Forwarded from bugtraq/full-disclosure. Thought it may be of some
interest here.
-Russ
Original Message
Subject: IpSwitch IMail Server = ver 8.1 User Password Decryption
Date: Mon, 16 Aug 2004 23:18:53 +0600 (KGST)
From: Adik [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
CC: [EMAIL
Subject: [IMail Forum] [Fwd: IpSwitch IMail Server = ver 8.1 User Password
Decryption]
Forwarded from bugtraq/full-disclosure. Thought it may be of some
interest here.
-Russ
Original Message
Subject: IpSwitch IMail Server = ver 8.1 User Password Decryption
Date: Mon, 16
This assumes that the intruder has access to the IMail
machine's registry...IMHO if this is so I would think you
have bigger problems than just grabbing passwords..
Eric S
Is it true that extractusers.exe will not work anymore above Imail v7.xx ?
If not, with this code it should be easy
] [Fwd: IpSwitch IMail Server = ver 8.1 User
Password Decryption]
This assumes that the intruder has access to the IMail
machine's registry...IMHO if this is so I would think you
have bigger problems than just grabbing passwords..
Eric S
Is it true that extractusers.exe will not work anymore
that
it's a simple matter of a packet sniffer to harvest passwords.
Larry Craddock
- Original Message -
From: Dmitri Elgin [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, August 17, 2004 10:27 AM
Subject: RE: [IMail Forum] [Fwd: IpSwitch IMail Server = ver 8.1 User
Password Decryption
To: [EMAIL PROTECTED]
Subject: RE: [IMail Forum] [Fwd: IpSwitch IMail Server = ver 8.1 User
Password Decryption]
This assumes that the intruder has access to the IMail
machine's registry...IMHO if this is so I would think you
have bigger problems than just grabbing passwords..
Eric S
: [IMail Forum] [Fwd: IpSwitch IMail Server = ver 8.1 User
Password Decryption]
This assumes that the intruder has access to the IMail
machine's registry...IMHO if this is so I would think you
have bigger problems than just grabbing passwords..
Eric S
Is it true that extractusers.exe will not work
Eric Shanbrom [Ipswitch] wrote:
This assumes that the intruder has access to the IMail machine's
registry...IMHO if this is so I would think you have bigger problems than
just grabbing passwords..
Obviously ;) I was seeing it as some value to those who have a legit
reason for wanting the
Forwarded from bugtraq/full-disclosure. Thought it may be of some
interest here.
So-called hackers have thought this is cool for about 10 years. It's
not a hack. The algorithm was never claimed to offer anything but mild
obscurity to a casual Registry browser, and has been owned by