a question about Certificate stores zones
- Certificate stores :logical storage or physical stores,
which files or module incluidng physical stores?
http://technet.microsoft.com/en-us/library/cc757138(WS.10).aspx
I open certmgr.msc by notepad.exe: like {53D6AB1D-2488-11D1-A28C-00C04FB94F17} etc is the Certificate of Certificate stores ?
<?xml version="1.0"?>
<MMC_ConsoleFile ConsoleVersion="2.0" ProgramMode="UserSDI">
<ConsoleFileID>{26A50080-9AE1-4816-B5F8-C1CD326D4AC5}</ConsoleFileID>
<FrameState ShowStatusBar="true" LogicalReadOnly="true">
<WindowPlacement ShowCommand="SW_SHOWNORMAL">
<Point Name="MinPosition" X="-1" Y="-1"/>
<Point Name="MaxPosition" X="-1" Y="-1"/>
<Rectangle Name="NormalPosition" Top="1" Bottom="452" Left="0" Right="640"/>
</WindowPlacement>
</FrameState>
<Views>
<View ID="2" ScopePaneWidth="200">
<BookMark Name="RootNode" NodeID="2"/>
<BookMark Name="SelectedNode" NodeID="2"/>
<WindowPlacement WPF_RESTORETOMAXIMIZED="true" ShowCommand="SW_SHOWMAXIMIZED">
<Point Name="MinPosition" X="-1" Y="-1"/>
<Point Name="MaxPosition" X="-4" Y="-23"/>
<Rectangle Name="NormalPosition" Top="2" Bottom="376" Left="1" Right="653"/>
</WindowPlacement>
<ViewOptions ViewMode="Report" LVS_SINGLESEL="true" LVS_SHOWSELALWAYS="true" LVS_SHAREIMAGELISTS="true" LVS_EDITLABELS="true" ListStyle="1" ScopePaneVisible="true" DescriptionBarVisible="false" DefaultColumn0Width="200" DefaultColumn1Width="0"/>
</View>
</Views>
<VisualAttributes>
<String Name="ApplicationTitle" ID="3"/>
<Icon Index="0" File="%windir%\system32\certmgr.dll">
<Image Name="Large" BinaryRefIndex="0"/>
<Image Name="Small" BinaryRefIndex="1"/>
</Icon>
</VisualAttributes>
<Favorites>
<Favorite TYPE="Group">
<String Name="Name" ID="4"/>
<Favorites/>
</Favorite>
</Favorites>
<ScopeTree>
<SnapinCache>
<Snapin CLSID="{53D6AB1D-2488-11D1-A28C-00C04FB94F17}" AllExtensionsEnabled="true"/>
<Snapin CLSID="{C96401CC-0E17-11D3-885B-00C04F72C717}" AllExtensionsEnabled="true"/>
</SnapinCache>
<Nodes>
<Node ID="1" ImageIdx="0" CLSID="{C96401CC-0E17-11D3-885B-00C04F72C717}" Preload="false">
<Nodes>
<Node ID="2" ImageIdx="0" CLSID="{53D6AB1D-2488-11D1-A28C-00C04FB94F17}" Preload="false">
<Nodes/>
<String Name="Name" ID="5"/>
<Bitmaps>
<BinaryData Name="Small" BinaryRefIndex="2"/>
<BinaryData Name="Large" BinaryRefIndex="3"/>
</Bitmaps>
<ComponentDatas>
<ComponentData>
<GUID Name="Snapin">{53D6AB1D-2488-11D1-A28C-00C04FB94F17}</GUID>
<Stream BinaryRefIndex="4"/>
</ComponentData>
</ComponentDatas>
<Components>
<Component ViewID="2">
<GUID Name="Snapin">{53D6AB1D-2488-11D1-A28C-00C04FB94F17}</GUID>
<Stream BinaryRefIndex="5"/>
</Component>
</Components>
</Node>
</Nodes>
<String Name="Name" ID="1"/>
<Bitmaps>
<BinaryData Name="Small" BinaryRefIndex="6"/>
<BinaryData Name="Large" BinaryRefIndex="7"/>
</Bitmaps>
<ComponentDatas>
<ComponentData>
<GUID Name="Snapin">{C96401CC-0E17-11D3-885B-00C04F72C717}</GUID>
<Stream BinaryRefIndex="8"/>
</ComponentData>
</ComponentDatas>
<Components/>
</Node>
</Nodes>
</ScopeTree>
<ConsoleTaskpads/>
<ViewSettingsCache>
<TargetView ViewID="2" NodeTypeGUID="{53D6AB16-2488-11D1-A28C-00C04FB94F17}"/>
<ViewSettings Flag_TaskPadID="true" Age="1">
<GUID>{00000000-0000-0000-0000-000000000000}</GUID>
</ViewSettings>
</ViewSettingsCache>
<ColumnSettingsCache/>
<StringTables>
<IdentifierPool AbsoluteMin="1" AbsoluteMax="65535" NextAvailable="6"/>
<StringTable>
<GUID>{71E5B33E-1064-11D2-808F-0000F875A9CE}</GUID>
<Strings>
<String ID="1" Refs="2">控制台根节点</String>
<String ID="3" Refs="1">证书</String>
<String ID="4" Refs="1">收藏夹</String>
<String ID="5" Refs="1">证书 - 当前用户</String>
</Strings>
</StringTable>
</StringTables>
<BinaryStorage>
<Binary Name="CONSOLE_FILE_ICON_LARGE">
SUwBAQEAAgAEACAAIAD/////EQD//////////0JNNgAAAAAAAAAAll Replies
- Hi There,
What are you trying to achieve ? i mean do you want any specific data ?
Keepign the fact the you understand what is logical and physical store in certificates, you have an option to view them
1.
Open Certificates.
2.
In the console tree, click Certificates - Certificate Holder, where Certificate Holder is a Certificates instance (user, computer or service).
3.
On the View menu, click Options.
4.
Under Organize view mode by, click Certificate purpose.
thank you!
you are very friendly!I want know the location all the Certificates in computer,not how to use it (I will study it in the future )
in C:\Documents and Settings :USER,ALL USERS,ADMINISTRATOR,DEFAULT USER
there are some files or Directory :
Credentials,SystemCertificates,CryptnetUrlCache\Meta
Data ,Crypto,CryptnetUrlCache\Content ,
but no Certificates (cmd/certmgr.msc,in my computer there are 14 kinds of Certificates)
C:\Documents and Settings\user\Application Data\Microsoft>dir /s /q /as
驱动器 C 中的卷没有标签。
卷的序列号是 D875-3440C:\Documents and Settings\user\Application Data\Microsoft
2009-11-04 12:21 <DIR> lilianjie\user .
2009-11-04 12:21 <DIR> lilianjie\user ..
2009-05-21 09:02 <DIR> lilianjie\user Credentials
2009-11-04 11:59 <DIR> lilianjie\user CryptnetUrlCache
2009-05-21 09:03 <DIR> lilianjie\user Crypto
2009-05-21 09:03 <DIR> lilianjie\user Protect
2008-08-11 13:29 <DIR> lilianjie\user SystemCertificates
0 个文件 0 字节C:\Documents and Settings\user\Application Data\Microsoft\Credentials 的目录
2009-05-21 09:02 <DIR> lilianjie\user .
2009-05-21 09:02 <DIR> lilianjie\user ..
2009-05-21 09:02 <DIR> lilianjie\user S-1-5-21-1343024091-1
682526488-839522115-1003
0 个文件 0 字节C:\Documents and Settings\user\Application Data\Microsoft\Credentials\S-1-5-21-
1343024091-1682526488-839522115-1003 的目录2009-05-21 09:02 <DIR> lilianjie\user .
