Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Removing certificates on MS Windows.
From: Manuel Mollar Villanueva <mm.disclosure () nisu org>
Date: Sat, 08 Apr 2006 18:14:52 +0200

Hi,
This applies for all MS Windows versions.

If you have a certificate installed on HD (i.e. using the MS Enhaced CSP), then, following Microsoft, you can remove it using IExplorer, on the *Tools* menu, you click *Internet Options*, then you click the* Content* tab, and then click Remove. This is a well known action described in http://www.microsoft.com/technet/prodtechnol/ie/reskit/6/part2/c06ie6rk.mspx?mfr=true

Doing this, you effectively remove the certificate, but THE PRIVATE KEY REMAINS IN THE HD. You can find a lot of scenarios where this can be a problem. Suppose you go to a friend's home, you install a pkcs12 file containing your certificate and private key with "Medium" security level (the default), then you use it, and when you finishes your work, you remove the certificate (but NO the private key). Then your friend takes your certificate (is a public document) and installs it, having your private key working for him.

The program cleancapi deletes the private keys that are not used by any certificate.
Source code: http://dwnl.nisu.org/dwnl?fic=cleancapi_0_2_src.zip
Precompiled version: http://dwnl.nisu.org/dwnl?fic=cleancapi_0_2_bin.zip

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]