| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 19 Nov 2003 17:02:39 -0000 From: bil <bil_912@...lgoose.com> To: bugtraq@...urityfocus.com Subject: YAK! 2.1.0 still vulnerable YAK! 2.1.0 still vulnerable =========================== for file transfer yak uses ftp mode. Yak! listens on port 3535 for file transfer in ftp mode. vulnerability in the previous version was, they were using constant username and pass combination for ftp login. 2.1.0 version seems to overcome the constant pass problem. but still it is using constant username. USER : y049575046 i tested with 2 pcs ... and got varing pass for each of them. PASS : 24151.0y0495 ----> pc 1 PASS : 24251.0y0505 ----> pc 2 the passwords seem to maintain a special pattern still. TO FIND PASSWORD ---------------- it's just as easy as sniffing with a sniffer. personally i prefer ethereal. set filter as the following : src host 192.168.0.151 && (dst port 3535) where the <src host> is ur own pc. now sending the victim any file will make ethereal capture the packets. decoding the packets as FTP will show the username / password combination in cleartext.
Powered by blists - more mailing lists