petrus Posted November 2, 2014 Share Posted November 2, 2014 (edited) Hi, i don't know if anyone is aware of the dnsapi.dll thing, where certain MS domains are white-listed.So even if you block them in the "hosts" file, the dnsapi overrides it and microsoft.com keeps working.2K didn't have that yet, and in the XP and Win 7 dnsapi dlls you can hex it out.As in replace in the dll the values for microsoft.com and others with zeros.That in combination with this hosts file would then really block all ms domains! But on Win 8, i no longer see those domains in the dnsapi.dll, but they are still exempt!Maybe the domains are now hexadecimal instead of plain text, i don't know... any ideas? Edit/addendum: It turns out it is still there, even on 10TP, but in unicode, i can't believe unicode derailed me, doh!And a big thanks to the folks over at mydigitallife for figuring this out. Edited November 3, 2014 by petrus Link to comment Share on other sites More sharing options...
aphelion Posted December 1, 2014 Share Posted December 1, 2014 (edited) clownoutbreak.com, really? hmm.. Edit: And gotyoursoul.com? Edited December 1, 2014 by aphelion Link to comment Share on other sites More sharing options...
bphlpt Posted December 1, 2014 Share Posted December 1, 2014 Both those names sound like a variation of MS to me, at least in spirit. Cheers and Regards Link to comment Share on other sites More sharing options...
NoelC Posted December 8, 2014 Share Posted December 8, 2014 What, you don't trust Microsoft with your most intimate secrets? Time was it was a bad thing to code "back doors" into a system. Today of course it's all in the "interest of keeping you safe". Mother Microsoft knows best. Out of curiosity, exactly what server names / domains do you find dnsapi.dll "whitelisting"? t turns out it is still there, even on 10TP, but in unicode, i can't believe unicode derailed me, doh! By the way, you may already know this, but for reference: 1. The excellent free search tool grepWin by Steven Kung will find Unicode strings in binary files, with the right combo of options. http://stefanstools.sourceforge.net/grepWin.html 2. The tool strings.exe by Mark Russinovich is good for finding strings in files. http://technet.microsoft.com/en-us/sysinternals/bb897439.aspx -Noel Link to comment Share on other sites More sharing options...
jaclaz Posted December 8, 2014 Share Posted December 8, 2014 And, only to add to the list, a lesser known tool by McAfee called Bintext:http://www.mcafee.com/us/downloads/free-tools/bintext.aspxis very convenient/easy to use. jaclaz 1 Link to comment Share on other sites More sharing options...
NoelC Posted December 8, 2014 Share Posted December 8, 2014 Thanks, jaclaz. That's a handy addition to the stable of tools. -Noel Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now