a question about Certificate stores zones
Certificate stores :logical storage or physical stores,which files or module incluidng physical stores? http://technet.microsoft.com/en-us/library/cc757138(WS.10).aspxI open certmgr.msc by notepad.exe: like {53D6AB1D-2488-11D1-A28C-00C04FB94F17} etc is the Certificate of Certificate stores ?<?xml version="1.0"?><MMC_ConsoleFile ConsoleVersion="2.0" ProgramMode="UserSDI"><ConsoleFileID>{26A50080-9AE1-4816-B5F8-C1CD326D4AC5}</ConsoleFileID><FrameState ShowStatusBar="true" LogicalReadOnly="true"><WindowPlacement ShowCommand="SW_SHOWNORMAL"><Point Name="MinPosition" X="-1" Y="-1"/><Point Name="MaxPosition" X="-1" Y="-1"/><Rectangle Name="NormalPosition" Top="1" Bottom="452" Left="0" Right="640"/></WindowPlacement></FrameState><Views><View ID="2" ScopePaneWidth="200"><BookMark Name="RootNode" NodeID="2"/><BookMark Name="SelectedNode" NodeID="2"/><WindowPlacement WPF_RESTORETOMAXIMIZED="true" ShowCommand="SW_SHOWMAXIMIZED"><Point Name="MinPosition" X="-1" Y="-1"/><Point Name="MaxPosition" X="-4" Y="-23"/><Rectangle Name="NormalPosition" Top="2" Bottom="376" Left="1" Right="653"/></WindowPlacement><ViewOptions ViewMode="Report" LVS_SINGLESEL="true" LVS_SHOWSELALWAYS="true" LVS_SHAREIMAGELISTS="true" LVS_EDITLABELS="true" ListStyle="1" ScopePaneVisible="true" DescriptionBarVisible="false" DefaultColumn0Width="200" DefaultColumn1Width="0"/></View></Views><VisualAttributes><String Name="ApplicationTitle" ID="3"/><Icon Index="0" File="%windir%\system32\certmgr.dll"><Image Name="Large" BinaryRefIndex="0"/><Image Name="Small" BinaryRefIndex="1"/></Icon></VisualAttributes><Favorites><Favorite TYPE="Group"><String Name="Name" ID="4"/><Favorites/></Favorite></Favorites><ScopeTree><SnapinCache><Snapin CLSID="{53D6AB1D-2488-11D1-A28C-00C04FB94F17}" AllExtensionsEnabled="true"/><Snapin CLSID="{C96401CC-0E17-11D3-885B-00C04F72C717}" AllExtensionsEnabled="true"/></SnapinCache><Nodes><Node ID="1" ImageIdx="0" CLSID="{C96401CC-0E17-11D3-885B-00C04F72C717}" Preload="false"><Nodes><Node ID="2" ImageIdx="0" CLSID="{53D6AB1D-2488-11D1-A28C-00C04FB94F17}" Preload="false"><Nodes/><String Name="Name" ID="5"/><Bitmaps><BinaryData Name="Small" BinaryRefIndex="2"/><BinaryData Name="Large" BinaryRefIndex="3"/></Bitmaps><ComponentDatas><ComponentData><GUID Name="Snapin">{53D6AB1D-2488-11D1-A28C-00C04FB94F17}</GUID><Stream BinaryRefIndex="4"/></ComponentData></ComponentDatas><Components><Component ViewID="2"><GUID Name="Snapin">{53D6AB1D-2488-11D1-A28C-00C04FB94F17}</GUID><Stream BinaryRefIndex="5"/></Component></Components></Node></Nodes><String Name="Name" ID="1"/><Bitmaps><BinaryData Name="Small" BinaryRefIndex="6"/><BinaryData Name="Large" BinaryRefIndex="7"/></Bitmaps><ComponentDatas><ComponentData><GUID Name="Snapin">{C96401CC-0E17-11D3-885B-00C04F72C717}</GUID><Stream BinaryRefIndex="8"/></ComponentData></ComponentDatas><Components/></Node></Nodes></ScopeTree><ConsoleTaskpads/><ViewSettingsCache><TargetView ViewID="2" NodeTypeGUID="{53D6AB16-2488-11D1-A28C-00C04FB94F17}"/><ViewSettings Flag_TaskPadID="true" Age="1"><GUID>{00000000-0000-0000-0000-000000000000}</GUID></ViewSettings></ViewSettingsCache><ColumnSettingsCache/><StringTables><IdentifierPool AbsoluteMin="1" AbsoluteMax="65535" NextAvailable="6"/><StringTable><GUID>{71E5B33E-1064-11D2-808F-0000F875A9CE}</GUID><Strings><String ID="1" Refs="2"></String><String ID="3" Refs="1"></String><String ID="4" Refs="1"></String><String ID="5" Refs="1"> - </String></Strings></StringTable></StringTables><BinaryStorage><Binary Name="CONSOLE_FILE_ICON_LARGE">SUwBAQEAAgAEACAAIAD/////EQD//////////0JNNgAAAAAAAAA
November 4th, 2009 10:38am

Hi There, What are you trying to achieve ? i mean do you want any specific data ?Keepign the fact the you understand what is logical and physical store in certificates, you have an option to view them 1. Open Certificates. 2. In the console tree, click Certificates - Certificate Holder, where Certificate Holder is a Certificates instance (user, computer or service). 3. On the View menu, click Options. 4. Under Organize view mode by, click Certificate purpose.
Free Windows Admin Tool Kit Click here and download it now
November 4th, 2009 10:46am

thank you!you are very friendly! I want knowthe location all the Certificates in computer,not how to use it (I will study it in the future ) in C:\Documents and Settings :USER,ALL USERS,ADMINISTRATOR,DEFAULT USERthere are some files or Directory :CredentialsSystemCertificatesCryptnetUrlCache\MetaData CryptoCryptnetUrlCache\Content but no Certificates (cmd/certmgr.msc,in my computer there are 14 kinds of Certificates)C:\Documents and Settings\user\Application Data\Microsoft>dir /s /q /as C D875-3440 C:\Documents and Settings\user\Application Data\Microsoft 2009-11-04 12:21 <DIR> lilianjie\user .2009-11-04 12:21 <DIR> lilianjie\user ..2009-05-21 09:02 <DIR> lilianjie\user Credentials2009-11-04 11:59 <DIR> lilianjie\user CryptnetUrlCache2009-05-21 09:03 <DIR> lilianjie\user Crypto2009-05-21 09:03 <DIR> lilianjie\user Protect2008-08-11 13:29 <DIR> lilianjie\user SystemCertificates 0 0 C:\Documents and Settings\user\Application Data\Microsoft\Credentials 2009-05-21 09:02 <DIR> lilianjie\user .2009-05-21 09:02 <DIR> lilianjie\user ..2009-05-21 09:02 <DIR> lilianjie\user S-1-5-21-1343024091-1682526488-839522115-1003 0 0 C:\Documents and Settings\user\Application Data\Microsoft\Credentials\S-1-5-21-1343024091-1682526488-839522115-1003 2009-05-21 09:02 <DIR> lilianjie\user .2009-05-21 09:02 <DIR> lilianjie\user .. 0 0 =================================== C:\Documents and Settings\user\Application Data\Microsoft\Protect\S-1-5-21-1343024091-1682526488-839522115-1003 2009-09-04 08:38 388 lilianjie\user a82c3ef6-aec5-4306-9ad7-82916a3861f22009-05-21 09:03 388 lilianjie\user f47bfb48-6f54-4410-8fea-d832c88242712009-09-04 08:38 24 lilianjie\user Preferred 3 800 C:\Documents and Settings\user\Application Data\Microsoft\CryptnetUrlCache 2009-11-04 11:59 <DIR> lilianjie\user .2009-11-04 11:59 <DIR> lilianjie\user ..2009-11-04 12:21 <DIR> lilianjie\user Content2009-11-04 12:21 <DIR> lilianjie\user MetaData 0 0 C:\Documents and Settings\user\Application Data\Microsoft\CryptnetUrlCache\Content 2009-11-04 12:21 <DIR> lilianjie\user .2009-11-04 12:21 <DIR> lilianjie\user ..2009-11-04 11:59 898 lilianjie\user 60E31627FDA0A46932B0E5948949F2A52009-11-04 12:21 558 lilianjie\user A44F4E7CB3133FF765C39A53AD8FCFDD2009-11-04 11:59 95,214 lilianjie\user A8FABA189DB7D25FBA7CAC806625FD30 3 96,670 C:\Documents and Settings\user\Application Data\Microsoft\CryptnetUrlCache\MetaData 2009-11-04 12:21 <DIR> lilianjie\user .2009-11-04 12:21 <DIR> lilianjie\user ..2009-11-04 11:59 94 lilianjie\user 60E31627FDA0A46932B0E5948949F2A52009-11-04 12:21 146 lilianjie\user A44F4E7CB3133FF765C39A53AD8FCFDD2009-11-04 11:59 124 lilianjie\user A8FABA189DB7D25FBA7CAC806625FD30 3 364 C:\Documents and Settings\user\Application Data\Microsoft\Crypto 2009-05-21 09:03 <DIR> lilianjie\user .2009-05-21 09:03 <DIR> lilianjie\user ..2009-05-21 09:03 <DIR> lilianjie\user RSA 0 0 C:\Documents and Settings\user\Application Data\Microsoft\Crypto\RSA 2009-05-21 09:03 <DIR> lilianjie\user .2009-05-21 09:03 <DIR> lilianjie\user ..2009-05-21 09:03 <DIR> lilianjie\user S-1-5-21-1343024091-1682526488-839522115-1003 0 0 C:\Documents and