Search This Blog

Saturday, April 21, 2007

Hacking source-safe

Peace be upon you

hi people this topic will be very short, it is just a little note for Source-safe administrator,
your safe can be cracked , which means that the source code is not secured anymore, simply it can be hacked because of some human faults, people always do some brute force attack, all I can say for you that password hashing in source-safe isn't good, but you have to make some policies for protecting your code this is by making a good users hierarchy, don't give Administration permission for anyone who deal with code, use misleading names for administration permission, DO NOT EVER USE THE ACCOUNT ADMIN, there is tools that crack source-safe passwords, I think you have to make a lot of fake users, try to find any plug in for source safe that do tracking for the whole event happening on the code, that's all I can say for now, I will try to get some cases that has more help , right now I can't talk a lot about it, because if said more it will be like "how to hack source safe", for now it's ok, I will try to provide some live samples, thanks for time

No comments: