Didier Stevens

Wednesday 8 November 2006


Filed under: Hacking — Didier Stevens @ 13:35

I’m at TechEd Barcelona this week.

We have locked-down Vista machines at our disposal (The Com Network) to access the Internet. Last year, I installed Firefox in My Documents on my roaming profile. Software Restriction Policies are defined on the domain we logon, so you cannot install software. But installing Firefox in My Documents is still possible.

Yesterday I noticed that Firefox was still available in My Documents, so I started using it right away. But not this morning, the admins must have tuned the policies, because firefox was not allowed to run.

You can specify the software you want to restrict with a name (path) or a hash. I guessed, correctly, that they used a name, so now I’m browsing with FireOx.


Blog at WordPress.com.