nt-part2_47
Analysis of the Security of Windows NT
1 March 1999
47
6.1.3 Maintenance programs
The purpose of maintenance programs is twofold: to alter system functionality, or to
attend bugs and shortcomings. Among the former we find programs for recovering a
computer after system failure or when it fails to boot, possibly due to a faulty configu-
ration. An example of such a utility is NTRecover.
NTLocksmith is a program that circumvents the NT security system to allow replace-
ment of an administrative password in case it was lost. Other examples are netinstall
for UNIX and Ghost for NT, which are tools that can be used to install a new operating
system on a client machine over the network.
6.2 The Source Code Problem
Many of the public domain programs have, what we might call, open source code
which is a nice way of learning how they work and how to construct these types of
tools. One of the problem here is that some of these tools rely on undocumented fea-
tures or loopholes in the operating system. All of these types of programs will teach an
attacker how to construct software to exploit the hidden functionality and loopholes
without knowing much about the operating system or, in some cases, programming.
Another problem is that some, seemingly harmless, utilities could be quite dangerous
after modification. An example of the latter is Ctrl2Cap. With Ctrl2cap for NT it is
possible to convert the control key to the shift key, which can be useful for people that
migrated from UNIX to NT and are used to a different location of the control key.
Using this principle it is possible to catch and manipulate any key on the keyboard,
which makes it possible to sniff passwords when they are entered.