Re: Encrypting Logon Passwords
From: Dominick Baier [DevelopMentor] (dbaier_at_pleasepleasenospamdevelop.com)
Date: 09/07/05
- Next message: Sharon: "Re: HttpWebRequest & https"
- Previous message: Larry Williams: "Encrypting Logon Passwords"
- In reply to: Larry Williams: "Encrypting Logon Passwords"
- Next in thread: Larry Williams: "Re: Encrypting Logon Passwords"
- Reply: Larry Williams: "Re: Encrypting Logon Passwords"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 06 Sep 2005 23:12:39 -0700
Hello Larry,
they are using something called a LSA Secret, only LOCAL SYSTEM has access
to this API - and btw. it is not encrypted, it is only encoded. Grab a tool
like LSADump, which shows you the decoded values.
That said - i don't think thats the way to go...what does the AutoLogonCount
value mean?
---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com
> I've got a few posts that are all related but I've gotten a little
> farther and figured I should make a new post.
>
> I am writting a VB dotNet program that has to restart the PC halfway
> through. In order to ensure it restarts with the same userid and
> password I have to setup the following registry entries:
>
> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
> NT\CurrentVersion\Winlogon
>
> DefaultUserName "your_username"
> DefaultPassword "your_password"
> AutoAdminLogon "1"
> AutoLogonCount "1"
> The only problem is this stores the password in text format and
> unencrypted.
> Therefore I've been looking at ways to encrypt and save the password
> and
> have the system use it.
> I noticed that TweakUI (Microsoft PowerTool) does this when you setup
> the AutoLogon. It assigns all of the keys identified above except the
> "DefaultPassword".
>
> After using "RegMon" (http://www.sysinternals.com) I've been able to
> determine that TweakUI is saving the logon password into the following
> registry location:
>
> HKLM/SECURITY/Policy/Secrets/DefaultPassword/
>
> and into the following keys:
>
> CupdTime
> CurrVal
> OldVal
> OupdTime
> SecDesc
> I had to change my Administrator Permissions to access this key in the
> registry.
>
> Now I need to know how to encrypt a password and store it into these
> keys. I'm looking for code that will encrypt the password. Once I've
> got that I should be able to set the values into the proper registry
> values.
>
> I'm not totally sure how to set the permissions to allow my program to
> update the registry permissions for the administrator.
>
> If someone could give me a code snippet (or point me in the correct
> direction where an example exists) that encrypts the password and
> changes the permissions for the program to assign the value into the
> registry I would be very appreciative.
>
> I'm thinking I need to prefix my main program with:
>
> <System.Security.Permissions.RegistryPermissionAttribute(System.Securi
> ty.Permissions.SecurityAction.Demand, _
> Unrestricted:=True)> Public Sub Main()
> For the encryption on the password I think I need to use something
> like this:
> Dim PDB As New PasswordDeriveBytes(Password, "")
> Dim Key() As Byte
> Key = PDB.CryptDeriveKey("RC2", "SHA", 128, "")
> What I'm not sure of is which Algorithim name (RC2) or Hash Name (SHA)
> to use for the logon password. I believe this code isn't correct
> because it does not provide the same result as what is appearing in
> the registry now. The CurrVal key appears to be 36bytes long. The
> result of this code is a 16byte field.
>
- Next message: Sharon: "Re: HttpWebRequest & https"
- Previous message: Larry Williams: "Encrypting Logon Passwords"
- In reply to: Larry Williams: "Encrypting Logon Passwords"
- Next in thread: Larry Williams: "Re: Encrypting Logon Passwords"
- Reply: Larry Williams: "Re: Encrypting Logon Passwords"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