2009-05-21 09:02 <DIR> lilianjie\user ..
0 个文件 0 字节
===================================C:\Documents and Settings\user\Application Data\Microsoft\Protect\S-1-5-21-1343
024091-1682526488-839522115-1003 的目录2009-09-04 08:38 388 lilianjie\user a82c3ef6-aec5-4306-9a
d7-82916a3861f2
2009-05-21 09:03 388 lilianjie\user f47bfb48-6f54-4410-8f
ea-d832c8824271
2009-09-04 08:38 24 lilianjie\user Preferred
3 个文件 800 字节C:\Documents and Settings\user\Application Data\Microsoft\CryptnetUrlCache 的目
录2009-11-04 11:59 <DIR> lilianjie\user .
2009-11-04 11:59 <DIR> lilianjie\user ..
2009-11-04 12:21 <DIR> lilianjie\user Content
2009-11-04 12:21 <DIR> lilianjie\user MetaData
0 个文件 0 字节C:\Documents and Settings\user\Application Data\Microsoft\CryptnetUrlCache\Cont
ent 的目录2009-11-04 12:21 <DIR> lilianjie\user .
2009-11-04 12:21 <DIR> lilianjie\user ..
2009-11-04 11:59 898 lilianjie\user 60E31627FDA0A46932B0E
5948949F2A5
2009-11-04 12:21 558 lilianjie\user A44F4E7CB3133FF765C39
A53AD8FCFDD
2009-11-04 11:59 95,214 lilianjie\user A8FABA189DB7D25FBA7CA
C806625FD30
3 个文件 96,670 字节C:\Documents and Settings\user\Application Data\Microsoft\CryptnetUrlCache\Meta
Data 的目录2009-11-04 12:21 <DIR> lilianjie\user .
2009-11-04 12:21 <DIR> lilianjie\user ..
2009-11-04 11:59 94 lilianjie\user 60E31627FDA0A46932B0E
5948949F2A5
2009-11-04 12:21 146 lilianjie\user A44F4E7CB3133FF765C39
A53AD8FCFDD
2009-11-04 11:59 124 lilianjie\user A8FABA189DB7D25FBA7CA
C806625FD30
3 个文件 364 字节C:\Documents and Settings\user\Application Data\Microsoft\Crypto 的目录
2009-05-21 09:03 <DIR> lilianjie\user .
2009-05-21 09:03 <DIR> lilianjie\user ..
2009-05-21 09:03 <DIR> lilianjie\user RSA
0 个文件 0 字节C:\Documents and Settings\user\Application Data\Microsoft\Crypto\RSA 的目录
2009-05-21 09:03 <DIR> lilianjie\user .
2009-05-21 09:03 <DIR> lilianjie\user ..
2009-05-21 09:03 <DIR> lilianjie\user S-1-5-21-1343024091-1
682526488-839522115-1003
0 个文件 0 字节C:\Documents and Settings\user\Application Data\Microsoft\Crypto\RSA\S-1-5-21-1
343024091-1682526488-839522115-1003 的目录2009-05-21 09:03 <DIR> lilianjie\user .
2009-05-21 09:03 <DIR> lilianjie\user ..
2009-06-01 08:22 61 lilianjie\user d1adb89f57202f6f2b1b0
c17c20f91ff_7af661bb-c176-4e00-9bfa-39a407ce9229
2009-05-21 09:03 45 lilianjie\user f58155b4b1d5a524ca026
1c3ee99fb50_7af661bb-c176-4e00-9bfa-39a407ce9229
2 个文件 106 字节C:\Documents and Settings\user\Application Data\Microsoft\Protect 的目录
2009-05-21 09:03 <DIR> lilianjie\user .
2009-05-21 09:03 <DIR> lilianjie\user ..
