| Prog Name | Type | Description View Screen Shots |
| RawBrows | .exe | A fairly fully-featured replacement for Explorer - should be able to reveal drive letters that you intend to be hidden. Also it will allow you to try and explore the network and map drives. Your password controls should keep things protected, but in this respect the program demonstrates the importance of password controls - i.e. dont rely just on hiding things. You can also explore the effectiveness of file system controls - you could well find that your windows directories are not hidden, but your security software should prevent system files from being edited. |
| RawCpl | .exe | Uses high level API calls to try to execute control panel functions. Not as strong an attack as could be made with lower level calls, but reveals whether security is achieving more than just hiding the control panel button. Some functions are likely to be still available - noteably Add New Program, enables you to consider the vulnerability of having these available. |
| VirusTx | Word 97 | A harmless little trojan horse (gee-gee?) which imports the industry standard "Eicar" test virus. The virus is encrypted in a Word 97 macro. Your anti-virus wont spot it until the macro has been executed - and at that stage you are dependent on the effectiveness of the control on the local PC. The demonstration here is that macros can be a vehicle for bringing in dangerous stuff. |
Your local security may prevent these programs running from floppy disk - you could put them on an unlinked web page and see if they can be run from there.
A Whiteley
Jan 2003