Syskey
From: Michel Arboi (arboi@yahoo.com)Date: 09/06/02
- Previous message: zen-parse: "zero-width gif: exploit PoC for NS6.2.3 (fixed in 7.0) [Was: GIFs Good, Flash Executable Bad]"
- Next in thread: Erik Parker: "Re: Syskey"
- Reply:(deleted message) Erik Parker: "Re: Syskey"
- Reply: Nicola Cuomo: "Re: Syskey"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 6 Sep 2002 08:58:42 +0200 (CEST) From: Michel Arboi <arboi@yahoo.com> To: vuln-dev <vuln-dev@securityfocus.com>
By default, Windows 2K encrypts the SAM entries, so that a stolen
"sam" file cannot be used to retrieve passwords.
However, the encryption key is most of the time stored in the system
through a "complex obfuscation function" (dixit Microsoft).
I wonder if somebody has studied this function. It should be possible
to get the key and decrypt the SAM e.g. with a Linux boot floppy or
from a "stolen" hard disk.
(I *know* pwdump[1-3] and it does not solve this problem)
___________________________________________________________
Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français !
Yahoo! Mail : http://fr.mail.yahoo.com
- Previous message: zen-parse: "zero-width gif: exploit PoC for NS6.2.3 (fixed in 7.0) [Was: GIFs Good, Flash Executable Bad]"
- Next in thread: Erik Parker: "Re: Syskey"
- Reply:(deleted message) Erik Parker: "Re: Syskey"
- Reply: Nicola Cuomo: "Re: Syskey"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
