• Welcome to Tux Reports: Where Penguins Fly. We hope you find the topics varied, interesting, and worthy of your time. Please become a member and join in the discussions.

Hacking keystrokes left behind by IE

L

Lesman

Flightless Bird
I have a tech who said he got a password used on a mesh (wireless) network
browser interface. To access the mesh admin page you must use a web
interface. This is the techs answer on how he did it...

*******************************************************8
Our tech needed the pw to install the replacement antenna/switch (last week)
at the building. My tech, Mike said retrieving the pw from the DVR hard
drive isn’t a flaw in XP. He said he would not be able to ‘hack’ this
remotely. But this could be done with any operating system if you have
physical control of the PC (DVR). Since he had administrator access
directly at the DVR, he was able to look at hard drive sectors where data
resides even if ‘erased’. Unless a hard drive is wiped clean with a special
program, all PCs retain some of the old data.

This is where XP (and other operating systems) keeps ‘unlabelled’ deposits
of files, and even data such as ‘browser’ keystroke text/ ascii strings.
Since this was a fairly new DVR, very few keystrokes were present. He looked
for ‘return’, ‘enter’, ‘accept, other terminology / coding which is usually
associated with entering passwords. Took him about 2 hours to find the
information.
****************************************************

Ok, is this a true statement? Does IE leave keystrokes, passwords and such
behind on the hard drive where someone can get to the data and recover
entries into web based pages.. If so, it this not a major problem? He did get
the password correctly and this is how he said he did it. Has anyone heard of
this?
 
Top