2009-05-21 09:03 24 lilianjie\user CREDHIST
2009-09-04 08:38 <DIR> lilianjie\user S-1-5-21-1343024091-1
682526488-839522115-1003
1 个文件 24 字节C:\Documents and Settings\user\Application Data\Microsoft\Protect\S-1-5-21-1343
024091-1682526488-839522115-1003 的目录2009-09-04 08:38 <DIR> lilianjie\user .
2009-09-04 08:38 <DIR> lilianjie\user ..
2009-09-04 08:38 388 lilianjie\user a82c3ef6-aec5-4306-9a
d7-82916a3861f2
2009-05-21 09:03 388 lilianjie\user f47bfb48-6f54-4410-8f
ea-d832c8824271
2009-09-04 08:38 24 lilianjie\user Preferred
3 个文件 800 字节C:\Documents and Settings\user\Application Data\Microsoft\SystemCertificates 的
目录2008-08-11 13:29 <DIR> lilianjie\user .
2008-08-11 13:29 <DIR> lilianjie\user ..
2008-08-11 13:29 <DIR> lilianjie\user My
0 个文件 0 字节C:\Documents and Settings\user\Application Data\Microsoft\SystemCertificates\My
的目录2008-08-11 13:29 <DIR> lilianjie\user .
2008-08-11 13:29 <DIR> lilianjie\user ..
2008-08-11 13:29 <DIR> lilianjie\user Certificates
2008-08-11 13:29 <DIR> lilianjie\user CRLs
2008-08-11 13:29 <DIR> lilianjie\user CTLs
0 个文件 0 字节C:\Documents and Settings\user\Application Data\Microsoft\SystemCertificates\My
\Certificates 的目录2008-08-11 13:29 <DIR> lilianjie\user .
2008-08-11 13:29 <DIR> lilianjie\user ..
0 个文件 0 字节C:\Documents and Settings\user\Application Data\Microsoft\SystemCertificates\My
\CRLs 的目录2008-08-11 13:29 <DIR> lilianjie\user .
2008-08-11 13:29 <DIR> lilianjie\user ..
0 个文件 0 字节C:\Documents and Settings\user\Application Data\Microsoft\SystemCertificates\My
\CTLs 的目录2008-08-11 13:29 <DIR> lilianjie\user .
2008-08-11 13:29 <DIR> lilianjie\user ..
0 个文件 0 字节所列文件总数:
14 个文件 100,714 字节
47 个目录 35,754,516,480 可用字节C:\Documents and Settings\user\Application Data\Microsoft>
====================
C:\Documents and Settings\Default User\Application Data\Identities\{F92DA2FA-4964-4A7C-9FC0-0F49BA1EBA9B}
=======================C:\Documents and Settings\All Users\Application Data\Microsoft>dir /s /q /as
驱动器 C 中的卷没有标签。
卷的序列号是 D875-3440C:\Documents and Settings\All Users\Application Data\Microsoft 的目录
2008-08-23 16:09 <DIR> BUILTIN\Administrators .
2008-08-23 16:09 <DIR> BUILTIN\Administrators ..
2008-08-11 13:29 <DIR> BUILTIN\Administrators Crypto
0 个文件 0 字节C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto 的目录
2008-08-11 13:29 <DIR> BUILTIN\Administrators .
2008-08-11 13:29 <DIR> BUILTIN\Administrators ..
2008-08-11 13:29 <DIR> BUILTIN\Administrators DSS
2008-08-11 13:29 <DIR> BUILTIN\Administrators RSA
0 个文件 0 字节#################
DSS 「Digital Signature Standard」, (National Institute of Standard and Technology ﹔NIST) 於 (Digital Signature Algorithm ﹔DSA)。
###############
SID:S-1-5-18
名称:Local System
。############
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\DSS2008-08-11 13:29 <DIR> BUILTIN\Administrators .
2008-08-11 13:29 <DIR> BUILTIN\Administrators ..
