GPEdit ByPass

Hey Hey,

i have Question , may some expert answer this ? this Article is right or false, but with explanation ?!


You can bypass GPEdit very easy.

You must search in taskmgr for Current User programs, like:
ypager.exe or iexplorer.exe

You must rename your file to ypager.exe or iexplorer.exe, after do this, your program run very easy.

If you write a trojan and you want execute binded file or other things, you must use from WinExec command, This command can execute all programs without any locks.
Some cafenets and other places by change gpedit settings can lock exe in windows, and you can't run your execute files.

When you want lock a exe file by gpedit, you need only process name without any path and address. (this is gpedit bug)

You can change your new files to ypager.exe,iexplorer.exe and other files in tasklist (current user).

When your file name changed to ypager.exe or other names, your file can be run.

but guys, i need Security Explanation, thanks
Who is Participating?
Keith AlabasterConnect With a Mentor Enterprise ArchitectCommented:
Its an interesting point and yes, if the administrator of your system has allowed you read/write access to these areas (where the executables reside) it is obviously possible.

It is no different, in part, to the fact that even with a locked down system, a user can install a 16-bit application on to his PC as it will likely use an .ini file as a control rather than make alterations to your registry.

The bottom line is that group policies do not work in isolation; you have to use them as part of your security strategy. Your example is a perfect case in point. there is no use in locking down users to using iexplorer.exe in the group policy if you have not locked down permissions on the executable itself at the same time.

Although it is a little simplistic, I run a check at logon for a number of executables that just checks date time stamps. if they are wrong, the app is copied down from the source location on my servers and overwrites the incorrect file. Dirty but effective.

At my work, we use the security permissions so that the user cannot get write access to the apps and dll's nor can they update the computer-element of the registry. This process negates the article you have highlighted.

tourajamAuthor Commented:
there is no person to answer this question ? ???????????
tourajamAuthor Commented:
Keith AlabasterEnterprise ArchitectCommented:
thanks :)
tourajamAuthor Commented:
if someone have any idea !
can send here :

hope adiministrator of expert exchange not remove this link.

This article also writed by Mehrdad admin of
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.