[NTSEC] Plaintext passwords exist in registry (fwd)

Ray Arachelian sunder at brainlink.com
Wed May 28 13:58:32 PDT 1997 



=====================================Kaos=Keraunos=Kybernetos==============
.+.^.+.|  Ray Arachelian    | "Boy meets beer.  Boy drinks Beer,     |./|\.
..\|/..|sunder at sundernet.com|        Boy gets another beer!"         |/\|/\
<--*-->| ------------------ |                                        |\/|\/
../|\..| "A toast to Odin,  | For with those which eternal lie, with |.\|/.
.+.v.+.|God of screwdrivers"| strange aeons, even death may die.     |.....
======================== http://www.sundernet.com =========================

---------- Forwarded message ----------
Date: Wed, 28 May 1997 09:17:53 -0700
From: Bill Stout <stoutb at pios.com>
To: PHILIPB at Omnicell.com, chris at auditek.com, ntsecurity at iss.net
Subject: [NTSEC] Plaintext passwords exist in registry

Most facinating what you find if you look. 

The registry does store some passwords in plain text.  The importance of the
passwords you do find depends on your installation.  I found 'password' and
'username' entries at the below locations, but not much software was
installed on these NT boxes.  Searching the NT registry for my password
string did not did not display anything, searching the W95 registry for my
specific password string found it in many places:

password locations:
hkey_local_machine\system\controlset001\services\gophersvc\parameters
                      ...\controlset002\"
                      ...\curentcontrolset\"
                                             ...\msftpsvc\parameters
                                             ...\w3svc\parameters\

username locations:
\hkey+local_machine\software\microsoft\windowsnt\currentversion\winlogon\
                ...\system\controlset001\services\bh\parameters
                      ...\controlset002\"
                      ...\curentcontrolset\"
                ...\services\gophersvc\parameters\anonymouseusername
                                              ...\logsqlusername
                         ...\msftpsvc\parameters\anonymoususername
                                             ...\logsqlusername
                         ...\w3svc\parameters\anonymoususername
                                             ...\logsqlusername


_____________________________________________________________________________
Bill Stout       (Systems Engineer/Consultant)         stoutb at pios.com
Pioneer Standard (Computer Systems & Components)       http://www.pios.com/
San Jose, CA     (Location of 1 of 52 U.S. offices)    (408) 954-9100
*My opinions do not reflect that of the company, and visa-versa, thankfully.*

More information about the cypherpunks-legacy mailing list