OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Bugtraq Archives: Re: CuteFTP saved password 'encryption' weakn

Re: CuteFTP saved password 'encryption' weakness

Subject: Re: CuteFTP saved password 'encryption' weakness
From: Brian Kifiak (bkLOCALHOST.CA)
Date: Wed Jan 05 2000 - 16:27:27 CST

* Nick FitzGerald (nickVIRUS-L.DEMON.CO.UK) [01/05/00 12:14]:
> This means that stealing of tree.dat not only allows the thief access
> via CuteFTP to any 'secrets' that may be recorded in that file, but
> they can also be easily decoded for other uses. The v3.x releases of
> CuteFTP store this data in smdata.dat (the virus does not look for
> that file) but it has a very similar appearing structure to tree.dat
> and uses the same 'encryption' of stored passwords.

This is a moot point anyways. Anyone who can grab your tree.dat or smdata.dat
can have your passwords even if they were to be strongly encrypted. One would
only have to download and install their own copy of cuteftp, stick the
associated .dat file in it's path, run cuteftp, and hit connect. Your local
machine or another on your network could easily run a sniffer and grab your
plain text passwords as your client connects. If you don't want to tip off the
admin of a remote site that you have one of their users passwords, than just
replace the real servers IP with an ftp server you control.

-bk

This archive was generated by hypermail 2b27 : Fri Jan 07 2000 - 14:13:28 CST