Re: RAS 'save password' problems...

[dleblanc () MINDSPRING COM (David LeBlanc)]

At 11:19 AM 3/20/98 -0600, Aleph One wrote:
> ---------- Forwarded message ----------
> Date: Thu, 19 Mar 1998 14:09:44 -0800
> From: martin Dolphin <mdolphin () POBOX COM>
> To: NTBUGTRAQ () LISTSERV NTBUGTRAQ COM
> Subject: RAS 'save password' problems...
>
> THE PROBLEM:
> Windows NT allows users to save their RAS credentials by using the 'Save
> Password' checkbox when making a dial-up connection. Credentials saved in
> this manner are stored in the
> HKEY_LOCAL_MACHINE\SECURITY\Policy\Secrets\RasCredentials!SID#0 registry
> key.  These credentials can be enumerated using the LSA secrets code.  (As
> identified by Paul Ashton in a prior submission to NTBugtraq)

There are also a number of entries corresponding to previous logins by
users.  There is a way to turn this behavior off, but I don't recall at the
moment exactly what it is.

Essentially, it is there to allow you to log on if the domain controller
can't be reached.  I believe it stores hashes rather than clear-text.

The RAS functionality can often be annoying as well - it tends to prompt me
for my password even when I'm using a script (which of course contains the
user-password pair in the clear).  Not sure why it thinks it needs it - I
just leave it blank, but a less astute user would probably type in their
actual password.


David LeBlanc           |Why would you want to have your desktop user,
dleblanc () mindspring com |your mere mortals, messing around with a 32-bit
                        |minicomputer-class computing environment?
                        |Scott McNealy