I returned to the office on Tuesday and immediately got stuck into some work for a new client we’re in the process of taking on-board. They needed some modifications to their Firewall, and I’d already used murky methods to deduce the Administrator password which the previous feckless IT Support provider had not made available to us. In fact, the previous IT Support provider had left zero documentation whatsoever – they weren’t a fan of Karl Palachuk’s methodology then.
Once logged onto the server, we logged onto the Router with ease. I say with ease because from the server console, Internet Explorer had cached the username and password for Router access. We didn’t know the password, but we could still gain access to the Router to make our changes. It seems the previous IT Support provider was also not very security conscious – not a fan of Steve Lambs blog either then.
However, we were still faced with the fact we didn’t know the Router password to enable us to logon from any other machine bar the server with the cached credentials – and therefore faced with the fact we would need to factory reset the Router and all it’s working settings, just to enable us to change this password to something of our own choice.
Then a thought occurred. Internet Explorer has the password cached – surely there’s some way of decrypting that information so it’s readable?
There is – and it’s a freeware package called IEPassView
IEPassView is a small utility that reveals the passwords stored by Internet Explorer browser. It supports the new Internet Explorer 7.0, as well as older versions of Internet explorer, v4.0 – v6.0. There are also similar versions for Firefox– just in case you thought I was bashing Microsoft over Open Source alternatives.
Thirty seconds after downloading IEPassView, the Router password – and an incredible amount of other passwords (thanks for the logon to your Hotmail and Facebook account guys!) – were revealed to me, and I’d subsequently changed the Router password saving myself a heap of time.
Now I got a few e-mails bemoaning the fact that I was giving away “Trade Secrets” with my blog post on Magical Jellybean Keyfinder– but frankly, the above tale is a great example of two things – feckless documentation and an IT Professional (and I use that word sarcastically) believing that he/she were in control of the server in question.
Whilst convenient to use, Internet Explorer (or Firefox) Password Cache is not a secure place to store credentials as IEPassView proves. If you lost control of any of your clients servers, or even your own laptop or desktop, what information could someone else glean from it using freely available tools?