[Pauldotcom] FW: Files containing credential stores sorted by operating system.

Nicholas B. nberthaume at gmail.com
Tue Jan 26 16:25:52 UTC 2010 

All great places to look.  I think this sounds like a great project to
work on following Shmoocon.  Its all about knowing where the
credentials are and if we know where they are we can work to protect,
white/black list and grab these for pen-testing and auditing.

On Tue, Jan 26, 2010 at 11:14 AM, Butturini, Russell
<Russell.Butturini at healthways.com> wrote:
> Upon further review, I realize that was 3 words :-)
>
> -----Original Message-----
> From: Butturini, Russell
> Sent: Tuesday, January 26, 2010 10:14 AM
> To: 'PaulDotCom Security Weekly Mailing List'
> Subject: RE: [Pauldotcom] Files containing credential stores sorted by operating system.
>
> One word: Gnutella P2P network
>
> Grab yourself a client (Gnutella Turbo is my favorite) and start searching for *.rdp, *.qbw, *.pst, etc. You'll have a whole bucket full of files to analyze :-)
>
>
> -----Original Message-----
> From: pauldotcom-bounces at mail.pauldotcom.com [mailto:pauldotcom-bounces at mail.pauldotcom.com] On Behalf Of Jim Halfpenny
> Sent: Tuesday, January 26, 2010 1:24 AM
> To: PaulDotCom Security Weekly Mailing List
> Subject: Re: [Pauldotcom] Files containing credential stores sorted by operating system.
>
> Sounds like a good topic for a wiki page, or even a whole site. There
> is the pauldotcom wiki, I'm sure the good peeps on the list could
> quickly fill in the blanks. I know I have some stuff I can contribute.
>
> Jim
>
> On 25/01/2010, Nicholas B. <nberthaume at gmail.com> wrote:
>> No, I'm not looking for rainbow tables.  I'm looking for files that
>> various programs and services use to store user credentials in, the
>> type of encoding or hashing that is used on them if any and the
>> operating system(s) that they might appear on.
>>
>> On Mon, Jan 25, 2010 at 4:49 PM, Karl Schuttler
>> <karl.schuttler at gmail.com> wrote:
>>> Rainbow tables?
>>>
>>> On Mon, Jan 25, 2010 at 4:23 PM, Nicholas B. <nberthaume at gmail.com> wrote:
>>>>
>>>> I'm looking for a site or sites that contain large and if possible
>>>> comprehensive lists of files contain username and/or password
>>>> credentials.  The credentials can be plain-text, encoded or hashed and
>>>> if they are encoded or hashed it would be nice to have the method(s)
>>>> that was employed to generate these.  I'm thinking of files beyond
>>>> just the normal /etc/shadow, /etc/master.passwd stuff .htaccess to
>>>> files for specific programs and userland files including svn-auth-file
>>>> and ~/.vnc/passwd types of content and even more exotic vendor
>>>> specific stuff to look for.  If anyone can point me to someplace with
>>>> a good list of these or would like to attach a list that you've
>>>> compiled I would appreciate it.
>>>> _______________________________________________
>>>> Pauldotcom mailing list
>>>> Pauldotcom at mail.pauldotcom.com
>>>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
>>>> Main Web Site: http://pauldotcom.com
>>>
>>>
>>> _______________________________________________
>>> Pauldotcom mailing list
>>> Pauldotcom at mail.pauldotcom.com
>>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
>>> Main Web Site: http://pauldotcom.com
>>>
>> _______________________________________________
>> Pauldotcom mailing list
>> Pauldotcom at mail.pauldotcom.com
>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
>> Main Web Site: http://pauldotcom.com
>>
>
> --
> Sent from my mobile device
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
>
>
> ******************************************************************************
> This email contains confidential and proprietary information and is not to be used or disclosed to anyone other than the named recipient of this email,
> and is to be used only for the intended purpose of this communication.
> ******************************************************************************
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
>

More information about the Pauldotcom mailing list