lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Sun, 13 Jul 2003 08:32:22 -0700
From: "morning_wood" <se_cur_ity@...mail.com>
To: <full-disclosure@...ts.netsys.com>, <bugtraq@...urityfocus.com>,
   "0day" <0day@...hackers.org>
Subject: Grub Distributed Client - Cleartext Passwords


------------------------------------------------------------------
          - EXPL-A-2003-016 exploitlabs.com Advisory 016
------------------------------------------------------------------
       -=- Looksmart / Grub Distributed Webcrawling Client -=-


Donnie Werner
http://exploitlabs.com


Vunerability(s):
----------------
1.local clear user / password in windows registry


Product:
--------
http://www.grub.org/
http://www.looksmart.com/

Vulnerable:
grub-client-1.3.7.exe   May 12, 2003
grub-client-1.3.7.zip   May 12, 2003

Not Vunerable:
grub-client-1.4.3.exe [CURRENT] Jul 2, 2003
grub-client-1.4.3.zip [CURRENT]  Jul 2, 2003
patch-to-1.4.3.exe [CURRENT]  Jul 2, 2003
patch-to-1.4.3.zip [CURRENT]  Jul 2, 2003


Description of product:
-----------------------
 "Grub uses the power of distributed computing to build the best
search on the Web.
It automatically crawls the Web in the background, borrowing your
computer's spare
clock cycles, so you won't even notice it's there. The download is
quick, you control
how much you crawl, and the cool screensaver shows you the real-time
progress your
computer is making. You can even compare your stats to other Grubsters
in the project!
Help perfect the search engine. Join the Grub project today!"


Company Profile:
----------------
"LookSmart is a leader in Search Targeted Marketing. Through its
innovative LookListingsTM
suite of commercial search listings products and graphical advertising
products, LookSmart
enables large and small businesses alike to expose their products and
services to customers
at the precise moment they're searching for that very thing. The
result is a better search
experience for the user, as well as highly qualified leads and lower
customer acquisition
costs for the business. The LookSmart network reaches 77%* of Internet
users, and includes
Microsoft's MSN, Excite@...e, AltaVista, Netscape Netcenter, Inktomi,
Prodigy, Juno, CNN.com,
Road Runner, Cox Interactive Media, InfoSpace (Go2Net, Dogpile,
MetaCrawler) and Ask Jeeves."
*Media Metrix June 2001 Digital Media Audience Ratings


Reviews:
--------
http://www.fortune.com/fortune/smallbusiness/skeptic/0,15704,453288,00.html
David Lidsky
http://www.wired.com/news/infostructure/0,1377,58497,00.html
http://slashdot.org/article.pl?sid=03/04/19/1916209&mode=thread&tid=95



VUNERABILITY / EXPLOIT
======================

Local:
------
Passwords and user names are stored cleartext inside registry under
Windows OS


REG Key
Subkey ( data )

HKEY_CURRENT_USER\Software\VB and VBA Program
Settings\GrubClient\Settings
userEmail
userPassword


Vendor Fix:
-----------
upgrade to..
grub-client-1.4.3


Vendor Contact:
---------------
June 4 2003 left a message at Tel: 415.348.7000 @3am advising them of
my impending release
at 12pm.

Callback 9:10am from corp office.
kord@...b.org
kord campel 415-348-7691

Vendor knows and is working on the issue.

July 10 2003 Installed new client and note issue resolved.


Credits:
--------
Donnie Werner
http://exploitlabs.com "finding your holes is job one, and plugging
them twice the fun"
morning_wood@...loitlabs.com

Original Advisory at
http://exploitlabs.com/files/advisories/grub-client.txt
This Advisory is at
http://exploitlabs.com/files/advisories/EXPL-A-2003-016-grub-client.txt

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


Powered by blists - more mailing lists