OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: [PEN-TEST] Autocomplete Function
From: Davidson,Sam (SDAVIDSONCERNER.COM)
Date: Mon Nov 13 2000 - 15:27:57 CST


Has anyone tried taking a sysdiff snapshot, then visiting some sites and
taking a diff shot to find the modified files?
This would be verrrry valuable info when compromised.

-----Original Message-----
From: Masse, Robert [mailto:rmasseRICHTERSECURITY.COM]
Sent: Monday, November 13, 2000 13:24
To: PEN-TESTSECURITYFOCUS.COM
Subject: [PEN-TEST] Autocomplete Function

Hi

Does anyone know where Internet Explorer stores the data from the
'autocomplete' function? You know, the one everyone uses when they do their
on-line banking :)

Possible Scenario:

Lots of people have file sharing on their workstation at home and a nice
broadband connection. Can someone pull a file with the list of
usernames/passwords/sites
if someone was using autocomplete?

I poked around and didn't find anything (internet options, content allows
you to clear the info but doesn't tell you where it's stored).

Thanks

Rob

Robert Masse, CISSP
Chief Technical Officer

Richter Security Inc.
2 Place Alexis Nihon, suite 905
Montreal, Quebec, Canada
+514 934 3566 Direct
+514 934 3406 Fax