2008-08-11 13:29 <DIR> BUILTIN\Administrators MachineKeys
0 个文件 0 字节C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\DSS\Machi
neKeys 的目录2008-08-11 13:29 <DIR> BUILTIN\Administrators .
2008-08-11 13:29 <DIR> BUILTIN\Administrators ..
0 个文件 0 字节C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA 的目
录2008-08-11 13:29 <DIR> BUILTIN\Administrators .
2008-08-11 13:29 <DIR> BUILTIN\Administrators ..
2008-08-11 13:29 <DIR> BUILTIN\Administrators MachineKeys
2008-08-11 13:38 <DIR> BUILTIN\Administrators S-1-5-18
0 个文件 0 字节C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\Machi
neKeys2008-08-11 13:29 <DIR> BUILTIN\Administrators .
2008-08-11 13:29 <DIR> BUILTIN\Administrators ..
0 个文件 0 字节C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\S-1-5
-182008-08-11 13:38 <DIR> BUILTIN\Administrators .
2008-08-11 13:38 <DIR> BUILTIN\Administrators ..
2008-08-25 16:19 1,255 BUILTIN\Administrators afe9e16b3837b74fd9d31
d5189f8f991_7af661bb-c176-4e00-9bfa-39a407ce9229
2008-08-11 13:38 875 BUILTIN\Administrators d42cc0c3858a58db2db37
658219e6400_7af661bb-c176-4e00-9bfa-39a407ce9229
2 个文件 2,130 字节I have found in process explorer tools:so many dlls.....which is important.......
Process: mmc.exe Pid: 1996Name Description Company Name Version
xpsp2res.dll Service Pack 2 Messages Microsoft Corporation 5.1.2600.5512
WS2HELP.dll Windows Socket 2.0 Helper for Windows NT Microsoft Corporation 5.1.2600.5512
WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 5.1.2600.5512
WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 5.1.2600.5512
WINTRUST.dll Microsoft Trust Verification APIs Microsoft Corporation 5.131.2600.5512
WINMM.dll MCI API DLL Microsoft Corporation 5.1.2600.5512
WININET.dll Internet Extensions for Win32 Microsoft Corporation 7.0.6000.16827
VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 5.1.2600.5512
UxTheme.dll Microsoft UxTheme Library Microsoft Corporation 6.0.2900.5512
USP10.dll Uniscribe Unicode script processor Microsoft Corporation 1.420.2600.5512
USERENV.dll Userenv Microsoft Corporation 5.1.2600.5512
USER32.dll Windows XP USER API Client DLL Microsoft Corporation 5.1.2600.5512
urlmon.dll OLE32 Extensions for Win32 Microsoft Corporation 7.0.6000.16825
unicode.nls
sorttbls.nls
sortkey.nls
SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.0.2900.5512
ShimEng.dll Shim Engine DLL Microsoft Corporation 5.1.2600.5512
SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.0.2900.5686
SETUPAPI.dll Windows Setup API Microsoft Corporation 5.1.2600.5512
Secur32.dll Security Support Provider Interface Microsoft Corporation 5.1.2600.5753
RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 5.1.2600.5512
OLEAUT32.dll Microsoft Corporation 5.1.2600.5512
oleaccrc.dll Active Accessibility Resource DLL Microsoft Corporation 4.2.5406.0
OLEACC.dll Active Accessibility Core Component Microsoft Corporation 4.2.5406.0
ole32.dll Microsoft OLE for Windows Microsoft Corporation 5.1.2600.5512
NTDSAPI.dll NT5DS Microsoft Corporation 5.1.2600.5582
ntdll.dll NT Layer DLL Microsoft Corporation 5.1.2600.5755
Normaliz.dll Unicode Normalization DLL Microsoft Corporation 6.0.5441.0
NETAPI32.dll Net Win32 API DLL Microsoft Corporation 5.1.2600.5694
