Sorry że odkopuje..
A co w przypadku gdy ma się zdalny dostęp do regedit ofiary..?
Dostęp można uzyskać przez dziurę np. ms08_067 i skopiować regedit
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\RasMan\PPP\EAP\25]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\RasMan\PPP\EAP\26]
Jak wykopać z tego pass i login..?
Kod:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan\PPP\EAP\25]
"RolesSupported"=dword:0000001a
"FriendlyName"="Chroniony protokół EAP (PEAP)"
"Path"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,\
00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,72,00,\
61,00,73,00,74,00,6c,00,73,00,2e,00,64,00,6c,00,6c,00,00,00
"ConfigUiPath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
72,00,61,00,73,00,74,00,6c,00,73,00,2e,00,64,00,6c,00,6c,00,00,00
"IdentityPath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
72,00,61,00,73,00,74,00,6c,00,73,00,2e,00,64,00,6c,00,6c,00,00,00
"InteractiveUIPath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,\
00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,\
5c,00,72,00,61,00,73,00,74,00,6c,00,73,00,2e,00,64,00,6c,00,6c,00,00,00
"InvokeUsernameDialog"=dword:00000000
"InvokePasswordDialog"=dword:00000000
"MPPEEncryptionSupported"=dword:00000001
"ConfigCLSID"="{58AB2366-D597-11d1-B90E-00C04FC9B263}"
"StandaloneSupported"=dword:00000001
"NoRootRevocationCheck"=dword:00000001
Kod:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan\PPP\EAP\26]
"FriendlyName"="Bezpieczne hasło (EAP-MSCHAP v2)"
"Path"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,\
00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,72,00,\
61,00,73,00,63,00,68,00,61,00,70,00,2e,00,64,00,6c,00,6c,00,00,00
"ConfigUiPath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
72,00,61,00,73,00,63,00,68,00,61,00,70,00,2e,00,64,00,6c,00,6c,00,00,00
"IdentityPath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
72,00,61,00,73,00,63,00,68,00,61,00,70,00,2e,00,64,00,6c,00,6c,00,00,00
"InteractiveUIPath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,\
00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,\
5c,00,72,00,61,00,73,00,63,00,68,00,61,00,70,00,2e,00,64,00,6c,00,6c,00,00,\
00
"InvokeUsernameDialog"=dword:00000000
"InvokePasswordDialog"=dword:00000000
"MPPEEncryptionSupported"=dword:00000001
"ConfigCLSID"="{2af6bcaa-f526-4803-aeb8-5777ce386647}"
"StandaloneSupported"=dword:00000001
"RolesSupported"=dword:00000004