lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <9f279016050823193531639d80@mail.gmail.com>
Date: Tue, 23 Aug 2005 18:35:50 -0800
From: Allen Parker <infowolfe@...il.com>
To: bugtraq@...urityfocus.com
Subject: Re: ZipTorrent 1.3.7.3 Discloses Proxy Passwords to Local Users


On 23 Aug 2005 13:21:23 -0000, kozan@...instructors.com
<kozan@...instructors.com> wrote:
> /*================================================================
> 
> ZipTorrent 1.3.7.3 Local Proxy Password Disclosure Exploit by Kozan
> 
> Discovered & Coded by Kozan
> Credits to ATmaCA
> Web: www.spyinstructors.com
> Mail: kozan@...instructors.com
> 
> Application:
> --------------------
> ZipTorrent 1.3.7.3 (and probably prior versions)
> Vendor: www.ziptorrent.com
> 
> Introduction:
> --------------------
> ZipTorrent is the fastest BitTorrent client for Windows with the
> most features, such as Search om Major search engines an RSS reader,
> IRC Chat rooms, Automatic Torrent Download Rules, Automatic Update,
> Bandwidth Monitor, NAT Checking, and UPnP Support. An install wizard
> that helps you through the installation process.
> 
> Bug:
> --------------------
> ZipTorrent stores proxy server information and password in
> X:\\[Program_Files_Path]\[ZipTorrent_Path]\pref.txt
> in plain text. A local user can read passwords and others.
> 
> Vendor Confirmed:
> --------------------
> No
> 
> Fix:
> --------------------
> There is no solution at the time of this entry.

I don't mean to be a party pooper, but wouldn't it be just as easy to
navigate to the program's install path and double freaking click
pref.txt?

In my opinion, since this isn't a privilege escalation (local OR
remote), and it's certainly within the abilities of most of the people
reading this list to just open pref.txt in their favorite editor,
"proof of concept" code is next to worthless... nice try, but it makes
this report really seem like a joke.

On yet another note, I haven't seen many programs making use of
proxies where the username/password pairs were obfuscated in any
way... generally if a proxy is required in the first place, it's a
proxy the whole machine knows about anyway, so there's really not much
use in attempting to keep said proxy secret.

-- 
________________________________________
To avoid being added to my spam filter:
1. Utilize list replies unless otherwise requested.
2. If you DO send me a personal email, use english.
3. HTML isn't cute. It belongs on the web, not in my inbox.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