NT Password Security Update. Registry values changed!
Ted Cabeen
cabeen at netcom.com
Tue Dec 12 22:13:22 PST 1995
Well, I did some more research into the NT password security issue and I
discovered that I can get access to the Security section of the registry and
there are some VERY interesting values there, stored as raw hex. I created
a test user and checked the values of these registry keys with two different
passwords and iterestingly enough the data in the keys changed when I
changed the password. I plan on doing some more work, including changing
the values and seeing if the password change, but I've been somewhat busy
lately. I've st up a web page at
http://shadowland.rh.uchicago.edu/ntcrypto.html
that has the password I used and the data in the two registry values that
changed when I changed the password. I invite people to look at it and
speculate what the change means. Also, I can provide a few more
plaintext/cyphertext pairs if necessary. The change in the values could be
something like update time, but I don't think that they'd store that as raw
hex, espically hex as long as the stuff I got. Good luck figuring it out.
_____________________________________________________________________________
Ted Cabeen cabeen at netcom.com
Finger for PGP Public Key secabeen at midway.uchicago.edu
"I have taken all knowledge to be my province." cococabeen at aol.com
More information about the Testlist
mailing list