Posted 03 May 2007 - 06:31 PM
I can get the system to boot from Linux live cd's (Knoppix, Knoppix STD, Ubuntu 6.10, BackTrack2.0, etc) and windows' live cd's (BartPE) but mounting the NTFS volume always comes back with a unknown volume error...even when manually mounting it with the linux commands and the ntfs-rw package in ubuntu.
I've learned from the documentation I've managed to squander that PointSec's software is put into the bootloader and the entire operating system is encrypted end-to-end, this would explain my inability to see the volume from other distro's...so I was thinking about clearing the MBR. Has anyone else encountered/had experience with this software? I don't want to end up requesting to have the software reloaded because of a security control that locks the OS out completely if the MBR is cleared?
What I would really like is a full *.pdf manual if anyone has it? PM me or post it here if you got it...
Posted 04 May 2007 - 08:24 PM
As much as I hate saying that, it's true. PointSuck uses asymmetric encryption for encrypting the entire drive/partition. Those live CDs will get you no where unless you have the creds to auth to the disk. PointSuck did have a security implementation flaw because after a user auth'd, then using a disk editor like WinHex the analyist can find the username and password to ALL the users. I heard it was fixed.
To gain access, you will need one of their support tools for DR and a valid account. If you try to attack the encryption algorithm, I hope you have a lot of time on your hands.
Edited by fD3M@n, 06 May 2007 - 11:07 AM.
Posted 25 July 2007 - 02:13 PM
but I know a few tricks.....
I cannot disclose.......
Posted 30 July 2007 - 07:23 PM
If you can get into it, then you can do other stuff like alternative boot media, but you're already in at that point anyway. If the PPBA is enabled, then you can get it by beating the windows passwords. Normally once they are booted any exploit that would get you in will let you in.
BinRev is hosted by the great people at Lunarpages!