Default Permissions For The Hkey_local_machine Registry Hive Must Be Maintained
The routes.pl plugin is, at the time of this writing, 5 years old, originally written in August 2010. Interestingly, the routes.pl plugin was featured in recipe 10.8 of the Malware Analyst’s Cookbook, which was published in 2011. Running sbag64.exe against a test hive file (USRCLASS.DAT hive from a Windows 7 system), I noticed that several …
Default Permissions For The Hkey_local_machine Registry Hive Must Be Maintained Read More »