Need confirmation of Win95 password encryption back door
Rich Graves
llurch at networking.stanford.edu
Mon Jan 15 22:31:48 PST 1996
-----BEGIN PGP SIGNED MESSAGE-----
A Major Media Outlet requires confirmation that Windows 95, to facilitate
its automatic reconnect feature for sleeping laptops and temporary network
outages, caches all network passwords (NetWare, NT, UNIX running Samba,
SLIP/PPP dialup) in unprotected memory in clear text, whether you've
disabled persistent "password caching" to disk and applied the December
14th 128-bit RC4 .PWL patch, or not. There seems to be no way to turn
this off.
The idea, of course, is that a simple trojan horse could do whatever it
wanted with this information.
We know that this vulnerability exists in Windows for Workgroups, and
Peter wrote a little demo (on hackmsoft page below, without source), but
the APIs appear to have changed in Win95.
So, anyone have Win95 and some time to kill, or can anyone recommend a
good DOS/Windows RAM grepper?
- -rich at c2.org
http://www.c2.org/hacknmsoft/
$ Mon Jan 15 22:17:10 PST 1996 $
$ From llurch at networking.stanford.edu to cypherpunks at toad.com $
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBMPtDLo3DXUbM57SdAQEN7QP+J6Gmk6m8dv3X96SKZciI/L7DM04bDSoi
HZa+dIoajAiRrfG9oSNcIYbVDDs67qwCSKGFg9hc5K3x99nhbq3Aw2mio62YQj+2
K62pBT9hQLe4dv8AMhLtIqyG4ZztYy+dDjGzsaUIkBUZKo5//Eh8c81xXLQrqXtk
RFV+xkXBgww=
=12rk
-----END PGP SIGNATURE-----
More information about the cypherpunks-legacy
mailing list