Security Raiders: the breakthrough Group Policy operating limitations of the method-vulnerability warning-the black bar safety net

ID MYHACK58:6220069127
Type myhack58
Reporter 佚名
Modified 2006-05-17T00:00:00


Idle with nothing on and ran to the sister company to go to the Internet, just to their executives in a meeting, you're welcome to sit to her seat on the movies. Would have been quiet the movie is not in trouble, just look for a moment, the old sister come and harass me.

“Brother, Ah, there are colleagues and old use a computer to watch a movie to beat the game, there is no way to get them on my computer only with Word?

Can! Click the“Start”menu, click“Run”, enter“gpedit. msc”, OK. Open the Group Policy in“User Configuration”, select“Manage modules”in the“system”in the right window find the“run only allowed Windows applications”and double-click to open. The“not configured”to“Enabled”, and click the allowed applications list next to“display...”button. Click“Add”, enter“Winword.exe”and OK. Close the Group Policy back to desktop. Test effect! Double-click on the desktop player, a pop-up warning!

The effect is good, the elder sister contented to leave. See the film have to grab points tight, double-click on the table of the player icon, may look at the pop-up warning! Oh, forgot to cancel the restrictions, click the“Start”menu, click“Run”, enter“gpedit. msc”, OK. When the warning again bounce when I'm no longer laughing--not the right, put their retreat to the blocked?

Remember like in Safe mode is that you can lift the restrictions, but haven't tried nothing to grasp, but now only the first to give it a try. Is preparing to restart the computer cut into the Safe Mode, think of one thing.

“Sister, you head to the computer there is no boot password?”

“Of course with a good long?! Don't look at me, I don't know the password.”

Although I have N kinds of to clear a BIOS password method, but I know it is not a method for me(MM:also no good Ah, to accompany me out shopping! This have what difficult? Internet download a BIOS password viewer! I whispered to say:IE can not be used how to use the Internet, with the Word? With the Word why can't the Internet., MM in the side of this! It turns out MM's words is always right, with the Word indeed may be the Internet, just at the time I didn't know!)

I reluctantly withdraw eyes, finished! It's a competent machine, not in his out of will before you restore it, it would be more troublesome. After cannot to free Internet does not say that the impact to the old sister work can not be too wonderful. My first computer, or older sister sponsored it, learn the point of fur will give sister trouble. not too good!

Use cold water to wash face, the back to the front of the computer to sit down. The static under heart, always feel there is little hope! Quietly put just to the computer plus limits the process of thinking a few times, feeling a bit wrong but dunno. Decided to put the process and then go again, and ran to the sister machine on a step by step walk.

Haha, finally found the problem! Not? This is Microsoft's so-called restrictions? Too pediatric? (get carried away! Completely forgotten just frustration) is.

According to Microsoft's statement, if you enable this setting, users can run only you added“to allow the running applications list”in the program, and we are in the list of applications to join the program simply input The can run the program file name. Understand? That is can only run named“specify file name”of the program, rather than a specified program. Get this machine to say, the Word can be run? Of course you can! The other program? Of course you can't. 那 把 其它 程序 的 文件 名 改为 Winword.exe that can run? Of course...... Of course you can run! Plainly, any named Winword. exe program can be run! So what's a good limit, it is bluffing.

Competent soon after will, without further ADO. Cut to the C:\WINDOWS\system32 under 将 mmc.exe 文件 名 更改 为 Winword.exe, Double-open.“ File->open”C:\WINDOWS\system32 下 gpedit.msc in the“User Configuration”, select“Manage modules”in the“system”in the right window find the“run only allowed Windows applications”and double-click to open. The“Enabled”changed to“not configured”, OK, you're done!

Summary a bit, because Windows has failed to run the program for rigorous review, resulting in a program by a simple rename can be directly run. If you also encounter such a limit, and now know how to break through?