Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Windows XP Home LSA secrets storesXPloginpassphrase in plain text

From: "Mike N" <niceman () att net>
Date: Sat, 6 May 2006 15:21:11 -0400
The administrator account in Windows does not automatically hold all EFS keys.  It fully depends on how EFS was 
configured for the machine.  A secondary EFS recovery account is *often* assigned to the domain administrator, or an 
administrator account, but it's quite possible to allow only the assigned account access to EFS files with no secondary 
EFS recovery account.  For that case adminstrator access is useless for accessing EFS files. 

  ----- Original Message ----- 
  From: John Doe 


  As what comes to EFS, once you get hold of the administrator 
  account, you can decrypt the EFS for _all_ users on the computer. It doesn't
  matter how you acquired the password.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: