Penetration Testing mailing list archives

Re: Certificate store

From: David Howe <David.Howe () ansgroup co uk>
Date: Tue, 8 Apr 2008 10:19:45 +0100

Pierre Cassimans wrote:

Hi,

Some questions about the microsoft certificate store:

- is there a way to extract (or export) certificates from a microsoft
certificate store when the certificates are marked as &quot;not
exportable
- is there a way to extract the certificates from within a linux environment?

From a bit of research i did the other day, the private keys appear tobe stored at C:\Documents and Settings\<username>\ApplicationData\Microsoft\Crypto\RSA for the user concerned. Further searchesseemed to indicate that they were secured with a user specific "masterkey" derived from the machine's SID, the users name (or SID) and thepassword used for that user's login.

I haven't researched this one any further, but I understand the samemechanism is used for the EFS certificates (for obvious reasons) soexamination of http://www.lostpassword.com/efs.htm may yield some usefulclues.


David Howe
Senior SysCare  Engineer

david.howe () ansgroup co uk
Office number: 0161 227 1010
Fax: 0161 227 1020

ANS group plc
Synergy House
Manchester Science Park
Manchester
M15 6SY
www.ansgroup.co.uk

The information contained in this communication from david.howe () ansgroup co uk is confidential and may be legally privileged.It is intended solely for use by pen-test () securityfocus com and others authorised to receive it.If you are not pen-test () securityfocus com you are hereby notified that any disclosure, copying, distribution or taking actionin reliance of the contents of this information is strictly prohibited and may be unlawful.


ANS group plc 2007 - Privacy Policy - Registered Office is Synergy House, Manchester Science Park, Manchester, M15 6SY. Reg 
No. 3176761. (Registered in England & Wales)


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Current thread:

Certificate store Pierre Cassimans (Apr 03)
- Re: Certificate store Gleb Paharenko (Apr 06)
- Re: Certificate store ilaiy (Apr 06)
- Re: Certificate store David Howe (Apr 08)