摘要: 为有效获取Windows 7操作系统自带IE 8.0浏览器的登录信息,从存储策略和加密机制2个方面,对IE登录信息的保护机制进行分析,研究保护机制的不足,根据用户对IE的安全设置,提出拦截历史记录的还原方法。在拦截用户访问网站地址的基础上,筛选出登录信息对应的网站地址,获取解密密钥,得到用户自动保存的登录信息。实验结果表明,该方法能够在用户进行安全设置后,有效获取用户自动保存的登录信息。
关键词:
Windows 7操作系统,
浏览器,
登录信息,
保护机制,
存储策略
Abstract: In order to get the browser IE8.0 login information of Windows 7 operating system, by analyzing two aspects of the login information storage policy and encryption mechanism, in the study of the shortcomings of the protective mechanism. For user’s security settings for IE, this paper proposes a reduction method to intercept the historical records. On the basis of the interception user access the Web site address, it filters out the Web site address to obtain the decryption key, and gets the login information which is automatically saved by users. Experimental results show that this method can effectively obtain the user’s login information which is established by user’s security settings
Key words:
Windows 7 operating system,
browser,
login information,
protection mechanism,
storage strategy
中图分类号:
张航, 吴灏, 许蓉. IE8.0登录信息保护机制的缺陷分析与利用[J]. 计算机工程, 2013, 39(1): 313-317.
ZHANG Hang, TUN Hao, HU Rong. Analysis and Utilization of Flaw for IE8.0 Login Information Protection Mechanism[J]. Computer Engineering, 2013, 39(1): 313-317.