Nelson, excuse my asking, but .. is this not the expected behavior? Any client that stores login/password information must store it in a plain-text equivalent form on the hard drive, *unless it prompts the user for a key with which to unlock the information*. Unless it uses a key supplied by the user, it must be based on something similar to this. If FTP Explorer is actually a server, then this is insecure -- servers should store hashes of passwords, not passwords. If FTP Explorer is an ftp client, one would hope it documents the storing of passwords; to my way of thinking, not prompting for passwords the next time a site is used is documentation enough for anyone that cares about their security. Anyone for whom this isn't enough likely doesn't care about their security. If you are worried about other people on your machine getting at the password through the registry, then I would hope the security settings on the registry are setup to disallow access -- but that would be WinNT only. Don't get me wrong -- this is good detective work. However, to my way of thinking, this is also expected behavior. Flames welcome. Autoreplies "I am out of the office" are not. :) On Thu, Feb 24, 2000 at 09:18:52PM -0300, Nelson wrote: > The scene: > user -> nelson > pass -> ABC > > ON Connect Window, typed login == nelson and pass == ***(ABC), made a > connection in my own ftp server. After this, I found this KEY in Windows > REGISTRY: > HKEY_CURRENT_USER -> Software -> FTP Explorer -> Profiles -> MY_OWN_SERVER > > and I found two values: > Login = nelson > Type = 4A4E52 > > Hmmm... looks like a encrypted password to me... > > Ok, the crypt function in FTP Explorer works like that: > get the ascii hexa value and increment 9, if the position in password was > changed, increment 3 per position. > > IN order words, a progression arithmetical. > > I made a code to proof this, look the result: > unreal:~/temp$ ./ftpe-crypt -t 3 -i 9 -r 3 -s teste > Criptografia do FTP Explorer v0.6b - por Nelson Brito > unreal:~/temp$ more teste > [...] > A = 4A = 4D = 50 > `-> correct > B = 4B = 4E = 51 > `-> correct > C = 4C = 4F = 52 > `-> correct > [...] > > Well, the password is 'ABC'... Is it a big security hole? I think so... > > PS: The credits to begin this thread in BOS-Br<bosat_private> goes to > Hever<Heverat_private>. > > PPS: Sorry about my poor ENGLISH. If don't understand, don't read. =) > > My proof... > > -------begin > /* > ** Este codigo demostra como funciona a "criptografia" do software FTP > ** Explorer, levando-se em consideracao as informacoes passadas para a > ** BOS-Br por Hever<Heverat_private>. > ** > ** author: Nelson Brito > ** e-mails: nelsonat_private & nelsonat_private > ** program: ftpe-crypt.c > ** > ** ChangeLog: > ** v 0.6b - arquivo de destino incluido(output file) > ** - apartir desta versao sera' necessario a utilizacao de todos os > ** argumentos na linha de comando > ** v 0.5b - incluido opcoes longas na linha de comando > ** - problemas da opcao '-h' corrigidos gracas a fpm :*( ) ) > ** v 0.4 - opcoes de linha de comando acrescentadas, permitindo que o > ** usuario "set" suas preferencias [a.k.a. getopt(3)] > ** v 0.3 - adicionado argumentos passados para a funcao r2() > ** - contador a ser usado em r2() como argumento > ** v 0.2 - desenvolvimento das funcao r2() e inclusao de u_abort()) e > ** logo() > ** - o length do password foi aumentado > ** v 0.1 - desenvolvimento inicial do esqueleto do programa, incluindo: > ** > retirada dos caracteres especiais, ie, so' [a-z][A-Z][0-9] > ** > uma simples PA, sem utilizacao de formula ou funcao > ** > ** Agradecimentos a drk, Morauder e fpm pela forca com o getopt(3). =) > ** > ** Como compilar(How to compile): > ** lameness:~# gcc -Wall -O3 -g ftpe-crypt.c -o ftpe-crypt > */ > > #include <stdio.h> > #include <signal.h> > #include <stdlib.h> > #include <getopt.h> > #include <unistd.h> > #define VERSION "0.6b" > > int r2(int n, int p, int i, int b, FILE *fp){ > n=((n+b)+(i*p)); > fprintf(fp, "= %X ", n); > return(n); > } > > char usage(char *p){ > fprintf(stderr, "use: %s -l <length> -i <increment> -r <ratio> -o <output-file>\n", p); > fprintf(stderr, "example: %s -l 15 -i 9 -r 3 -o outlist\n", p); > fprintf(stderr, "options:\n\t -l, --length password's length\n"); > fprintf(stderr, "\t -i, --increment ASCII Table's increment\n"); > fprintf(stderr, "\t -r, --ratio PA's ratio\n"); > fprintf(stderr, "\t -o, --output output file\n"); > fprintf(stderr, "\nfor ftpe's criptography use r=3, i=9\n"); > exit(0); > } > > int main(int ac, char **av){ > FILE *outlist = NULL; > > register int a = 48; > int r = 0, inc = 0, ct = 0, op; > > printf("FTP Explorer's Criptography v%s - by Nelson Brito\n", VERSION); > > if(ac != 9) usage(av[0]); > > while(1){ > static struct option long_options[] = { > {"length", 1, 0, 'l'}, > {"ratio", 1, 0, 'r'}, > {"increment", 1, 0, 'i'}, > {"output", 1, 0, 'o'}, > {0, 0, 0, 0} > }; > > int option_index = 0; > op = getopt_long(ac, av, "l:r:i:o:", long_options, &option_index); > > if (op == -1) break; > > switch(op){ > case 'l': > ct = atoi(optarg); > break; > case 'r': > r = atoi(optarg); > break; > case 'i': > inc = atoi(optarg); > break; > case 'o': > if(!(outlist=fopen(optarg, "w"))){ > printf("unable to open %s\n", optarg); > exit(0); > } > break; > default: > usage(av[0]); > break; > } > } > > while(a < 123){ > > if((a >= 58) && (a <= 64)){ > printf("%c", (char)0); > a++; > } > > else if((a >= 91) && (a <= 96)){ > printf("%c", (char)0); > a++; > } > > else{ > register int c; > > fprintf(outlist, "%c ", (char)a); > for(c = 0 ; c < ct ; c++) r2(a, c, r, inc, outlist); > fprintf(outlist, "\n"); > a++; > } > > } > > fclose(outlist); > > return(1); > } > -------end > > Sem mais, > -- > Nelson - nb -- Seth Arnold | http://www.willamette.edu/~sarnold/ Hate spam? See http://maps.vix.com/rbl/ for help Hi! I'm a .signature virus! Copy me into your ~/.signature to help me spread!
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:37:30 PDT