> ----------
From: xxxxx@osr.com[SMTP:xxxxx@osr.com]
Reply To: xxxxx@lists.osr.com
Sent: Thursday, April 18, 2002 6:31 PM
To: xxxxx@lists.osr.com
Subject: [ntdev] Re: I want to retrieve Username ,Password ,Domain
text from GINA system.“Art Baker” wrote in message news:xxxxx@ntdev…
> >
> > If, on the other hand, I can use my privileges to capture your actual
> > plaintext password, then I can log in AS YOU and get away with doing
> > anything I want. As far as the operating system is concerned, you did
> the
> > damage yourself.
> >
>
> This is an entirely specious argument. If your an admin, you can load a
> driver. If you can load a driver, that driver can run in the context of
> any
> user application. If the driver can run in the context of any user
> application, it can capture that user’s security credentials and
> impersonate
> the user at will.
>
This is right for local computer. Think about network. You can be local
administrator with no or restricted access to network resources. If somebody
with more network privileges logs to your computer locally (luser asks admin
to fix a problem) and you’re able to capture his plaintext password, you can
log to network later as he. You can also log-on to local computers where you
had no access before and made an evil work as he there.
Well, as local admin you can always install GINA replacement which looks
exactly as MS one and capture passwords. Writting GINA replacement it rather
hard task, especially for XP (thanks to fast user switching). Wrapper would
be probably much easier. This is kind of “security by obscurity” but I would
still prefer when it isn’t too easy.
Best regards,
Michal Vodicka
STMicroelectronics Design and Application s.r.o.
[michal.vodicka@st.com, http:://www.st.com]