msxml3r.dll XML Resources Microsoft Corporation 8.20.8730.1
msxml3.dll MSXML 3.0 SP10 Microsoft Corporation 8.100.1048.0
msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.0.2600.5512
msvcp60.dll Microsoft (R) C++ Runtime Library Microsoft Corporation 6.2.3104.0
MSIMG32.dll GDIEXT Client DLL Microsoft Corporation 5.1.2600.5512
msctfime.ime Microsoft Text Frame Work Service IME Microsoft Corporation 5.1.2600.5512
MSCTF.dll MSCTF Server DLL Microsoft Corporation 5.1.2600.5512
MSASN1.dll ASN.1 Runtime APIs Microsoft Corporation 5.1.2600.5512
MSACM32.dll Microsoft ACM Audio Filter Microsoft Corporation 5.1.2600.5512
mmcndmgr.dll MMC Node Manager DLL Microsoft Corporation 5.2.3790.4136
mmcbase.DLL MMC Base DLL Microsoft Corporation 5.2.3790.4136
mmc.exe Microsoft Management Console Microsoft Corporation 5.2.3790.4136
mlang.dll Multi Language Support DLL Microsoft Corporation 6.0.2900.5512
MFC42u.dll MFCDLL Shared Library - Retail Version Microsoft Corporation 6.2.8071.0
MFC42LOC.DLL MFC Language Specific Resources Microsoft Corporation 6.0.8665.0
LPK.DLL Language Pack Microsoft Corporation 5.1.2600.5512
locale.nls
kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 5.1.2600.5781
IMM32.DLL Windows XP IMM32 API Client DLL Microsoft Corporation 5.1.2600.5512
IMAGEHLP.dll Windows NT Image Helper Microsoft Corporation 5.1.2600.5512
iertutil.dll Run time utility for Internet Explorer Microsoft Corporation 7.0.6000.16825
GDI32.dll GDI Client DLL Microsoft Corporation 5.1.2600.5698
DUSER.dll Windows DirectUser Engine Microsoft Corporation 5.1.2600.5512
DNSAPI.dll DNS Client API DLL Microsoft Corporation 5.1.2600.5625
ctype.nls
CRYPTUI.dll Microsoft Trust UI Provider Microsoft Corporation 5.131.2600.5512
^^^^^^^^^^^^^
CRYPT32.dll Crypto API32 Microsoft Corporation 5.131.2600.5512
^^^^^^^^^^^^
COMRes.dll Microsoft Corporation 2001.12.4414.700
comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.0.2900.5512
COMCTL32.dll Common Controls Library Microsoft Corporation 5.82.2900.5512
comctl32.dll User Experience Controls Library Microsoft Corporation 6.0.2900.5512
CLBCATQ.DLL Microsoft Corporation 2001.12.4414.700
certmgr.dll Certificates snap-in Microsoft Corporation 5.1.2600.5512
^^^^^^^^^^^^^^^^^
certcli.dll Microsoft(R) Certificate Services Client Microsoft Corporation 5.1.2600.5512
^^^^^^^^^^^^^^^^^
c_1252.nls
ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.5.2284.1
apphelp.dll Application Compatibility Client Library Microsoft Corporation 5.1.2600.5512
ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 5.1.2600.5755
AcGenral.DLL Windows Compatibility DLL Microsoft Corporation 5.1.2600.5512
<Pagefile Backed>
<Pagefile Backed>Hi There,
The behavior is by default , you will findthe appropriate dll's getting loaded. If you are comparing with unix / linux / solaris , windows work on different terminology at the user mode and the kernle mode level.
thank you very much!
I download OPENSSL from
http://21nw.com/2009/03/23/%E4%B8%8B%E8%BD%BD%E7%94%A8%E4%BA%8Ewindows%E7%9A%84openssl/
and download WINDUMP.exe ,but WINDUMP.exe need WINCAP,my computer is lock by administratoes for use WINCAP,
where has a sniffer tool no use WINCAP?
