Deep Freeze use a unique method of disk protection to preserve the exact original standard system configuration on over five million Windows and Macintosh computers worldwide!

According to the Faronics(Developers of Deep Freeze): "Deep Freeze instantly protects and preserves baseline computer configurations. No matter what changes a user makes to a workstation, simply restart to eradicate all changes and reset the computer to its original state - right down to the last byte."

However, the following is a step by step instruction on how to bypass the Deep Freeze security.

Note: Tested on

• OS - Windows 2000 and XP edition
  
• Deep Freeze - 4.20.020.0598, 4.20.120.0598, 4.20.121.0613, 5.20.220.1125 and 5.30.120.1181

Tools Required

>> Ollydbg (http://www.ollydbg.de/)
to patch the program and run it.
>> OllyScript (Attached or go to  -> http://www.theadmins.info/files/OllyScript.zip)
to run scripts on Ollydgb
>> ASPack 2.12 OEP finder script by hacnho/VCT2k4 (Attached or go to  -> http://www.theadmins.info/files/ASPackOEPfinderScript.txt )
to find the OEP
>> Process Explorer for 2K/XP (http://www.sysinternals.com/)
to see the login program command line

Summary

What we are going to do is to load a new instance of Deep Freeze login program and we'll change it in such a way that it will accept any password as a valid one.

Let the Play Begin

The first thing to do is to find some data that we are going to use later to load our login program instance. For this, load the Process Explorer. Once it is loaded, we can see a list of all the processes our system is running, among them is the login program called FrzState.exe or FrzState2k.exe. You may expand the tree if required to find this program. Right click over the program's name and select "Properties". A new window will be opened with the process properties.



Under the Image tab, note the property named "Command Line". Note down the value of "Command Line" including the three numbers at the end of the property for future use in this tutorial.



Run Ollydbg.



 On the 'File' menu select 'Open' and look for the login program file (remember that Process Explorer told you where it was). In the 'Arguments' box write the three numbers you've written down. Click 'Open'. If a warning message box shows up press 'OK'. If a message box is encountered with the content "Do you want to continue the code analysis?" - press 'No'.



We have successfully loaded the program. However the problem we face here is that it is protected with Aspack 2.12 due to which we cannot see the real code. To solve this, we are going to use OllyScript and the ASPack 2.12 OEP finder script. Go to the "Plugins' menu, and then to the "OllyScript" submenu and select "Run Script".



Look for the script and open it. The script will find the OEP (original entry point). If any window shows up dismiss it.




Right click over the code and a context menu will appear, select 'Go to' and then 'Expression' (or use the shortcut Ctrl+G).



In the text box enter the following value according to the Deep Freeze version you have installed and press OK.

VERSION/VALUE
4.20.020.0598 / 40368D
4.20.120.0598 / 40368D
4.20.121.0613 /   4034F5
5.20.220.1125 / 4037E9
5.30.120.1181 / 4037E9



The program will jump to the line of code.

This is the line from where the password verification procedure is called. Let's set a breakpoint here. To do that right click over the line and in the context menu select 'Breakpoint' and then 'Toggle' (or press F2).



We are almost done! Now let's run this new Deep Freeze login program instance. To do that press F9. If everything went right now you should see two Deep Freeze icons on the system tray next to the clock. If Deep Freeze was configured to hide it , instead of two icons you'll see an empty icon.




Now activate the login program by double clicking over the icon while you keep the shift key pressed. If there are two icons, is important that you click over the new icon and not over the old one. The login window will appear asking for the password. Write anything in the password box and press ENTER. The breakpoing we set earlier in Ollydbg will activate and the login program will freeze.
 




On Ollydbg press F8 to step over the function call. On the registers window (to the right of the code) you'll see that EAX register has the value 00000000. That means the password is incorrect, let's change that. Double click over the value of EAX to open the modification window. In the 'Hexadecimal' text box write 1 and press OK.





Now press F9 to continue. If everything went right the Deep Freeze configuration dialog will show up.

Confronting the Surveillance Society

View Browser Configuration:

List available options. Type the URL: about:config

This will allow you to modify the advanced configuration options found in the various Mozilla configuration files. Right click on the value to alter and a dialog box will appear to allow changes.

 

The preferences are stored in the file /home/user-id/.mozilla/firefox/..../prefs.js.

 

---

Mozilla / Firefox Environment Variables:

Environment Variable	Description
MOZILLA_FIVE_HOME	Home directory path for browser
MOZILLA_PLUGIN_PATH	Directory path for browser plug-ins. (Often $MOZILLA_FIVE_HOME/plugins)

 

---

Proxy Configuration:

 

Proxy configuration: Many corporate networks rely on SOCKS proxy servers for access to the internet. Typically a Proxy Auto Configuration (PAC) script is issued to be registered with the browser. These scripts are usually targeted to Microsoft Explorer of Netscape Navigator (4.x) specifically. Try the proxy script: "Edit" + "Preferences" and select "Advanced (+)" and "Proxies" + "Automatic proxy configuration URL", enter the script location and select the "Reload" button. If it works, great your ready to surf. If your corporation uses a proxy directly, enter it under "Manual proxy configuration". If using a script and it does not work, use the command "wget http://proxy-url.domain.com/proxy-script.pac" to download the proxy script. Examine the file proxy-script.pac. Burried in the logic of the script is usually the explicit listing of a proxy server which can be entered under the Mozilla manual configuration. If you are at a corporation using a firewall and have direct access, I'm jealous and you have no need for proxy configuration.

 

---

Firefox Extensions:

Firefox extensions are supplemental programs which are installed within Firefox from the Mozilla web site. Extensions are available for Blogging, Web Developer Tools, Dictionaries, Download Tools, Editing and Forms, Image Browsing, Kiosk Browsing Languages, Message Reading, Navigation, News Reading, Privacy and Security, Search Tools, Website Integration, XUL Applications, ...

To add an extension:

1. Allow the extensions website to install software: Select "Edit" + "Preferences" (or "Tools" + "Options" on newer systems)

    

   Check "Allow web site to install software" then press the corresponding "Allowed Sites" button.	Enter the "allowed" site.

2. Select and install an extension: Select "Tools" + "Extensions" + "Get more extensions".
   This brings up a web page from which you may choose the extension which suits your needs.

FBI Wants To Build Huge Biometric Database

from the you-have-no-privacy dept

We just found out that the White House has chosen not to staff the official "Privacy Board" that is supposed to make sure gov't surveillance doesn't infringe on American citizens' privacy. That came right after National Intelligence Director, Mike McConnell, announced that he's hoping to get the rights to monitor all internet traffic. Since news tends to come in threes (well, so says the urban legend) now comes the news that the FBI is looking to put together a huge biometric database containing info on fingerprints, palm prints, iris recognition mug shots and scars of anyone they can gather this info on. This seems like a typical reaction from a gov't agency, and with the announcement comes all the typical political doubletalk about how this is for safety, claiming that the database is "important to protect the borders to keep the terrorists out, protect our citizens, our neighbors, our children so they can have good jobs, and have a safe country to live in."

However, as has been made clear countless times, these types of databases always get abused. Much more importantly, as Tim pointed out recently, violating peoples' privacy doesn't provide more security. In fact, it often does the opposite. It makes it easier for important data to get lost in the pile, and it also means that that data is now that much less secure. The database itself suddenly becomes a huge target. So, in an effort to make the country "more secure," an effort like this can actually do the opposite.

Props to Allen V for finding these