Settings\user\Application Data\Microsoft\Crypto\RSA\S-1-5-21-1343024091-1682526488-839522115-1003 2009-05-21 09:03 <DIR> lilianjie\user .2009-05-21 09:03 <DIR> lilianjie\user ..2009-06-01 08:22 61 lilianjie\user d1adb89f57202f6f2b1b0c17c20f91ff_7af661bb-c176-4e00-9bfa-39a407ce92292009-05-21 09:03 45 lilianjie\user f58155b4b1d5a524ca0261c3ee99fb50_7af661bb-c176-4e00-9bfa-39a407ce9229 2 106 C:\Documents and Settings\user\Application Data\Microsoft\Protect 2009-05-21 09:03 <DIR> lilianjie\user .2009-05-21 09:03 <DIR> lilianjie\user ..2009-05-21 09:03 24 lilianjie\user CREDHIST2009-09-04 08:38 <DIR> lilianjie\user S-1-5-21-1343024091-1682526488-839522115-1003 1 24 C:\Documents and Settings\user\Application Data\Microsoft\Protect\S-1-5-21-1343024091-1682526488-839522115-1003 2009-09-04 08:38 <DIR> lilianjie\user .2009-09-04 08:38 <DIR> lilianjie\user ..2009-09-04 08:38 388 lilianjie\user a82c3ef6-aec5-4306-9ad7-82916a3861f22009-05-21 09:03 388 lilianjie\user f47bfb48-6f54-4410-8fea-d832c88242712009-09-04 08:38 24 lilianjie\user Preferred 3 800 C:\Documents and Settings\user\Application Data\Microsoft\SystemCertificates 2008-08-11 13:29 <DIR> lilianjie\user .2008-08-11 13:29 <DIR> lilianjie\user ..2008-08-11 13:29 <DIR> lilianjie\user My 0 0 C:\Documents and Settings\user\Application Data\Microsoft\SystemCertificates\My 2008-08-11 13:29 <DIR> lilianjie\user .2008-08-11 13:29 <DIR> lilianjie\user ..2008-08-11 13:29 <DIR> lilianjie\user Certificates2008-08-11 13:29 <DIR> lilianjie\user CRLs2008-08-11 13:29 <DIR> lilianjie\user CTLs 0 0 C:\Documents and Settings\user\Application Data\Microsoft\SystemCertificates\My\Certificates 2008-08-11 13:29 <DIR> lilianjie\user .2008-08-11 13:29 <DIR> lilianjie\user .. 0 0 C:\Documents and Settings\user\Application Data\Microsoft\SystemCertificates\My\CRLs 2008-08-11 13:29 <DIR> lilianjie\user .2008-08-11 13:29 <DIR> lilianjie\user .. 0 0 C:\Documents and Settings\user\Application Data\Microsoft\SystemCertificates\My\CTLs 2008-08-11 13:29 <DIR> lilianjie\user .2008-08-11 13:29 <DIR> lilianjie\user .. 0 0 : 14 100,714 47 35,754,516,480 C:\Documents and Settings\user\Application Data\Microsoft> ==================== C:\Documents and Settings\Default User\Application Data\Identities\{F92DA2FA-4964-4A7C-9FC0-0F49BA1EBA9B} ======================= C:\Documents and Settings\All Users\Application Data\Microsoft>dir /s /q /as C D875-3440 C:\Documents and Settings\All Users\Application Data\Microsoft 2008-08-23 16:09 <DIR> BUILTIN\Administrators .2008-08-23 16:09 <DIR> BUILTIN\Administrators ..2008-08-11 13:29 <DIR> BUILTIN\Administrators Crypto 0 0 C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto 2008-08-11 13:29 <DIR> BUILTIN\Administrators .2008-08-11 13:29 <DIR> BUILTIN\Administrators ..2008-08-11 13:29 <DIR> BUILTIN\Administrators DSS2008-08-11 13:29 <DIR> BUILTIN\Administrators RSA 0 0 #################DSS Digital Signature Standard National Institute of Standard and Technology NIST Digital Signature Algorithm DSA ############### SIDS-1-5-18Local System ############C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\DSS 2008-08-11 13:29 <DIR> BUILTIN\Administrators .2008-08-11 13:29 <DIR> BUILTIN\Administrators ..2008-08-11 13:29 <DIR> BUILTIN\Administrators MachineKeys 0 0 C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\DSS\MachineKeys 2008-08-11 13:29 <DIR> BUILTIN\Administrators .2008-08-11 13:29 <DIR> BUILTIN\Administrators .. 