Forwarded from: Charlie Pullaro <CPullaroat_private> use spider http://www.fsm.nl/ward/ to get rid of those sh1ts "When one of the above mentioned programs is installed, there will be several hidden files in several directories, these files are called index.dat in IE4. The directory-names depend on the language version of the program. In the English version they are: <WindowsDirectory>\Cookies, <WindowsDirectory>\History, <WindowsDirectory>\Temporary Internet Files and underlying directories; if userprofiles are installed, then the following directories are also used: <WindowsDirectory>\Profiles\<Username>\Cookies, <WindowsDirectory>\Profiles\<Username>\History and <WindowsDirectory>\Profiles\<Username>\Temporary Internet Files." take care, your humble student, MrCH4R1i3 -----Original Message----- From: InfoSec News [mailto:isnat_private] Sent: Friday, October 26, 2001 2:55 AM To: isnat_private Subject: [ISN] Microsoft's Really Hidden Files: A New Look At Forensics. (v2.5b) http://www.astalavista.com/library/os/win95-98/mshidden.txt By The Riddler October 14, 2001 (v2.0 finished May 16, 2001; v1.0 finished June 11, 2000) Written with Windows 9x in mind, but not limited to. DISCLAIMER: I will not be liable for any damage or lost information, whether due to reader's error, or any other reason. SUMMARY: There are folders on your computer that Microsoft has tried hard to keep secret. Within these folders you will find two major things: Microsoft Internet Explorer has been logging all of the sites you have ever visited -- even after you've cleared your history, and Microsoft's Outlook Express has been logging all of your e-mail correspondence -- even after you've erased them from your Deleted Items bin. (This also includes all incoming and outgoing file attachments.) And believe me, that's not even the half of it. When I say these files are hidden well, I really mean it. If you don't have any knowledge of DOS then don't plan on finding these files on your own. I say this because these files/folders won't be displayed in Windows Explorer at all -- only DOS. (Even after you have enabled Windows Explorer to "view all files.") And to top it off, the only way to find them in DOS is if you knew the exact location of them. Basically, what I'm saying is if you didn't know the files existed then the chances of you running across them is slim to slimmer. It's interesting to note that Microsoft does not explain this behavior adequately at all. Just try searching on microsoft.com. [...] - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Oct 30 2001 - 08:22:35 PST