COMMAND

    Plaintext passwords exist in registry

SYSTEMS AFFECTED

    Win '95, NT

PROBLEM

    Most facinating  what you  find if  you look.   The registry  does
    store  some  passwords  in  plain  text.   The  importance  of the
    passwords you do  find depends on  your installation.   Credit for
    this goest  to Bill  Stout.   He found  'password' and  'username'
    entries  at  the  below  locations,  but  not  much  software  was
    installed on these  NT boxes.   Searching the NT  registry for his
    password string did  not did not  display anything, searching  the
    W95 registry  for my  specific password  string found  it in  many
    places:

    password locations:
    hkey_local_machine\system\controlset001\services\gophersvc\parameters
                          ...\controlset002\"
                          ...\curentcontrolset\"
                                                 ...\msftpsvc\parameters
                                                 ...\w3svc\parameters\
 
    username locations:
    \hkey+local_machine\software\microsoft\windowsnt\currentversion\winlogon\
                    ...\system\controlset001\services\bh\parameters
                          ...\controlset002\"
                          ...\curentcontrolset\"
                    ...\services\gophersvc\parameters\anonymouseusername
                                                  ...\logsqlusername
                             ...\msftpsvc\parameters\anonymoususername
                                                 ...\logsqlusername
                             ...\w3svc\parameters\anonymoususername
                                                 ...\logsqlusername

SOLUTION

    Nothing yet.