Penetration Testing mailing list archives
Re: [PEN-TEST] Autocomplete Function
From: Ben Grubin <Ben.Grubin () GUARDENT COM>
Date: Mon, 13 Nov 2000 19:06:07 -0500
-----BEGIN PGP SIGNED MESSAGE----- Pssst, HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IntelliForms\SPW - -------------------------------------------------- Benjamin P. Grubin bgrubin () guardent com Guardent, Inc. http://www.guardent.com PGP Key: D33D 22C2 6552 0F6B 44E4 5254 0172 0E10 "The world isn't run by weapons anymore, or energy, or money. It's run by little ones and zeros, little bits of data.. it's all just electrons."
-----Original Message----- From: Davidson,Sam [mailto:SDAVIDSON () CERNER COM] Sent: Monday, November 13, 2000 4:28 PM To: PEN-TEST () SECURITYFOCUS COM Subject: Re: Autocomplete Function Has anyone tried taking a sysdiff snapshot, then visiting some sites and taking a diff shot to find the modified files? This would be verrrry valuable info when compromised. -----Original Message----- From: Masse, Robert [mailto:rmasse () RICHTERSECURITY COM] Sent: Monday, November 13, 2000 13:24 To: PEN-TEST () SECURITYFOCUS COM Subject: [PEN-TEST] Autocomplete Function Hi Does anyone know where Internet Explorer stores the data from the 'autocomplete' function? You know, the one everyone uses when they do their on-line banking :) Possible Scenario: Lots of people have file sharing on their workstation at home and a nice broadband connection. Can someone pull a file with the list of usernames/passwords/sites if someone was using autocomplete? I poked around and didn't find anything (internet options, content allows you to clear the info but doesn't tell you where it's stored). Thanks Rob Robert Masse, CISSP Chief Technical Officer Richter Security Inc. 2 Place Alexis Nihon, suite 905 Montreal, Quebec, Canada +514 934 3566 Direct +514 934 3406 Fax
-----BEGIN PGP SIGNATURE----- Version: PGP 6.5.3 iQEVAwUBOhCAoxUrX+hn0R4xAQEnWAgAwXzzTmWnJWcpF0C7aXdb7x3EqWot9VfU 6wg1+e2Rd3LUCcNcjyjumP4R0fQ3cfMnPbSBDwOArOYA3K3z3IhG1V3uWL8QYREC CLgEYeeypyJXdmw4f8ciHHtlgOxXeS02JKHx/LGjx4o6OWKc5QUB8GDPjLhVmG8K NnYeP64d9DT3sh8YFrbYjqhwcaSh6B22GA968ANsMMdHHLi3Wed9XW7UU5bzEGBI 7xdW17w+Uhz5eURfxhcq1F2a4yqsKol3MqIB1WQXbuc4QukhDgWQ5VKHfydY6IXJ hmfxSBf9UhvsrcThYnmQXft96oNpY8eCryoJd3leeTIJAN0oa6/mSA== =xAXD -----END PGP SIGNATURE-----
Current thread:
- [PEN-TEST] Autocomplete Function Masse, Robert (Nov 14)
- <Possible follow-ups>
- Re: [PEN-TEST] Autocomplete Function Davidson,Sam (Nov 14)
- Re: [PEN-TEST] Autocomplete Function Oleg Letsinsky (Nov 15)
- Re: [PEN-TEST] Autocomplete Function Bill Weiss (Nov 15)
- Re: [PEN-TEST] Autocomplete Function Ben Grubin (Nov 15)
- Re: [PEN-TEST] Autocomplete Function Magnus Ullberg (Nov 15)
- Re: [PEN-TEST] Autocomplete Function Masse, Robert (Nov 15)
- Re: [PEN-TEST] Autocomplete Function Ryan Russell (Nov 15)
- Re: [PEN-TEST] Autocomplete Function David Knaack (Nov 15)
- Re: [PEN-TEST] Autocomplete Function N Catlow (Nov 16)
- Re: [PEN-TEST] Autocomplete Function Ryan Russell (Nov 15)