Banggood WW

Windows “HiveNightmare” bug could leak passwords – here’s what to do! – Naked Security


As if one Home windows Nightmare dogging all our printers weren’t sufficient…

…right here’s one other bug, disclosed by Microsoft on 2021-07-20, that might expose crucial secrets and techniques from the Home windows registry.

Denoted CVE-2021-36934, this one has variously been nicknamed HiveNightmare and SeriousSAM.

The moniker HiveNightmare comes from the truth that Home windows shops its registry knowledge in a small variety of proprietary database information, recognized in Microsoft jargon as hives or hive information.

These hive information embody a trio referred to as SAM, SECURITY and SYSTEM, which between them embody secret knowledge together with passwords and safety tokens that common customers aren’t supposed to have the ability to entry.

They’re stored in a particular, and supposedly safe, folder beneath the Home windows listing referred to as C:WindowsSystem32config, as you see right here:


C:WindowsSystem32config> dir
[. . .]
Listing of C:WindowsSystem32config
[. . .]
21/07/2021  12:57           524,288 BBI
25/06/2021  06:21            28,672 BCD-Template
21/07/2021  14:45        32,768,000 COMPONENTS
21/07/2021  12:57           786,432 DEFAULT
21/07/2021  12:32         4,194,304 DRIVERS
[. . .]
21/07/2021  12:57            65,536 SAM       <--some system secrets and techniques included
21/07/2021  12:57            32,768 SECURITY  <--some system secrets and techniques included
21/07/2021  12:57        87,556,096 SOFTWARE
21/07/2021  12:57        11,272,192 SYSTEM    <--some system secrets and techniques included
[. . .]

The moniker SeriousSAM comes from the filename SAM, which is brief for Safety Account Supervisor, a reputation that sounds as critical because the file’s content material’s are.

In case you have ever used password cracking or hacking instruments (or discovered proof of them in your community after detecting an lively assault), you’ll know that the SAM database is the place many cybercriminals begin digging to be able to attempt to pay money for administrator credentials to maneuver round your community.

Thankfully, it’s good to have Administrator entry already to be able to get on the SAM knowledge in reminiscence, and you may’t get on the SAM registry hive on disk whereas Home windows is operating even if you’re an Administrator, as a result of the SAM file proven above is locked for the unique use of the working system.

To this point, so good.