Be careful what you send to the Recycle Bin!

As you know, it is common to use the Windows Recycle Bin to dispose of those files that we no longer use. However, we must pay special attention to what we send to trash, as the security of your data or that of your company may be at stake.


During a Pentest you might even consider including this way to try to extract sensitive information about the environment and assist the Security team to improve the approach and points of attention during the Information Security Awareness campaign for employees.


To extract files from a user's Trash it is necessary to find out which user's SID. To do this, just run the command below:


Enter the C:\ directory and run the command "dir /a" to show all hidden folders.


Access the $Recycle.Bin folder and type the command "dir /a" to view the folder corresponding to the user you want to access.


Access the folder and view the files that are stored in the Recycle Bin using the "dir" command.


I created a folder (tmp) to copy all files from the user's Trash, then copy the files that start with $R.


Access the folder to view the files.


With the information found in the Recycle Bin, a malicious user could gain access to your company's servers.


Network Administrators do not store passwords in text files, spreadsheets. (Use a Password Vault)!!!


16 views0 comments

Recent Posts

See All

LibreNMS

LibreNMS is an open source, powerful and feature-rich auto-discovering PHP based network monitoring system which uses the SNMP protocol. It supports a broad range of operating systems including Linux,

Vulmap – Web Vulnerability

Vulmap is a vulnerability scanning tool that can scan for vulnerabilities in Web containers, Web servers, Web middleware, and CMS and other Web programs, and has vulnerability exploitation functions.

Vigenere Cipher

Vigenere Cipher is a method of encrypting alphabetic text. It uses a simple form of polyalphabetic substitution. A polyalphabetic cipher is any cipher based on substitution, using multiple substitutio