Home page logo

pen-test logo Penetration Testing mailing list archives

Windows Internationalization?
From: Jon Kibler <Jon.Kibler () aset com>
Date: Wed, 18 Nov 2009 16:00:35 -0500

Hash: SHA1


I have been approached about doing a pen test job that would involve a target
organization whose native character set is not ASCII. So, I have a few questions
and would appreciate some pointers to help me decide if I really want this

Questions that immediately come to mind are:
1) On a Windows system that uses a non-ASCII character set (Chinese, Arabic,
Russian, etc.), how does that effect Windows?
   -- Are registry key names still ASCII? Key values still ASCII?
   -- Are Windows directories still ASCII?
   -- Are Windows file names still ASCII? English language file names?
   -- Are there any differences in how internationalization works between
Windows versions, such as W2K3 and XP/Vista?
   -- Are standard user names such as "administrator" and "guest" still ASCII,
or have they been internationalized, too?
   -- Are file extensions (.exe .bat .ini, etc.) still ASCII or have they been
   -- Are INI file contents ASCII or internationalized?
   -- Any changes to the SAM file? (Will pwdump still work against it?)
I guess the bottom line is, what gets changed and what is left in ASCII on an
internationalized Windows box?

2) Are there any tools that have been customized for use with non-ASCII
character sets, such as non-ASCII nikto databases?

3) What are the issues that I should be aware of when pen testing an
internationalized target? I would be working with a native speaker of the
language who is a sys admin, but not a security expert. (Unfortunately, I would
not get to speak to them until after I agree to the assignment!)

Most of the stuff I find when googling the subject gives links to old pages that
really do not give much specific information.

Thoughts, comments, suggestions?

Thanks in advance for any/all help!

- --
Jon R. Kibler
Chief Technical Officer
Advanced Systems Engineering Technology, Inc.
Charleston, SC  USA
o: 843-849-8214
c: 843-813-2924
s: 843-564-4224
s: JonRKibler
e: Jon.Kibler () aset com
e: Jon.R.Kibler () gmail com

My PGP Fingerprint is:
BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253

Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/


Filtered by: TRUSTEM.COM's Email Filtering Service
No Spam. No Viruses. Just Good Clean Email.

This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]