To both of us, this seemed like a rather odd, but intriguing, key that would be cool to explore a bit more at some point, Claudius said. In the process of going through one of our test cases on a Windows 8 machine on Saturday, we stumbled across a new key (UserPasswordHint) that we had not seen before in the SAM database, said vulnerability researcher Jonathan Claudius, who works for Trustwaves SpiderLabs research team, in a blog post.Ĭlaudiuss co-researcher is Ryan Reynolds, whos in charge of penetration testing services for public accounting and consulting firm Crowe Horwath. ![]() That finding was made by two security researchers whove been studying ways to increase the reliability of tools designed to extract Windows registry information. User-provided password retrieval hints in Windows 7 and 8 operating systems are vulnerable to being retrieved and decoded by attackers. ![]()
0 Comments
Leave a Reply. |