[prev in list] [next in list] [prev in thread] [next in thread]
List: best-of-security
Subject: BoS: [NTSEC] Plaintext passwords exist in registry (fwd'ed)
From: Peter Tonoly <anarchie () suburbia ! net>
Date: 1997-05-29 14:41:40
[Download RAW message or body]
---------------------------------------------------------------
From : Bill Stout <stoutb@pios.com>
Subj : [NTSEC] Plaintext passwords exist in registry
Date : Wed, 28 May 1997 09:17:53 -0700
Forward? : No
Return : stoutb@pios.com
MsgID : <2.2.32.19970528161753.00717450@vaxf.pios.com>
---------------------------------------------------------------
Most facinating what you find if you look.
The registry does store some passwords in plain text. The importance of the
passwords you do find depends on your installation. I found 'password' and
'username' entries at the below locations, but not much software was
installed on these NT boxes. Searching the NT registry for my password
string did not did not display anything, searching the W95 registry for my
specific password string found it in many places:
password locations:
hkey_local_machine\system\controlset001\services\gophersvc\parameters
...\controlset002\"
...\curentcontrolset\"
...\msftpsvc\parameters
...\w3svc\parameters\
username locations:
\hkey+local_machine\software\microsoft\windowsnt\currentversion\winlogon\
...\system\controlset001\services\bh\parameters
...\controlset002\"
...\curentcontrolset\"
...\services\gophersvc\parameters\anonymouseusername
...\logsqlusername
...\msftpsvc\parameters\anonymoususername
...\logsqlusername
...\w3svc\parameters\anonymoususername
...\logsqlusername
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic