Ci sono diverse possibilità per estrarre le password da un computer. Non so in modo specifico del prodotto Elcomsoft, tuttavia la probabilità che un qualsiasi software trovi password su Windows 7 è probabilmente grande.
Ho scritto un post su questo blog prima di poter essere trovato qui: link . Un estratto del post può essere trovato sotto.
Il post completo del blog contiene informazioni su come recuperare le informazioni sull'account anche da altri luoghi, come nei file temporanei di Internet o recuperare i file cancellati.
The SAM file
As I’ve written about before, the SAM file contains account information on Windows OS. This file can trivially be dumped when physical access to the machine is in hand. The hashes, in some cases weak LANMAN, can then be proceeded to be attacked in order to reveal the clear-text password.
Cain & Able also have the possibility to dump passwords from machines local system account, often called LSA secrets.
Discover stored passwords in browser or other applications
Very many applications provide some sort of “remember password” logic to provide easier access to resources that is password protected. Most people will recognize this function in our browsers. They provide an option to store the users password in a database and automatically fill inn these when the user navigates to a login form the browser remember.
There is also other applications than just browsers that offer to store passwords for the user. For example many popular games are known to store the users password, or other software like Filezilla has been known to do the same.
SecurityXploded.com has a list over currently 47 applications and where they store their passwords. To mention a few:
- Skype
- MSN Messenger
- Windows Live Messenger
- Microsoft Outlook
- Heroes of Newerth