PaulDotCom mailing list archives
Files containing credential stores sorted by operating system.
From: dimitrios at gmail.com (Dimitrios Kapsalis)
Date: Tue, 26 Jan 2010 12:53:24 -0600
Google hacking can help too. On Tue, Jan 26, 2010 at 11:23 AM, PJ McGarvey <pj_mcgarvey at hotmail.com>wrote:
The one for finding WPA keys is pretty neat, cracking WPA has never been easier. Also try searching for files with 'pwd', 'pass', 'logins', etc. in the filename, you'd be amazed how many people store work and personal credentials in unsecured text files, easily found on their computers. I've literally tripped right over them doing forensics. -PJ ------------------------------ Date: Tue, 26 Jan 2010 11:14:54 -0500 From: irongeek at irongeek.com To: pauldotcom at mail.pauldotcom.com Subject: Re: [Pauldotcom] Files containing credential stores sorted by operating system. While this is not quite an answer to your question, I think it may help you find out. Nir (http://www.nirsoft.net/) has a bunch of tools to extract local passwords. Grab some of his tools, run them with procmon, and see what files and reg keys they try to grab. Then you have a few place to look. Adrian On Tue, Jan 26, 2010 at 2:23 AM, Jim Halfpenny <jim.halfpenny at gmail.com>wrote: Sounds like a good topic for a wiki page, or even a whole site. There is the pauldotcom wiki, I'm sure the good peeps on the list could quickly fill in the blanks. I know I have some stuff I can contribute. Jim On 25/01/2010, Nicholas B. <nberthaume at gmail.com> wrote:No, I'm not looking for rainbow tables. I'm looking for files that various programs and services use to store user credentials in, the type of encoding or hashing that is used on them if any and the operating system(s) that they might appear on. On Mon, Jan 25, 2010 at 4:49 PM, Karl Schuttler <karl.schuttler at gmail.com> wrote:Rainbow tables? On Mon, Jan 25, 2010 at 4:23 PM, Nicholas B. <nberthaume at gmail.com>wrote:I'm looking for a site or sites that contain large and if possible comprehensive lists of files contain username and/or password credentials. The credentials can be plain-text, encoded or hashed and if they are encoded or hashed it would be nice to have the method(s) that was employed to generate these. I'm thinking of files beyond just the normal /etc/shadow, /etc/master.passwd stuff .htaccess to files for specific programs and userland files including svn-auth-file and ~/.vnc/passwd types of content and even more exotic vendor specific stuff to look for. If anyone can point me to someplace with a good list of these or would like to attach a list that you've compiled I would appreciate it. _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com-- Sent from my mobile device _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com ------------------------------ Hotmail: Free, trusted and rich email service. Get it now.<http://clk.atdmt.com/GBL/go/196390708/direct/01/> _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20100126/e7facb14/attachment.htm
Current thread:
- Files containing credential stores sorted by operating system. Nicholas B. (Jan 25)
- Files containing credential stores sorted by operating system. Karl Schuttler (Jan 25)
- Files containing credential stores sorted by operating system. Nicholas B. (Jan 25)
- Files containing credential stores sorted by operating system. Jim Halfpenny (Jan 25)
- Files containing credential stores sorted by operating system. Butturini, Russell (Jan 26)
- Files containing credential stores sorted by operating system. Adrian Crenshaw (Jan 26)
- Files containing credential stores sorted by operating system. PJ McGarvey (Jan 26)
- Files containing credential stores sorted by operating system. Dimitrios Kapsalis (Jan 26)
- Files containing credential stores sorted by operating system. Nicholas B. (Jan 25)
- Files containing credential stores sorted by operating system. Tim Mugherini (Jan 26)
- Files containing credential stores sorted by operating system. Karl Schuttler (Jan 25)