Questions tagged [windows]
Related to security concerns specific to the Microsoft Windows operating system itself. For security of applications that happen to be running on Windows, please use [appsec]. For the X Window System, please use [x11].
2,264 questions
8
votes
2
answers
2k
views
If someone has physical access to my laptop with bitlocker with TPM, can they access the data?
I am talking about two solutions:
A. BitLocker with a strong password. That's my current setup. I feel no one can access my data, even if they steal my laptop. They are blocked at step 1 when they ...
- 181
0
votes
0
answers
67
views
Strategy for analyzing a remote password checker that only works on its original host (CTF challenge)
I’m working on a reverse-engineering challenge from CTF and I’m trying to figure out the most effective analysis strategy rather than a direct solution.
The challenge provides access to a remote ...
0
votes
0
answers
54
views
How to store arbitrary data in TPM? [duplicate]
This is only for understanding the TPM architecture and usage.
Let's assume that I have arbitrary data that needs to be protected by Windows TPM and later use the stored data. Which of these ...
- 101
1
vote
0
answers
83
views
How can I restrict IFEO vulnerability?
I have an application, myapplication.exe. Through IFEO registry I can attach a debugger, which can be a malicious piece of software for a attacker.
Only someone having access to Windows registry can ...
0
votes
0
answers
78
views
Does chocolatey provide cryptographic authentication and integrity validation?
Does the chocolatey package manager cryptographically validate its payload's authentication and integrity for all packages after downloading them and before installing them?
I usually trust my OS ...
- 1,319
0
votes
1
answer
79
views
Does cygwin provide cryptographic authentication and integrity validation?
Does the cygwin package manager cryptographically validate its payload's authentication and integrity for all packages after downloading them and before installing them?
Fortunately, it's possible to ...
- 1,319
0
votes
0
answers
216
views
In Windows 11 why a simple 32-bit console binary run from shell goes without problems while patching just a byte, triggers UAC/new-shell for it?
I came to ask this doubt here, because, it ended being more an operating system's security heuristics/cryptological question than a pure reverse-engineering one.
Question is about UAC and its ...
- 105
1
vote
0
answers
73
views
Tiered AD model: How to grant temporary admin on a workstation without violating Tier-0 hygiene?
My apologies if I ask a basic question,
My Question: So when we design AD environments, we create Tiering models, for example, let's say Tier-0 ( Domain admins ), Tier-1 ( Workstation users )
So now, ...
- 11
0
votes
1
answer
78
views
M2M communication from a trusted app with an untrusted user
This is the scenario I'm facing:
Windows 10 LTS / Windows 11 clients
user with autologon and "unknown" password (the password is autorotated and stored somewhere)
user has limited rights (...
- 111
0
votes
0
answers
51
views
A Biometric Solution to Windows Local Login on Multiple Machines
I have 400ish machines across the US that are serviced by a handful of technicians, that all share a single common local account with Admin access for maintenance work. Obviously that means they all ...
- 101
0
votes
2
answers
659
views
Google Chrome on a Windows computer says web.core.windows.net is a phishing site
A colleague with a Windows computer was visiting a Google Drive page with no links and was redirected to an advertising website (something like lamars.net) and then to a domain http://jsaoiewmsdnfk....
- 123
1
vote
0
answers
362
views
Process injection behaviour: DWM executing CreateRemoteThread in Csrss.exe
To expand on the title, I noticed my system was regularly running CreateRemoteThread commands in random intervals from system bootup (between 0-5) minutes. My OS Version is Windows 11 Pro 24H2. ...
- 61
0
votes
0
answers
28
views
how to make it so a PFX private key can be exported in Windows certmgr [duplicate]
I created a PFX with an X.509 and a private key with OpenSSL. I did not use a password. I then imported the result into Windows and am now trying to export it from Windows but when I do so it's not ...
- 1,840
2
votes
0
answers
761
views
iVentoy installing unsafe Windows Kernel drivers: Why is this happening? [closed]
iVentoy https://github.com/ventoy/PXE/releases
iventoy-1.0.20-linux-free.tar.gz, iventoy-1.0.20-win32-free.zip, iventoy-1.0.20-win64-free.zip
All these distribution files contain "\data\iventoy....
- 139
2
votes
2
answers
2k
views
Extract CRT and KEY from signed PEM file without the openssl tool
Is there any way to extract a private key from a PEM file without the openssl tool on Windows?
Windows MMC won't do the trick as I cannot export to PKCS#12 due to my work laptop security restrictions ...
- 41