0 0 C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA 2008-08-11 13:29 <DIR> BUILTIN\Administrators .2008-08-11 13:29 <DIR> BUILTIN\Administrators ..2008-08-11 13:29 <DIR> BUILTIN\Administrators MachineKeys2008-08-11 13:38 <DIR> BUILTIN\Administrators S-1-5-18 0 0 C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys 2008-08-11 13:29 <DIR> BUILTIN\Administrators .2008-08-11 13:29 <DIR> BUILTIN\Administrators .. 0 0 C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\S-1-5-18 2008-08-11 13:38 <DIR> BUILTIN\Administrators .2008-08-11 13:38 <DIR> BUILTIN\Administrators ..2008-08-25 16:19 1,255 BUILTIN\Administrators afe9e16b3837b74fd9d31d5189f8f991_7af661bb-c176-4e00-9bfa-39a407ce92292008-08-11 13:38 875 BUILTIN\Administrators d42cc0c3858a58db2db37658219e6400_7af661bb-c176-4e00-9bfa-39a407ce9229 2 2,130
November 4th, 2009 11:28am

I have found in process explorer tools:so many dlls.....which is important.......Process: mmc.exe Pid: 1996 NameDescriptionCompany NameVersionxpsp2res.dllService Pack 2 MessagesMicrosoft Corporation5.1.2600.5512WS2HELP.dllWindows Socket 2.0 Helper for Windows NTMicrosoft Corporation5.1.2600.5512WS2_32.dllWindows Socket 2.0 32-Bit DLLMicrosoft Corporation5.1.2600.5512WLDAP32.dllWin32 LDAP API DLLMicrosoft Corporation5.1.2600.5512WINTRUST.dllMicrosoft Trust Verification APIsMicrosoft Corporation5.131.2600.5512WINMM.dllMCI API DLLMicrosoft Corporation5.1.2600.5512WININET.dllInternet Extensions for Win32Microsoft Corporation7.0.6000.16827VERSION.dllVersion Checking and File Installation LibrariesMicrosoft Corporation5.1.2600.5512UxTheme.dllMicrosoft UxTheme LibraryMicrosoft Corporation6.0.2900.5512USP10.dllUniscribe Unicode script processorMicrosoft Corporation1.420.2600.5512USERENV.dllUserenvMicrosoft Corporation5.1.2600.5512USER32.dllWindows XP USER API Client DLLMicrosoft Corporation5.1.2600.5512urlmon.dllOLE32 Extensions for Win32Microsoft Corporation7.0.6000.16825unicode.nlssorttbls.nlssortkey.nlsSHLWAPI.dllShell Light-weight Utility LibraryMicrosoft Corporation6.0.2900.5512ShimEng.dllShim Engine DLLMicrosoft Corporation5.1.2600.5512SHELL32.dllWindows Shell Common DllMicrosoft Corporation6.0.2900.5686SETUPAPI.dllWindows Setup APIMicrosoft Corporation5.1.2600.5512Secur32.dllSecurity Support Provider InterfaceMicrosoft Corporation5.1.2600.5753RPCRT4.dllRemote Procedure Call RuntimeMicrosoft Corporation5.1.2600.5512OLEAUT32.dllMicrosoft Corporation5.1.2600.5512oleaccrc.dllActive Accessibility Resource DLLMicrosoft Corporation4.2.5406.0OLEACC.dllActive Accessibility Core ComponentMicrosoft Corporation4.2.5406.0ole32.dllMicrosoft OLE for WindowsMicrosoft Corporation5.1.2600.5512NTDSAPI.dllNT5DSMicrosoft Corporation5.1.2600.5582ntdll.dllNT Layer DLLMicrosoft Corporation5.1.2600.5755Normaliz.dllUnicode Normalization DLLMicrosoft Corporation6.0.5441.0NETAPI32.dllNet Win32 API DLLMicrosoft Corporation5.1.2600.5694msxml3r.dllXML ResourcesMicrosoft Corporation8.20.8730.1msxml3.dllMSXML 3.0 SP10Microsoft