Teach you clever with a text editor find system vulnerabilities-vulnerability warning-the black bar safety net

2008-06-04T00:00:00
ID MYHACK58:62200819249
Type myhack58
Reporter 佚名
Modified 2008-06-04T00:00:00

Description

Although Kaspersky, rising and other security software can help us to find the vulnerabilities, but today the editor to introduce a method to find loopholes in the new method: use a hexadecimal editor to find the vulnerability.

A hex Editor can be used to check and repair various files, recover deleted files, hard disk damage caused by data loss and the like. It has been a computer professional favorite tool. In fact, if it is used in a proper environment, a hex Editor can be found in the Windows and some application vulnerabilities, these vulnerabilities may not yet have caught your attention, but absolutely can not be ignored. In the virus, Trojans, etc. running amok today, we should be fully this tool. In fact, the author believes that it is the most neglected Safety inspections, testing tools.

Overall, you can by Winhex like the hex editor to perform the following operations, in order to figure out the Windows environment a security vulnerability.

1, the check is still preserved in the Windows, browsers, and other applications in the password

Passwords and other confidential information stored in memory can cause the risk is self-evident, this method can show us the login account and other private information is just how fragile, which in those public access on a computer is even more so.

If that's not enough to prove the vulnerability exists, you also can search the computer's entire memory, and further to find Windows Application passwords or other sensitive information. The author has repeatedly in the application after closing, it can still be found by the Web browser stored in the memory of the sensitive information. By Winhex and other hex editing program in all of the memory in search of this type of sensitive information is quite simple, fast and easy.

2, in the Local System File(如 pagefile.sys 和 hiberfil.sys)or the entire physical disk, to search for sensitive information

Author each time you use this feature is to always have something to harvest. This is for checking your computer data on the hard disk data is really a great help.

3, find the in-memory malware or disk of sensitive data

These locations for us It is difficult to search the place.

4, find confidential documents

For example, the lookup may reveal some sensitive information of doc(word document)files, so these files absolutely can not leave our network. This includes the document author, draft, wording, comments, or you should delete the third-party information, etc. For example, in word there is such a privacy option“Save from file attributes to delete personal information(R).” The

We publish and transmit some confidential doc file should hook selected this property, and therefore the use of Winhexr of this feature helps us to find forget to select the function of those files.

Hex Editor a lot of species. In addition to Winhex, Hex Workshop and XVI32 and other tools. These powerful hex editing tool can modify the memory or stored on disk of any data. However, a powerful tool there may be a double-edged sword: the result is likely to be beneficial, it could also be destructive. Therefore when used it should be extra careful.