pentesting, pci, red team

Google Clear-Text passwords

October 6th, 2008 by admin in Google, News, Password Info, windows

Chrome stores saves passwords in CLEAR TEXT.

1 ] Go to any site that allows you to sign in ex.

2 ] Enter your fake username. Enter a false (incorrect) password

3 ] Allow Chrome to save password ( It will prompt below the address bar)

4 ] Close Chrome

5 ] Locate and change directory using the command prompt to the path below

%:\Documents and Settings\%user name%\Local Settings\Application Data\Google\Chrome\User Data\Default\Current Session ( Path might be different in Vista )

6 ] Note that the “Current Session” file needs to be present in your
“\Application Data\Google\Chrome\User Data\Default\” directory

7 ] Type this command in cmd : find “&secret” “Current Session”

8 ] You can see that its stored in clear text.
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\C
hrome\User Data\Default>find “&secret” “Current Session”


Need to secure your usb drive? Click Here!

OphCrack Live CD – Crack Windows Passwords

September 20th, 2008 by Dev Team in News, Password Info, windows
Ophcrack LiveCD is a free bootable Windows password cracking CD based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a Graphical User Interface and runs on multiple platforms.

» Runs on Windows, Linux/Unix, Mac OS X, …
» Cracks LM and NTLM hashes.
» Free tables available for Windows XP and Vista.
» Brute-force module for simple passwords.
» LiveCD available to simplify the cracking.
» Loads hashes from encrypted SAM recovered from a Windows partition, Vista included.

Access Stored User Names and Passwords Dialog

July 31st, 2008 by Dev Team in News, Password Info, windows

If you’ve ever saved a password when connecting to a website that requires authentication, for a remote desktop session or a mapped drive, you might have wondered where those passwords are saved. You can view these by going to the Start button then the Run dialog box and paste this:

rundll32.exe keymgr.dll, KRShowKeyMgr


control keymgr.dll

alternatively you can create a shortcut on your Desktop (more…)

Physical Access is Total Access

July 12th, 2008 by Dev Team in News

by LysergicBliss
A cardinal rule of computer security is that once an attacker has
acquired physical access to a machine, it is generally trivial for
that attacker to fully compromise the system. As technology
improves, this is becoming less the case, but for now, if an attacker
has physical access to a machine, the attacker can generally breach
its security.

How To Gain access to Windows Vista

June 16th, 2008 by Dev Team in Password Info, windows

Using BackTrack Live CD which can be found ::here::

For those of you who forgot your spiffy new Vista Logon password. Here’s a quick and dirty way to make a new user account. BTW, this has been around since XP but still useful.


« Previous Article