Loading user information from Channel 9

Something went wrong getting user information from Channel 9

Latest Achievement:

Loading user information from MSDN

Something went wrong getting user information from MSDN

Visual Studio Achievements

Latest Achievement:

Loading Visual Studio Achievements

Something went wrong getting the Visual Studio Achievements

Adventures in Underland: What Passwords Do When No One Is Watching


Right click “Save as…”

Slides (view online)
+My schedule - My schedule

Wherever and whenever you enter your password in the password field, there is at least one mechanism that must know it to use it later for the designed purpose. The common knowledge is that when we set up our password in Windows it is hashed and stored either in SAM or ntds.dit database in Active Directory. This is useful for verification purposes, but if your operating system can re-use the password it means others can decrypt it! In this intensive session, learn the encryption and decryption techniques being used nowadays in systems, networks, and applications. We look at the various technology weaknesses and try to take passwords from the places where they are used by the operating system to perform several operations. Become familiar with some unexpected places for your passwords and learn what you can do to mitigate the risk before somebody else grabs them! Session covers passwords’ internals. Have a cup of coffee before attending!

Follow the discussion

  • Oops, something didn't work.

    Getting subscription
    Subscribe to this conversation
  • Sounds interesting!

  • I am hoping this information will be helpful for our Help Desk and PC Support techs.

  • My organization uses an identity management system,  I tell my users to log out of all connected systems before changing passwords.  I know why and I try to explain, perhaps this would be helpful.

  • Paula's sessions are always good.

  • When no one is watching, passwords tease each other about how complicated they are. Also make bets on which password will be forgotten first. Some hate each other because they copied the same password. Tongue Out

  • Smiley

  • joejoe

    I heard one of the examples being used here was CPAU (joeware.net). If it took longer than 5 minutes to accomplish it I would be surprised. I (the author) indicate on the web site that anyone with a debugger can get the info out of an encoded (not encrypted) JOB file. Also there are at least 3-4 articles on the web that have been out there >year that talk about doing it.


  • Great Sesion!

  • PaulaPaula

    joe! Cpau does one thing and does it well. It is why I used it as an example. The session was about password storing and reusing and not about cracking/hacking applications. I hope you do not take it personally! :)

  • adrianadrian

    lmao @ trever. yeah she's SMOKING HOTT!!!! and the fact that she knows IT...win-win!!!

  • joejoe

    Paula, I didn't take it personally. :) I just wanted to point out that this is well known to me and anyone who searches the internet. Unfortunately the API call being used only accepts clear text. One of the reasons I didn't bother worrying much about encrypting the JOB file (versus encoding) is that I knew how simple it was to break on the API call (or the various and sundry ways you can try to hide the call) and look at the parameters directly or even to just hook the API call and dump every use of it by anything. On the positive side, not many people have a clue on what to do in a debugger and that number seems to get smaller every year.

    I was a little disappointed that only one person raised their hand and said they used CPAU though, I received about 18 or so emails from folks sitting in the room while your presentation was going on letting me know that it was being "hacked" on the big screen. ;)

    Good presentation overall. :)

    Take care,


Remove this comment

Remove this thread


Comments closed

Comments have been closed since this content was published more than 30 days ago, but if you'd like to continue the conversation, please create a new thread in our Forums, or Contact Us and let us know.