessible to you as the
default user. You may not even be able to see any icons on the desktop.
The Fix:
Task Scheduler is a big part of the windows 9x OS. It is used to
schedule programs to run at certain times of the hour/day/week/and
so on. For instance, many like to schedule for defrag to run on
every Tuesday night. Here's the idea; Poledit can be set too run
as well.
If after boot, and canceling out of the login, you scan down to
the bottom right of your screen you'll notice the icon for scheduled
tasks.
In Windows 95 the scheduler is not always there. If you are using
95, you can right click on the taskbar, select toolbars, and click
desktop. This gives you the icon for "My Computer". By
opening this icon you will have another way to get to "Scheduled
Tasks".
1.) Double Click "Scheduled Tasks" and click next.
2.) Scroll down until you see "System Policy Editor"
4.) Select "System Policy Editor" and click next.
5.) Select any of the following list, and click next.
6.) Click Finish
Back at the selection of scheduled tasks, you'll see the "System
Policy Editor". Right click this task and click run. Policy
Editor will open and allow you to change any policies that have
been set. If you take note, you can reapply them when you have finished
on the machine. This leaves the owner/admin unaware of the break.
You may be required to relogon, but in most cases just refreshing
the screen will set the new policies.
|