[NTSEC] Plaintext passwords exist in registry (fwd)
=====================================Kaos=Keraunos=Kybernetos============== .+.^.+.| Ray Arachelian | "Boy meets beer. Boy drinks Beer, |./|\. ..\|/..|sunder@sundernet.com| Boy gets another beer!" |/\|/\ <--*-->| ------------------ | |\/|\/ ../|\..| "A toast to Odin, | For with those which eternal lie, with |.\|/. .+.v.+.|God of screwdrivers"| strange aeons, even death may die. |..... ======================== http://www.sundernet.com ========================= ---------- Forwarded message ---------- Date: Wed, 28 May 1997 09:17:53 -0700 From: Bill Stout <stoutb@pios.com> To: PHILIPB@Omnicell.com, chris@auditek.com, ntsecurity@iss.net Subject: [NTSEC] Plaintext passwords exist in registry Most facinating what you find if you look. The registry does store some passwords in plain text. The importance of the passwords you do find depends on your installation. I found 'password' and 'username' entries at the below locations, but not much software was installed on these NT boxes. Searching the NT registry for my password string did not did not display anything, searching the W95 registry for my specific password string found it in many places: password locations: hkey_local_machine\system\controlset001\services\gophersvc\parameters ...\controlset002\" ...\curentcontrolset\" ...\msftpsvc\parameters ...\w3svc\parameters\ username locations: \hkey+local_machine\software\microsoft\windowsnt\currentversion\winlogon\ ...\system\controlset001\services\bh\parameters ...\controlset002\" ...\curentcontrolset\" ...\services\gophersvc\parameters\anonymouseusername ...\logsqlusername ...\msftpsvc\parameters\anonymoususername ...\logsqlusername ...\w3svc\parameters\anonymoususername ...\logsqlusername _____________________________________________________________________________ Bill Stout (Systems Engineer/Consultant) stoutb@pios.com Pioneer Standard (Computer Systems & Components) http://www.pios.com/ San Jose, CA (Location of 1 of 52 U.S. offices) (408) 954-9100 *My opinions do not reflect that of the company, and visa-versa, thankfully.*
At 4:45 PM -0400 5/28/97, Ray Arachelian wrote:
---------- Forwarded message ---------- Date: Wed, 28 May 1997 09:17:53 -0700 From: Bill Stout <stoutb@pios.com> To: PHILIPB@Omnicell.com, chris@auditek.com, ntsecurity@iss.net Subject: [NTSEC] Plaintext passwords exist in registry
Most facinating what you find if you look.
The registry does store some passwords in plain text. The importance of the
I found mine as well: http://nsa.gov/secure/national-key-recovery-infrastructure/citizens/m/may-ti... y-c I had hope that the mandatory voluntary key recovery infrastructure, mandated by the Secure and Safe Net Act of 1997, would have taken better care not to place my key in such a visible place. Jeesh. But our government must know what it's doing, right? --Tim May There's something wrong when I'm a felon under an increasing number of laws. Only one response to the key grabbers is warranted: "Death to Tyrants!" ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1398269 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."
participants (2)
-
Ray Arachelian -
Tim May