UGN Security
Posted By: tatz13 windows help - 09/09/02 12:51 PM
windows help

ok could someone tell me how to find the stored passwords and user names on a pc ?
ie when you log into a website and the login box appears and you just click ok because earlier you clicked remember login details. where are these stored and are they encrypted and can they be unencrypted ?
I am trying to teach myself all about windows and its security but this one has me stumped i just cant find where they are stored i thought they were pwp files but my pc hasnt got any of those i am running 98.
Posted By: unreal Re: windows help - 09/09/02 04:23 PM
mhm...that's why we have a Windows Security forum, bud. wink

Moved.
Posted By: ohfuk Re: windows help - 09/09/02 06:38 PM
i think the passwords are saved on the website where you have to enter the password and i think they arent viewable by either side, the site user or the site. they might be called "cookies" but i really am one of the stupider computer people so everything i said has a very good posibility of being bullshit. i dunno

<img border="0" alt="[Bang]" title="" src="graemlins/bang.gif" /> <img border="0" alt="[Sheep]" title="" src="graemlins/sheep.gif" />
Posted By: SilentRage Re: windows help - 09/09/02 07:06 PM
ja, it's all stored in cookies me friend. It'll be in your temporary internet files, just sort by 'TYPE' and look through the list of cookies for the website you're looking for. Then you can copy it and paste it someplace else and open it in notepad to see what's inside.
Posted By: ohfuk Re: windows help - 09/09/02 07:28 PM
ahh so thats how it works
Posted By: tatz13 Re: windows help - 09/09/02 11:26 PM
thanx smile
Posted By: CyberNerd Re: windows help - 09/22/02 04:55 AM
...if you didnt know about cookies you definitley wanna look into it, i've even gotten viruses through cookies(least thats what norton popped up saying)
Posted By: SilentRage Re: windows help - 09/22/02 09:44 AM
I think you misunderstood Norton. I know how cookie data is exchanged between server and client and how it's handled. I don't see any opportunity for code within a cookie (Text file) to be executed.
Posted By: black^Pimp Re: windows help - 09/26/02 06:57 PM
well listen guys, SilentRage was right when he told you to go and look at the cookies, but listen, cookies could be called sensitive too just like passwords, coz just go there and check the documents, you'll see just encryption.

e.g. a file like administrator@apple[1]
when you open it with notepad for example. All you'll see is this:

pcidconsumer
9362194
apple.com/
0
610778752
29590288
4156834080
29516895
*

now you understood anything ? i'd say no, you need to decrypt them i think.
Posted By: Insanity_is_Beauty Re: windows help - 09/26/02 07:39 PM
Hmm, there used to be a revelation program that would grab peoples passwords that they "saved" via internet explorer. I believe this it is same process as when using autocomplete. If you have a cookie with the info you need not even see a login page. The webserver will know.

If it is a saved password via internet explorer or autocomplete, then you can get a program that will find and decrypt the passwords in the pwl or user.dat file. I think it uses the user.dat, but it has been a while and I know there are programs for viewing both. Might depend on OS version also.

My apologies for my shitty memory, but I hope it helps.
Posted By: black^Pimp Re: windows help - 09/27/02 07:48 AM
yea yea you're hell right Insanity. I remember now... well forgot the name and stuff but i'll look around if i can find what that thing.

P.S. i think it uses the .pwl
Posted By: Gremelin Re: windows help - 09/27/02 09:05 PM
Its all about the keylogger...
Posted By: SilentRage Re: windows help - 09/29/02 08:12 PM
Quote:
Originally posted by Insanity_is_Beauty:
I think it uses the user.dat
user.dat is one of the main 2 registry files. It may be stored in the registry encrypted. I have never tried to find where they're stored.
© UGN Security Forum