Corporation8.100.1048.0msvcrt.dllWindows NT CRT DLLMicrosoft Corporation7.0.2600.5512msvcp60.dllMicrosoft (R) C++ Runtime LibraryMicrosoft Corporation6.2.3104.0MSIMG32.dllGDIEXT Client DLLMicrosoft Corporation5.1.2600.5512msctfime.imeMicrosoft Text Frame Work Service IMEMicrosoft Corporation5.1.2600.5512MSCTF.dllMSCTF Server DLLMicrosoft Corporation5.1.2600.5512MSASN1.dllASN.1 Runtime APIsMicrosoft Corporation5.1.2600.5512MSACM32.dllMicrosoft ACM Audio FilterMicrosoft Corporation5.1.2600.5512mmcndmgr.dllMMC Node Manager DLLMicrosoft Corporation5.2.3790.4136mmcbase.DLLMMC Base DLLMicrosoft Corporation5.2.3790.4136mmc.exeMicrosoft Management ConsoleMicrosoft Corporation5.2.3790.4136mlang.dllMulti Language Support DLLMicrosoft Corporation6.0.2900.5512MFC42u.dllMFCDLL Shared Library - Retail VersionMicrosoft Corporation6.2.8071.0MFC42LOC.DLLMFC Language Specific ResourcesMicrosoft Corporation6.0.8665.0LPK.DLLLanguage PackMicrosoft Corporation5.1.2600.5512locale.nlskernel32.dllWindows NT BASE API Client DLLMicrosoft Corporation5.1.2600.5781IMM32.DLLWindows XP IMM32 API Client DLLMicrosoft Corporation5.1.2600.5512IMAGEHLP.dllWindows NT Image HelperMicrosoft Corporation5.1.2600.5512iertutil.dllRun time utility for Internet ExplorerMicrosoft Corporation7.0.6000.16825GDI32.dllGDI Client DLLMicrosoft Corporation5.1.2600.5698DUSER.dllWindows DirectUser EngineMicrosoft Corporation5.1.2600.5512DNSAPI.dllDNS Client API DLLMicrosoft Corporation5.1.2600.5625ctype.nlsCRYPTUI.dllMicrosoft Trust UI ProviderMicrosoft Corporation5.131.2600.5512^^^^^^^^^^^^^CRYPT32.dllCrypto API32Microsoft Corporation5.131.2600.5512^^^^^^^^^^^^COMRes.dllMicrosoft Corporation2001.12.4414.700comdlg32.dllCommon Dialogs DLLMicrosoft Corporation6.0.2900.5512COMCTL32.dllCommon Controls LibraryMicrosoft Corporation5.82.2900.5512comctl32.dllUser Experience Controls LibraryMicrosoft Corporation6.0.2900.5512CLBCATQ.DLLMicrosoft Corporation2001.12.4414.700certmgr.dllCertificates snap-inMicrosoft Corporation5.1.2600.5512^^^^^^^^^^^^^^^^^certcli.dllMicrosoft(R) Certificate Services ClientMicrosoft Corporation5.1.2600.5512^^^^^^^^^^^^^^^^^c_1252.nlsATL.DLLATL Module for Windows XP (Unicode)Microsoft Corporation3.5.2284.1apphelp.dllApplication Compatibility Client LibraryMicrosoft Corporation5.1.2600.5512ADVAPI32.dllAdvanced Windows 32 Base APIMicrosoft Corporation5.1.2600.5755AcGenral.DLLWindows Compatibility DLLMicrosoft Corporation5.1.2600.5512<Pagefile Backed><Pagefile Backed>
Free Windows Admin Tool Kit Click here and download it now
November 4th, 2009 12:46pm

Hi There, The behavior is by default , you will findthe appropriate dll's getting loaded. If you are comparing with unix / linux / solaris , windows work on different terminology at the user mode and the kernle mode level.
November 27th, 2009 3:00pm

thank you very much!I download OPENSSL fromhttp://21nw.com/2009/03/23/%E4%B8%8B%E8%BD%BD%E7%94%A8%E4%BA%8Ewindows%E7%9A%84openssl/and download WINDUMP.exe ,but WINDUMP.exe need WINCAP,my computer is lock by administratoes for use WINCAP,where has a sniffer tool no use WINCAP?
Free Windows Admin Tool Kit Click here and download it now
November 27th, 2009 3:48pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics