[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Windows XP Home LSA secrets storesXPloginpassphrase in plain text

To: <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] Windows XP Home LSA secrets storesXPloginpassphrase in plain text
From: "Mike N" <niceman@xxxxxxx>
Date: Sat, 6 May 2006 15:21:11 -0400

The administrator account in Windows does not automatically hold all EFS keys.  
It fully depends on how EFS was configured for the machine.  A secondary EFS 
recovery account is *often* assigned to the domain administrator, or an 
administrator account, but it's quite possible to allow only the assigned 
account access to EFS files with no secondary EFS recovery account.  For that 
case adminstrator access is useless for accessing EFS files. 

  ----- Original Message ----- 
  From: John Doe 


  As what comes to EFS, once you get hold of the administrator 
  account, you can decrypt the EFS for _all_ users on the computer. It doesn't
  matter how you acquired the password.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- Re: [Full-disclosure] Windows XP Home LSA secrets storesXP loginpassphrase in plain text
  - From: John Doe

Prev by Date: Re: [Full-disclosure] IE7 Information Disclosure - For sale
Next by Date: Re: [Full-disclosure] Let's Not Forget Whose In Charge
Previous by thread: Re: [Full-disclosure] Windows XP Home LSA secrets storesXP loginpassphrase in plain text
Next by thread: [Full-disclosure] [ GLSA 200605-06 ] Mozilla Firefox: Potential remote code execution
Index(es):
- Date
- Thread