Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] Autocomplete Function
From: "Masse, Robert" <rmasse () RICHTERSECURITY COM>
Date: Tue, 14 Nov 2000 15:16:38 -0500

Hi Ben

Can you be a bit more specific?

HKEY_CURRENT_USER\Software\Microsoft\Internet
Explorer\IntelliForms\SPW

contains the value:

"FMJD38! _496SEO"=dword:00000000

So are you telling me that value contains the username, password and site?

Thanks

Rob

Robert Masse, CISSP
Chief Technical Officer

Richter Security Inc.
2 Place Alexis Nihon, suite 905
Montreal, Quebec, Canada
+514 934 3566 Direct
+514 934 3406 Fax


-----Original Message-----
From: Ben Grubin [mailto:Ben.Grubin () GUARDENT COM]
Sent: Monday, November 13, 2000 7:06 PM
To: PEN-TEST () SECURITYFOCUS COM
Subject: Re: [PEN-TEST] Autocomplete Function


-----BEGIN PGP SIGNED MESSAGE-----

Pssst,

HKEY_CURRENT_USER\Software\Microsoft\Internet
Explorer\IntelliForms\SPW

- --------------------------------------------------
Benjamin P. Grubin            bgrubin () guardent com
Guardent, Inc.             http://www.guardent.com
PGP Key:  D33D 22C2 6552 0F6B  44E4 5254 0172 0E10

"The world isn't run by weapons anymore, or energy, or money.  It's
run by little ones and zeros, little bits of data.. it's all just
electrons."



-----Original Message-----
From: Davidson,Sam [mailto:SDAVIDSON () CERNER COM]
Sent: Monday, November 13, 2000 4:28 PM
To: PEN-TEST () SECURITYFOCUS COM
Subject: Re: Autocomplete Function


Has anyone tried taking a sysdiff snapshot, then visiting
some sites and
taking a diff shot to find the modified files?
This would be verrrry valuable info when compromised.

-----Original Message-----
From: Masse, Robert [mailto:rmasse () RICHTERSECURITY COM]
Sent: Monday, November 13, 2000 13:24
To: PEN-TEST () SECURITYFOCUS COM
Subject: [PEN-TEST] Autocomplete Function


Hi

Does anyone know where Internet Explorer stores the data from the
'autocomplete' function?  You know, the one everyone uses
when they do their
on-line banking :)

Possible Scenario:

Lots of people have file sharing on their workstation at home
and a nice
broadband connection.  Can someone pull a file with the list of
usernames/passwords/sites
if someone was using autocomplete?

I poked around and didn't find anything (internet options,
content allows
you to clear  the info but doesn't tell you where it's stored).


Thanks

Rob

Robert Masse, CISSP
Chief Technical Officer

Richter Security Inc.
2 Place Alexis Nihon, suite 905
Montreal, Quebec, Canada
+514 934 3566 Direct
+514 934 3406 Fax


-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.3

iQEVAwUBOhCAoxUrX+hn0R4xAQEnWAgAwXzzTmWnJWcpF0C7aXdb7x3EqWot9VfU
6wg1+e2Rd3LUCcNcjyjumP4R0fQ3cfMnPbSBDwOArOYA3K3z3IhG1V3uWL8QYREC
CLgEYeeypyJXdmw4f8ciHHtlgOxXeS02JKHx/LGjx4o6OWKc5QUB8GDPjLhVmG8K
NnYeP64d9DT3sh8YFrbYjqhwcaSh6B22GA968ANsMMdHHLi3Wed9XW7UU5bzEGBI
7xdW17w+Uhz5eURfxhcq1F2a4yqsKol3MqIB1WQXbuc4QukhDgWQ5VKHfydY6IXJ
hmfxSBf9UhvsrcThYnmQXft96oNpY8eCryoJd3leeTIJAN0oa6/mSA==
=xAXD
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault