Bugtraq mailing list archives
Re: NT WinLogon VM contains plaintext password visible in admin mode
From: dleblanc () MINDSPRING COM (David LeBlanc)
Date: Tue, 7 Dec 1999 11:12:23 -0800
At 08:40 AM 12/7/99 -0600, Robert Horvick wrote:
While this does require admin rights for this to work the implications of social engineering or an exploit to run after compromising the admin account are obvious.
If you can get to be admin, why not just install a keyboard sniffer, and get everything that comes into the console? It is still a good idea to fix the problem, but if I can get an admin-level user to run a trojan, or otherwise compromise a local admin account, the number of ways to hack any subsequent user are bounded only by one's imagination. As a friend used to say, "the mind boggles at the possibilities" <g>. I've got an overall problem with 'exploits' that require admin access to run - kind of like worrying about the windows being locked when the front door has been successfully hit with the crowbar attack. If you can get to be admin, you can modify the OS, and from there, you can do anything to any user. David LeBlanc dleblanc () mindspring com
Current thread:
- Re: NT WinLogon VM contains plaintext password visible in admin mode David LeBlanc (Dec 07)
- <Possible follow-ups>
- FW: NT WinLogon VM contains plaintext password visible in admin mode XB (Dec 07)
- Re: NT WinLogon VM contains plaintext password visible in admin mode Chris Paget (Dec 09)
- Re: NT WinLogon VM contains plaintext password visible in admin mode .rain.forest.puppy. (Dec 14)