ESM (Enterprise Security Manager) writes a setup.iss file to the C:\TEMP
directory via InstallShield, see "listPassword-0=ClearTextPassword" shown
below:

[InstallShield Silent]
Version=v3.00.000
File=Response File
[Application]
Name=ESM
Version=5.0.1
Company=Axent
[DlgOrder]
Dlg0=WELCOMEDLG-0
Count=1
Dlg1=MainInstall-0
Dlg2=SdAskDestPath-0
Dlg3=SdSelectFolder-0
Dlg4=AskOptions-0
Dlg5=RegisterAgent-0
Dlg6=SdFinish-0
[WELCOMEDLG-0]
Result=1
[MainInstall-0]
nAgentOnly=+2002
nFullinstall=0
nRegister=0
Result=1
[SdAskDestPath-0]
szDir=c:\esm
Result=1
[SdSelectFolder-0]
szFolder=Axent
Result=1
[AskOptions-0]
Result=1
Sel-0=0
Sel-1=1
[RegisterAgent-0]
listManagerNames-type=string
listManagerNames-count=1
listManagerNames-0=some.node.com
listAgentAddrType-type=string
listAgentAddrType-count=1
listAgentAddrType-0=DEFAULT
listUserNames-type=string
listUserNames-count=1
listUserNames-0=ESM
listPassword-type=string
listPassword-count=1
listPassword-0=ClearTextPassword
listProtocol-type=string
listProtocol-count=1
listProtocol-0=TCP
listTcpPort-type=number
listTcpPort-count=1
listTcpPort-0=0001
listIpxPort-type=number
listIpxPort-count=1
listIpxPort-0=77777
Result=1
[SdFinish-0]
Result=1
bOpt1=0
bOpt2=0

        I've modified a few settings in the above text to not give away any
internal settings, but the "ClearTextPassword" was exactly that, no
decryption necessary. Found this file via MicroSofts recent disclosure of
same with SQL Server, just went to the root of the drive and did a search
for all 'setup.iss' files in all subdirectories. I actually found three.

MM - Mad Mark

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]