-
January 30th, 2004 06:08 PM
#11
-
January 30th, 2004 06:10 PM
#12
Had this ready yesterday but didn't know where you wanted it posted....
-
January 30th, 2004 08:48 PM
#13
OK mate....I know how you got that info...everything except the user account I was logged on as.....how the hell!
Windows 9x: n. A collection of 32 bit extensions and a graphical shell for a 16 bit patch to an 8 bit operating system originally coded for a 4 bit microprocessor. Written by a 2 bit company that can\'t stand 1 bit of competition. 
-
January 30th, 2004 08:49 PM
#14
one word: metadata
-
January 30th, 2004 08:53 PM
#15
I don't know...worked fine for me.....does the metadata id the actual name of the account or the sid
-
January 30th, 2004 09:03 PM
#16
I dont think it goes that far. It will leak certain information which you would rather not share . Be careful when you email your resume to someone . If they really want to look, they might find something that they wont like.
Go here and check out how to get rid of metadata.
http://support.microsoft.com/default...b;EN-US;223396
I guess every Office file uses them
-
January 30th, 2004 09:07 PM
#17
Thanks for the link, Cybr1d, but I couldn't bear to wait so I asked by best friend Google!
I had no idea that much info was stored in the metadata! Bet I'll be fixing that shortly...last thing I need is another damn security leak!
Thanks..It was fun nihil!
Windows 9x: n. A collection of 32 bit extensions and a graphical shell for a 16 bit patch to an 8 bit operating system originally coded for a 4 bit microprocessor. Written by a 2 bit company that can\'t stand 1 bit of competition.
-
January 30th, 2004 09:15 PM
#18
576869746568617
That is not so difficult because the default is to save into the folder "my documents" AFAIK a unique one of these is created for each user profile? When you look at the metadata, you see the access path, which includes the user account.
Yes Cyber1d, I think that all Office documents do............even powerpoint.
Cheers
If you cannot do someone any good: don't do them any harm....
As long as you did this to one of these, the least of my little ones............you did it unto Me.
What profiteth a man if he gains the entire World at the expense of his immortal soul?
-
January 30th, 2004 09:15 PM
#19
what makes it even more interesting is that microsoft knows about its risks and they acknowledge the fact thats it is indeed a vulnerability. Metadata will show deleted text, and the names of whoever edited the text. They claim its an "option" for users to use. Personally i'd prefer that option being off by default.
Cheers,
-
January 30th, 2004 09:41 PM
#20
Looked at it in Hex Workshop. Damn! I had no Idea!..
yes, nihil, each user's default document directory is auto-generated from the user name by the OS. You could get around this by using a file server directory with a generic path.....If you didn't mind someone knowing the NetBIOS name of your file server instead! (that is, of course, if you didn't fix the whole metadata problem.)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
Forum Rules
|
|
Reply With Quote
Bookmarks