Secure Storage of Secrets in Windows Aleph One (aleph1@UNDERGROUND.ORG) Mon, 17 May 1999 14:57:31 -0700 Not long ago we discussed why you still see messages that describe yet another application that stores passwords in an insecure manner, in particular under Windows. The bottom line was that there are two common cases. The first one is where an application needs to authenticate a user again the password. In many of these cases the plaintext password can be replaced by a one way hash with little or no loss of functionality. The second case is that where an application requires the password to authenticate itself against a service on behalf of the user but without prompting them for the password after the first time. Several people mentioned that an application or agent could be created that can store securely these secrets for many applications. The user would then only need to authenticate itself once again this application or agent to allow any other applications running under its id to request their secrets. Although this system does not stop rouge applications (e.g. trojans, BackOrifice) from stealing the secrets, it does stop a whole range of vulnerabilities from doing so (e.g. javascript file stealing vulnerabilities, world-readable shares, etc). The Win32 API provides such service. Although in the past it was found that its encryption was rather weak Microsoft claims to have fixed it, no one else has claimed otherwise, and its better than nothing. (References: http://www.netsys.com/firewalls/firewalls-9512/0442.html http://www.geek-girl.com/bugtraq/1995_4/0138.html ). So here is a reminder to Windows application programs that you can use WNetCachePassword and WNetGetCachedPassword, which in some documentation MS calls the Master Password API. -- Aleph One / aleph1@underground.org http://underground.org/ KeyID 1024/948FD6B5 Fingerprint EE C9 E8 AA CB AF 09 61 8C 39 EA 47 A8 6A B8 01 -------------------------------------------------------------------------- Date: Tue, 18 May 1999 12:35:28 +0000 From: Nick FitzGerald To: BUGTRAQ@netspace.org Subject: Re: Secure Storage of Secrets in Windows > The Win32 API provides such service. Although in the past it was > found that its encryption was rather weak Microsoft claims to have > fixed it, no one else has claimed otherwise, and its better than > nothing. (References: > http://www.netsys.com/firewalls/firewalls-9512/0442.html > http://www.geek-girl.com/bugtraq/1995_4/0138.html ). > > So here is a reminder to Windows application programs that you can > use WNetCachePassword and WNetGetCachedPassword, which in some > documentation MS calls the Master Password API. Indeed. And for admins who wish to prevent user machines from caching passwords the following Win9x REG file may be useful: REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Network] "DisablePwdCaching"=dword:00000001 Apply that to a client machine then nuke all PWL files in the Windows dir and you need not worry whether future vulnerabilities might open you to exposure from cached passwords. I imagine there is something similar for NT. Anyone know the details? Regards, Nick FitzGerald -------------------------------------------------------------------------- Date: Wed, 19 May 1999 09:42:51 +0300 From: Olaf Titz To: BUGTRAQ@netspace.org Subject: Re: Secure Storage of Secrets in Windows > The Win32 API provides such service. Although in the past it was found > that its encryption was rather weak Microsoft claims to have fixed it, > no one else has claimed otherwise, and its better than nothing. Since this allows the encryption of user data and Microsoft ist U.S. based , the algorithm _must_ be weak. Otherwise they could have used just RC4 with the password as key instead of RC4 with a 32 bit(!) hash of the password. This is not Microsoft stupidity but U.S. government stupidity. With today's CPU power 32 bit of key is not better than nothing. I could brute force that in one week with my single PC. Olaf -------------------------------------------------------------------------- Date: Wed, 19 May 1999 23:21:57 +0200 From: Eivind Eklund To: BUGTRAQ@netspace.org Subject: Re: Secure Storage of Secrets in Windows On Wed, May 19, 1999 at 09:42:51AM +0300, Olaf Titz wrote: > > The Win32 API provides such service. Although in the past it was found > > that its encryption was rather weak Microsoft claims to have fixed it, > > no one else has claimed otherwise, and its better than nothing. > > Since this allows the encryption of user data and Microsoft ist U.S. > based , the algorithm _must_ be weak. Otherwise they could have used > just RC4 with the password as key instead of RC4 with a 32 bit(!) > hash of the password. This is not Microsoft stupidity but U.S. > government stupidity. > > With today's CPU power 32 bit of key is not better than nothing. > I could brute force that in one week with my single PC. I'll just note that back when PWL breaking was fairly new, Frank Stevenson (mostly) with a tiny bit of help from yours truly optimized a breaker for this to run in just under 24 hours on a Pentium 90 (or perhaps it was a Pentium 66 - I no longer remember). The next day Frank found the vulnerabilities that let us crack the passwords in no time at all, due to incorrect initialization of RC4, but we had it under 24 hours before that :-) Eivind. --------------------------------------------------------------------------- Date: Thu, 20 May 1999 19:14:49 +0200 From: Bronek Kozicki To: BUGTRAQ@netspace.org Subject: Re: Secure Storage of Secrets in Windows -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 To disable password caching in Windows NT one should set following registry value to 0. By default it's not set, and assumed to be 10 . Hive: HKEY_LOCAL_MACHINE Key: Software\Microsoft\Windows NT\CurrentVersion\Winlogon Name: CachedLogonsCount Type: REG_DWORD Value: 0 to 50 Information about this registry value can be found in KB, article Q172931. Bronek Kozicki - -------------------------------------------------- ICQ UID: 25404796 PGP KeyID: 0x4A30FA9A 07EE 10E6 978C 6B33 5208 094E BD61 9067 4A30 FA9A - -----Original Message----- >From: Bugtraq List [mailto:BUGTRAQ@NETSPACE.ORG]On Behalf Of Nick FitzGerald Sent: Tuesday, May 18, 1999 2:35 PM To: BUGTRAQ@NETSPACE.ORG Subject: Re: Secure Storage of Secrets in Windows > The Win32 API provides such service. Although in the past it was > found that its encryption was rather weak Microsoft claims to have > fixed it, no one else has claimed otherwise, and its better than > nothing. (References: > http://www.netsys.com/firewalls/firewalls-9512/0442.html > http://www.geek-girl.com/bugtraq/1995_4/0138.html ). > > So here is a reminder to Windows application programs that you can > use WNetCachePassword and WNetGetCachedPassword, which in some > documentation MS calls the Master Password API. Indeed. And for admins who wish to prevent user machines from caching passwords the following Win9x REG file may be useful: REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ Network] "DisablePwdCaching"=dword:00000001 Apply that to a client machine then nuke all PWL files in the Windows dir and you need not worry whether future vulnerabilities might open you to exposure from cached passwords. I imagine there is something similar for NT. Anyone know the details? Regards, Nick FitzGerald -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.0.2i iQA/AwUBN0Q0Xr1hkGdKMPqaEQIu7QCgnGIIkG6/sqbfpNz1X7VwrXDjKh8AoIYe gwtMemc7l4H8HM6L6hh/IXMk =Q7gq -----END PGP SIGNATURE-----