I'm an experienced sys admin who is working with our security group in small doses for the experience. It's challenging, but I enjoy putting together the pieces.
We have an attorney who wants to know if we can pull usernames/passwords from online web forms, such as Yahoo mail from a pc. I told him there are legal issues he'll need to address before we actually proceed.
Till then, I'm looking into it. From what I can tell, unless the passwords are saved in the browser or an instant messenger client was running, the online credentials are not on the pc. I can piece together a history of my internet searches, my latest URL history, all the cookies and even rebuild some of the webpages. I've also used some free/demo tools to look inside the cookies to no avail.
Am I on the right track? I'd like to figure it out because I like learning, but at the same time am cautious about the ramifications and future requests that could be created because of this capability.
Thanks for the help!
Phil
MCITP 2008 Enterprise Admin
MCSE 2003
Learning as I go…..
From your browser you may get a fair amount of joy from the protected storage areas.
You could try downloading Cain and Abel (free) to have a play with, and see what comes up from the protected storage decoder in that.
Rich
Thanks for the reminder about Cain/Abel. I've used that before and it turned up some interesting info.
The request was cancelled so I'm done working on it for now.
As a side note, I was impressed by how easily I was able to find my internet search history, rebuild my cache, view cookies info, and pull an image file.
Thanks again,
Phil
MCITP 2008 Enterprise Admin
MCSE 2003
Learning as I go….
Yes you can find them. In the Protected Storage System Provider subkey in the registry. Assuming you have authorization to view the data elsewhere on the drive there should be no issue with extracting this information. Now if you go a step further and use it to login you will likely be committing a crime.
I didn't see what he said what OS he was using, might not find it in a few OS's.