Jump to content

Digging for dirt on a old hard drive...


Recommended Posts

One of my buddies called me up and said a virus wiped his system clean and if I could recover his files. I got a hold of his drive, mounted it, and used EasyRecovery Pro to do the data recovery one it. I got gobs of files on it. 90% of his music collection, tons of word documents, and other misc files. I used a filter so I'd only get the file extentions of what I wanted.

Some stuff was currupted and unrecoverable as expected, but I got most of what I was looking for. Then it got me thinking... where are all those social security numbers and passwords everyone keeps talking about that is so easy to get once a hacker has your hard drive. I looked and looked but couldn't find anything.

Not that I care to have his social, but from all the security talk I keep hearing, I'd like to be able to find some dirt. If only to show my buddy and say hey look this is whats on your PC. This is what can be recovered if you don't zero-fill your drive. And as a demonstration to myself so I know how vunerable I really am.

If I can't find any dirt, if all the passwords are encrypted and gone like I imagain, and would only be recoverable if a user was dumb enough to have all the personal information saved on a text document... then I have to ask... is this just one of those Hacker Mythes? Just another over blown scare tactic? Assuming I just formated my system and reinstalled XP then sold the computer... what really, honestly, could a someone get from my drive -- aside from my college homework essays and porn collection?

Link to comment
Share on other sites

IE caches passwords. Don't know where it keeps it, but they're there.

The SocSec number stuff can most likely only be found in certain documents assuming they're there in the first place.

SS number stealing typically involves hacking the places where this stuff needs to be provided, or tricking people into giving the info up using some social engineering.

No Myth, just a lot of stupid and overly trusting people out there.

P.S.: Some friend you are...

Link to comment
Share on other sites

obviously if you have never entered your social security number, or gone to a website with it, or something like that, it's not going to be on your computer.

I'm going to guess that there could be stuff on your hard drive if some of the following happens.

You use internet banking or something like that, and your browser saves the data that you enter into the fields. This is all of that auto-complete stuff. You should never allow any of that. It doesn't get encrypted.

If as you said you write it down in a text file.

If you save emails with banking data. Which i'm extremely sure you wouldn't get because how fucking retarded would your bank have to be to send you an email with your details. That would be pretty dumb.

basically though, if you have used your computer for anything that requires any kind of web based authentication, there's a pretty good chance sensetive information is on your hard drive

Link to comment
Share on other sites

Well thats just it. The first thing that came to mind was, Oh I bet IE stores that stuff somewhere, but like you I didn't know where. And regardless of what you think of MS or windows, I doubt their that dumb to archive passwords in any kind of plain text file. So I googled around and found this:

When I visit a site that requires a user ID and password, sometimes Internet Explorer will ask if I want to save the information. Where does this data get stored?

The saved user ID/password pairs are stored in the Registry under a key whose default permission settings make it inaccessible to all users—even the user to whom the passwords belong. Only the system itself has direct permission to read and change Registry data under this key. Using RegEdit you could modify the permissions on that key and read its contents, but doing so still wouldn't reveal anything useful, as the data is thoroughly encrypted.

On the other hand, once you've logged on to your account in Windows, all of your saved passwords can be utilized by anybody who has physical access to the computer. The interloper can't learn what the password is, but can use it to log on automatically. If you allow Windows to save passwords for you, never leave your computer logged on when you're not sitting in front of it. Either choose Log Off from the Start menu or lock the computer—on many systems you can do this by pressing the Windows key plus L for Lock. As a backup, set the screen saver to kick in after just a few minutes of inactivity, and check the box for password protection.

Source: PC Magazine

Any other ideas? Yes I can get email documents, and those can have sensitive information. But as for credit card info and SS on banks, I'm thinking the data is not getting saved on your PC and stricktly being sent to the sever's hard drive (128-encypted of course).

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...