https://frrl.wordpress.com

A site of endless curiosity

The advantage of being wrong –

leave a comment »

How to recover acct/password combos to clear text
and other tricks of tom foolery

Today I told someone that one could not recover passwords that were stored by IE as those login / passwords combinations on login pages when you ask IE to remember the combination and prefill it next time.

I use systems that require a password change at regular intervals.  When using the IE or FireFox capability to remember these combinations I sometimes forget the name / password combo.  When resetting a password often you need to supply the old password on a new page.  Well, unless you can remember the password or you write it down somewhere you might be out of luck.

Does IE and Firefox store username & password combinations in a recoverable form to clear text?  Well, surprisingly, yes it does.  And there is a freeware utility to recover usernames and passwords by web login page to clear text

This seems to be a big security risk.  If you share a PC with other people (family members) you can use this to see user and password combinations that are stored.  It is typical for people to reuse passwords. So, once you have a list of usernames and passwrords in clear text for a few web pages one might try these on other sites – a sort of fishing expedition.  In any case, you know the drill.

By being wrong, and vaidating I was wrong, I stumbled upon a web site with a ton of useful freeware utiities.  See links below.

Honorable mention – The SmartSniff: TCP/IP Sniffer utility is great for finding out what network conversations your machine is having while you are not around.  Run this in capture mode, do nothing, and see what your machine is doing behind your back when you are not present.

Blog
http://www.nirsoft.net/blog/

Main page of freeware utilities
http://www.nirsoft.net/

This is the utility that can recover IE passwords

IE PassView – is a small utility that reveals the passwords stored by Internet Explorer browser. It supports the new Internet Explorer 7.0, as well as older versions of Internet explorer, v4.0 – v6.0

More password recovery tools are here:
http://www.nirsoft.net/password_recovery_tools.html

Utiities I tried and like

  • Network Password Recovery – Freeware utility that recovers the network passwords stored by Windows XP (Credentials file).
  • SniffPass – Password Sniffer – Listen to your network, and capture POP3, IMAP4, SMTP, FTP, and HTTP (basic authentication) passwords
  • Protected Storage PassView – Displays all passwords and AutoComplete strings stored in your Protected Storage.
  • SmartSniff: TCP/IP Sniffer – Capture TCP/IP packets on your network adapter and view the captured data as sequence of conversations between clients and servers.
  • IECookiesView: Cookies Viewer/Manager for IE – View/Delete/Modify the cookies that Internet Explorer stores on your computer.
  • ProduKey – Recover Office/Windows CD-Key
  • WirelessNetView – View the details of all wireless network in your area (SSID, Signal Quality, MAC Address, and more…)
  • CurrPorts: TCP/IP Connections Viewer – Freeware tool that displays the list of all currently opened TCP and UDP ports on your local computer.
  • Clipboardic is a small utility that listen to the clipboard activity, and each time that you copy something into the clipboard, it automatically save the copied data into Windows clipboard file
  • USBDeview is a small utility that lists all USB devices that currently connected to your computer, as well as all USB devices that you previously used.
  • WhatInStartup – This utility displays the list of all applications that are loaded automatically when Windows starts up

frrl.wordpress.com does not recommend, support, or condone the use of any of the above.  You are fully responsible for your own judgement and behavior.

Advertisements

Written by frrl

October 15, 2009 at 1:36 am

Posted in Uncategorized

Tagged with

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: