<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Penetration Testing: Re: [PEN-TEST] Autocomplete Function

Re: [PEN-TEST] Autocomplete Function

From: N Catlow <n.catlow_at_ERIS.DERA.GOV.UK>
Date: Wed, 15 Nov 2000 11:07:22 +0000

> The only place I know of that would contain the settings
> would be in user.dat, but they appear to be encoded (at
> least they are not present in plain text).

Isn't user.dat just a hive of HKEY_CURRENT_USER ?
(showing complete ignorance and indifference to NT)

Are we talking about Intelliforms or url autocompletion?,
there seems to be some confusion. But saying that they could
both contain passwords or session ids.

regards,

Nathan

--
N.Catlow_at_eris.dera.gov.uk |  All opinions  | IT Security, DERA,
                          | are my own and | WWB009, St Andrews Rd,
                          |   not DERA's   | Malvern, Worcs, England.

Received on Nov 16 2000

This message: [ Message body ]
Next message: Roberto Poblete: "Re: [PEN-TEST] Unicode Command Execution"
Previous message: Fernando Cardoso: "Re: [PEN-TEST] [Re: MS SQL HACKING]"
In reply to: David Knaack: "Re: [PEN-TEST] Autocomplete Function"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos