Vulnerability Development mailing list archives
Re: Novell 32bit Client , Passwords
From: sarnold () WILLAMETTE EDU (Seth R Arnold)
Date: Thu, 6 Apr 2000 10:18:32 -0700
* Michael Sanders <michaels () ebusolutions co za> [000406 08:42]:
Sorry if this has been covered already, does anyone know were the passwords are cached in the novell client? Ive noticed that when a Novell 4.11 server goes down and brought back up again the client authenticates with the correct logon details to the NDS. Is they cached , are the encrypted adn do they get cleared ?
Michael, it might vary between the microsoft novell client and the novell novell client (aka intranetware, aka client32) -- but I believe both of them store the passwords in windows' .pwd files (under 9x) and in user.dat in the user's profile directory under NT. As for being encrypted, they are at least obfuscated. They might be stored encrypted with the user's single-signon password, or they might be stored in a plain-text equivalence. I honestly don't know, but a search at MS's KB for "password cache" or "password caching" might turn up exactly what you want to know. HTH -- Seth Arnold | http://www.willamette.edu/~sarnold/ Hate spam? See http://maps.vix.com/rbl/ for help
Current thread:
- Re: local security workaround through IE Seth R Arnold (Mar 31)
- <Possible follow-ups>
- Re: local security workaround through IE WHiTe VaMPiRe (Mar 31)
- Re: local security workaround through IE Matthew S. Hallacy (Apr 03)
- Re: local security workaround through IE Bluefish (Apr 05)
- Re: local security workaround through IE WHiTe VaMPiRe (Apr 05)
- Re: local security workaround through IE Seth R Arnold (Apr 05)
- Novell 32bit Client , Passwords Michael Sanders (Apr 06)
- Re: Novell 32bit Client , Passwords Seth R Arnold (Apr 06)
- Re: Novell 32bit Client , Passwords Andrew Griffiths (Apr 06)
- Re: local security workaround through IE Andrew Bennieston (Apr 08)
- Re: local security workaround through IE Mr Jason C Hill (Apr 06)
- Award BIOS passwords (was Re: local security workaround through IE) Robert A. Seace (Apr 06)
- Re: Award BIOS passwords (was Re: local security workaround through IE) jnzero (Apr 07)
- Kill BIOS dEStr0YEr (Apr 08)
- Re: Kill BIOS Greg Rice (Apr 08)