lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20031119170239.1358.qmail@sf-www2-symnsj.securityfocus.com>
Date: 19 Nov 2003 17:02:39 -0000
From: bil <bil_912@...lgoose.com>
To: bugtraq@...urityfocus.com
Subject: YAK! 2.1.0 still vulnerable




YAK! 2.1.0 still vulnerable
===========================

for file transfer yak uses ftp mode. Yak!
listens on port 3535 for file transfer in ftp mode.

vulnerability in the previous version was, they
were using constant username and pass
combination for ftp login.

2.1.0 version seems to overcome the constant
pass problem. but still it is using constant username.

USER : y049575046

i tested with 2 pcs ... and got varing pass for
each of them. 

PASS : 24151.0y0495   ----> pc 1
PASS : 24251.0y0505   ----> pc 2

the passwords seem to maintain a special pattern still.


TO FIND PASSWORD
----------------

it's just as easy as sniffing with a sniffer.

personally i prefer ethereal.

set filter as the following :

src host 192.168.0.151 && (dst port 3535)

where the <src host> is ur own pc. now sending the victim any file will make ethereal capture the packets. decoding the packets as FTP will show the username / password combination in cleartext.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