SecurityFocus

Help with Exploit Feb 02 2007 07:25PM
Vic Brown (vabrown mailer fsu edu) (3 replies)

RE: Help with Exploit Feb 05 2007 04:30AM
Murda Mcloud (murdamcloud bigpond com)

RE: Help with Exploit Feb 04 2007 10:52PM
Murda Mcloud (murdamcloud bigpond com) (1 replies)

Re: Help with Exploit Apr 17 2007 10:11AM
Nicolas RUFF (nicolas ruff gmail com) (1 replies)

Re: Help with Exploit Apr 17 2007 01:39PM
Harlan Carvey (keydet89 yahoo com) (2 replies)

Re: Help with Exploit Apr 17 2007 09:47PM
Nicolas RUFF (nicolas ruff gmail com)

>> I know I am coming late on this one, but registry
>> keys that contain NULL
>> characters cannot be accessed through REGEDIT. You
>> have to rely on the
>> low-level NTDLL API to access them. It is known
>> "copy protection" trick :)
> What?

This is an answer to Vic's original email:
-----
Key name contains embedded nulls (*),8/13/2001 12:06,0
bytes,HKLM\SECURITY\Policy\Secrets\SAC*
Key name contains embedded nulls (*),8/13/2001 12:06,0
bytes,HKLM\SECURITY\Policy\Secrets\SAI*
Key name contains embedded nulls (*),3/24/2005 11:56,0
-----

My point was: you cannot access registry keys that embbed NULL bytes
using REGEDIT. You have to use a tool that relies on Windows native API.

Regards,
- Nicolas RUFF

[ reply ]

RE: Help with Exploit Apr 17 2007 03:29PM
James D. Stallard (james leafgrove com) (2 replies)

RE: Help with Exploit Apr 17 2007 10:46PM
Murda Mcloud (murdamcloud bigpond com)

RE: Help with Exploit Apr 17 2007 05:31PM
Miha Pihler (Miha Pihler snt si)

Re: Help with Exploit Feb 02 2007 09:18PM
Josh Miller (joshua itsecureadmin com)