Winxp Multi-user cross-accessing info/pw/etc?
Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: Winxp Multi-user cross-accessing info/pw/etc?

Hybrid View

  1. #1
    Member e><ius's Avatar
    Join Date
    Mar 2007
    Location
    So.Cal.
    Posts
    61

    Winxp Multi-user cross-accessing info/pw/etc?

    Yes, the topic im looking for, as i will describe, was posted here at AO. I have tried searching all keywords, but didnt find what i wanted after 30pages. if anyone knows about this, please drop some words or a link perhaps.

    Lemme detail what i mean by "Winxp Multi-user cross-accessing info/pw/etc." (isnt close to the title of thread i was looking for)

    so, i read in one of these discussions that multi-user computers for a public network stores current users' info/docs/cookies/logs somewhere. i have seen that you can tell who has been on at that computer (assuming that these computers auto-format each night) for that day in"C:\Documents and Settings\". their user names will be displayed with locked data. i did briefly read that one could access such data/passwords that were just recently stored on those machines, not using admin account. files created for the specific user was meant to hasten access time to that user, because it takes much longer to talk to network server everytime and would slow down the network if server kept getting spammed by old users.

    what do u know about such access?

  2. #2
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,403
    You don't need to reformat the PC every night to know who's been on the computer. Just turn on logon/logoff auditting. If you really want to know what's happening turn on the object and file audit trails. Beware though, the logs can get pretty big pretty fast.

    As for the passwords.. I believe you're looking for the cached credentials?
    http://www.irongeek.com/i.php?page=security/cachecrack
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  3. #3
    Member e><ius's Avatar
    Join Date
    Mar 2007
    Location
    So.Cal.
    Posts
    61
    reformating was directed towards the public computers which are set to re-imaging daily. i could tell by looking in the "C:\Documents and Settings\". i guess it may not be that important, 'cept knowing who was on that day.

    anyway, i guess i already knew about cache cracking with admin/system level via cachedump/cain/johntheripper. can this be done with limited access? running .exe will be prohibited.

  4. #4
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177
    Quote Originally Posted by e><ius
    reformating was directed towards the public computers which are set to re-imaging daily. i could tell by looking in the "C:\Documents and Settings\". i guess it may not be that important, 'cept knowing who was on that day.

    anyway, i guess i already knew about cache cracking with admin/system level via cachedump/cain/johntheripper. can this be done with limited access? running .exe will be prohibited.
    Uhm, what the hell kind of environment are you discussing, where systems get reformatted every night? That is not exactly SOP for many organizations. I can see several situations where it may be exactly the sort of security measure needed, but this is by no means default, and you really should fill us in on more detail before we can try to answer your query.
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

  5. #5
    Senior Member Aardpsymon's Avatar
    Join Date
    Feb 2007
    Location
    St Annes (aaaa!)
    Posts
    434
    well, bar some bug I am unaware of files should have the correct permissions set so that users can not access each others cached files on the local PC. In fact, on our network at least it seems that the local cache is cleared out at log off, since every time I look in there there are actually no files in the folders.
    If the world doesn't stop annoying me I will name my kids ";DROP DATABASE;" and get revenge.

  6. #6
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    AFAIK...if the system is installed on an NTFS partition...then the users profiles can only be accessed by an admin of the machine.

    By default.....Limited users cannot access other user info.

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  7. #7
    Member e><ius's Avatar
    Join Date
    Mar 2007
    Location
    So.Cal.
    Posts
    61
    ergo, the system is secure from limited users attempting to extract available hashes. correct?

    how does one enable cache clear per login? or is this default in winxp?

  8. #8
    Member e><ius's Avatar
    Join Date
    Mar 2007
    Location
    So.Cal.
    Posts
    61
    generalizing public computers as i mentioned. not offices, home, but schools, libraries, internet cafes, you name it.

    is that clear?

    im guessing you cant answer my questions in my post before this.

  9. #9
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,178
    You mean using software such as Faronics' "Deep Freeze" to restore systems to their original/standard configurations after use?

    Is your concern that such a restoration will remove the records of who has used the machine?
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  10. #10
    Member e><ius's Avatar
    Join Date
    Mar 2007
    Location
    So.Cal.
    Posts
    61
    no, i am certain that deep freeze or simliar apps will work fine. that is off topic.

    this is what im asking:
    Could a hacker withdraw user/pw hashes from a system knowing that that computer has stored hashes? but the catch is here- he has a limited account in this public machine.

    Quote Originally Posted by morganlefay
    By default.....Limited users cannot access other user info.
    cant be 100% true.

    Quote Originally Posted by me
    how does one enable cache clear per login? or is this default in winxp?
    Answer?

Similar Threads

  1. Port List
    By ThePreacher in forum Miscellaneous Security Discussions
    Replies: 17
    Last Post: December 14th, 2006, 08:37 PM
  2. The Ultimate Social Engineering tutorial!
    By Isellcrack4FBI in forum AntiOnline's General Chit Chat
    Replies: 2
    Last Post: July 4th, 2002, 02:40 PM
  3. Securing Your Windows PC
    By E5C4P3 in forum The Security Tutorials Forum
    Replies: 10
    Last Post: June 12th, 2002, 04:54 PM
  4. The Worlds Longest Thread!
    By Noble Hamlet in forum AntiOnline's General Chit Chat
    Replies: 1100
    Last Post: March 17th, 2002, 08:38 AM
  5. Vulneravility: DCP-Portal User Details Cross Site Scripting
    By s0nIc in forum Network Security Discussions
    Replies: 0
    Last Post: February 18th, 2002, 11:53 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides