Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Full-disclosure] Google Talk cleartext credentials in process memor

from [Georgi Guninski] Network Security [Permanent Link]
Subject: Re: [Full-disclosure] Google Talk cleartext credentials in process memory
Date: Tue, 29 Nov 2005 21:41:46 +0200 
On Tue, Nov 29, 2005 at 01:11:47PM -0500, Nasko Oskov wrote:

 
If you want to protect the credentials in memory from dumps that go to
Microsoft, why not use CryptProtectMemory() instead of home-grown
obfuscation? This function encrypts the memory with a key that changes
over reboots, so even if you send a dump to MS, they wouldn't know how
to decrypt it.



old people remember the "nsakey micro$oft" fiasco.

-------------
http://en.wikipedia.org/wiki/NSAKEY
_NSAKEY is a variable name discovered in Windows NT 4 Service Pack 5 (which
had been released unstripped of its symbolic debugging data) in August 1999
by Andrew D. Fernandes of Cryptonym Corporation. That variable contained a
1024-bit public key.
....
The key is still present in all version of Windows, though it has been
renamed "_KEY2."
-------------

-- 
where do you want bill gates to go today?
 
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Fwd: [OTO-54919]: Re: [Full-disclosure] Paypal phishing attempt], Kyle Lutze
Next by Date:  Re: [Full-disclosure] Return of the Phrack High Council, Michael Simpson
Previous by Thread:  Re: [Full-disclosure] Google Talk cleartext credentials in process memory, Jaroslaw Sajko
Next by Thread:  Re: [Full-disclosure] Google Talk cleartext credentials in process memory, Kurt Grutzmacher
Indexes:  [Date] [Thread] [Top] [All Lists]