| Author |
Security hole in outlook express
|
|
| fizz85 2001-09-09, 6:17 pm |
| Large security hole in Outlook Express
While playing around on my computer today I thought to myself "M$ tracks everything let me see if I can find something to do with the my outlook" I know they will save it as a text file or something that can be converted easily to a text file.
So...
I went to were my profile is stored in the root directory
(I am bieng vague because if you do not know where the profile is stored you do not need to read everybodies email)
When I get there is open the files (there are 7) you know how or you don't need to read'em
AND BAM
All the emailes I have ever sent, recieved or deleted on my computer stored in in the open. Full text format. No propmt for password or any thing (of course it is M$).
I am using win98Se have all the updated security patches and whatnot. I have only used outlook express for about two weeks so you guys will have to check and see how far back you can go but even if it is 2 weeks that is too much.
I did not try this on regular outlook because I do not use it at home. I will try at work on monday.
P.S
I tried removing those files but they just keep coming back. Although I did get the welcome to Outlook 5.0 message again my setting were preserved. I do not know how this issue related to cookies when I get a chance I will play some more and see.
Just wanted to keep you informed and secure.
If you already resolved this issue please let me know how you did it.
I do not know if this is a know issue on the M$ site so just take it for what it is worth good info.
Thanks
Anthony | |
| dagger 2001-09-09, 7:21 pm |
| Thanks fizz85
But....if anyone knows what he is talking
about and would like to explain it in
not so vague terms
it would be much appreciated  | |
| stefanw 2001-09-13, 4:44 am |
| Ok, the location of mails stored in Outlook Express is C:\WINDOWS\Application Data\Identities followed by a weird folder named something like {E31D7840-75FE-11D5-B730-990BDBA96F42} In this Idenity folder, u can find all emails and folders etc for Outlook express.
Outlook 2000 is the smae, but in a different location and bit trickier to get into without importing.
Hope this is bit clearer | |
| dagger 2001-09-13, 6:17 am |
| Thanks
Wow, I couldn't believe
how big some of those files were
like the SentItems.dbx and the DeletedItems.dbx.
I deleted all the messages out of both of these folders. Then I check these files back in the directory and they were still registering 35 megs+ each.......aghh
So I deleted both of those files
and restarted Outlook Express.
Now they read in the Kb
I just saved 60-70 megs on my HD. | |
| stefanw 2001-09-13, 10:32 am |
| Glad i could help clear some of that up! | |
|
|
| exar07 2001-09-13, 4:46 pm |
| I dont think that I would use this but it may come in handy for recovering some deleted mail. | |
| fizz85 2001-09-13, 11:17 pm |
| Sorry for not bieng clear in the beginning I just wanted to avoid misuse of this trick.
Little did I know it was common kowledge.
That site rulz I found it after I posted this tidbit. It was brought to my attention by a member named USNRETIRED.
Anthony | |
| stefanw 2001-09-14, 7:01 am |
| Just checked out that site, not all of it is correct (particulary the locations of the stored files) but the majority of the site and the general jist of the ideas there are correct and can easily be re-created on your home machine.
Worrying  | |
| dagger 2001-09-15, 8:17 am |
| quote:
Originally posted by mir92
here's a site that I found about on this board.
If your using IE then Mr. Bill has been keeping hidden copies of web surfing.
sorry for the name
http://www.fXXXmicrosoft.com/conten...den-files.shtml
webmaster has filter on, is this site any good?
I can't figure out this URL
since webmaster has filer on.
Can someone email me the correct URL....
thanks
dagger@computernotes.net | |
|
|
|
| OK, OK I figured it out!!! | |
| dagger 2001-09-16, 6:57 am |
| quote:
Originally posted by juand
OK, OK I figured it out!!!
.......and how did you figure it out?
I still can't access this URL.
I've tried taking out the "fxx" stuff
but no luck . | |
| juand 2001-09-16, 10:30 am |
| Dagger, I've sent you an e-mail. Let me know if you got it and if it worked OK. | |
| dagger 2001-09-16, 1:27 pm |
| quote:
Originally posted by juand
Dagger, I've sent you an e-mail. Let me know if you got it and if it worked OK.
Ohhhhh now I see why it's filtered..
Thanks juan
Dagger | |
| lburns 2001-09-16, 5:05 pm |
| just how do you go about reading the text file, cause when accessed this particular folders, most is scrambled someway. Is it a particular "something" I can use to read the file. Any help will be appreciated.
 | |
|
| I give member named USNRETIRED, for that link.
I need to relearn HTML to get past the filter.
I don't like fowl langauge, it's low class. | |
| stefanw 2001-09-17, 3:31 am |
| www.fcukmicrosoft.com
just swap the c and u around. I have also emailed this to you. |
|
|
|