Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Novell 32bit Client , Passwords

From: griffiths_a () SCHOLAR DON TASED EDU AU (Andrew Griffiths)
Date: Fri, 7 Apr 2000 11:07:36 +1000

At 10:18 AM 6/04/00 -0700, you wrote:


As for being encrypted, they are at least obfuscated. They might be
stored encrypted with the user's single-signon password, or they might
be stored in a plain-text equivalence. I honestly don't know, but a
search at MS's KB for "password cache" or "password caching" might turn
up exactly what you want to know.


With w9x, if it's in a .pwl file, you can get programs to decrypt
everything with all passwords (cached) there. This include, things for web
pages and that. It's called cain.

Hi! I'm the infamous .signature virus!
Copy me into your ~/.signature to help me spread!

--------------------------------------------------------------------------
Andrew Griffiths             | When you're bored, stop! Go to a show,    |
griffiths_a () scholar don.tased| turn on the TV. Do anything but work on   |
.edu.au                      | that machine. If you don't stop, the next |
-----------------------------| thing to happen will be the Big Mistake,  |
 If you see a person without | and then all that boredom plus the Big    |
 a smile, give them one of   | Mistake combine together in one Sunday    |
 yours.                      | Punch to knock all the gumption out of you|
-Unknown author              | and you really are stopped.               |
--------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: