[NT] PGP Authentication and User Managment Bypass

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

The SecuriTeam alerts list - Free, Accurate, Independent.

Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html

- - - - - - - - -



PGP Authentication and User Managment Bypass
------------------------------------------------------------------------


SUMMARY

" <http://en.wikipedia.org/wiki/Pretty_Good_Privacy> Pretty Good Privacy (
<http://www.pgp.com/> PGP) is a computer program which provides
cryptographic privacy and authentication. "
PGP Self Decrypting Archive (SDA) allow users to send conventionally
encrypted files to people who do not have PGP installed.

A design flaw allows attackers to bypass authentication with PGP SDA.

DETAILS

Vulnerable Systems:
* PGP version 8
* PGP version 9

When a user create a text file and wrote inside it "aa" and then create a
SDA, an hex edit of the exe out, will show the user at the very buttom of
the file some bytes separated by 803E.

Example:
E7 93 A0 90 E9 62 D1 21
803E
A1 50 AF 5F 6F 9E FE D6

Analyzing the bytes carefully, you will notice that 803E is the value used
for a loop. The loop starts at 0040590D. Further analysis showed that the
bytes right before 803E, are used for extraction and authentication.

Authentication is done in the following way:

When some enters a passphrase a series of instructions is executed against
the bytes right before 803E, to be exact in the function at address
00404E8F. This function generates a series of bytes which are compared
later on to the bytes AFTER 803E. If they match the user is granted
authentication.

There are two ways to bypass the authentication need:
1. Modifying the contents of the address 00890D70.

The modification should be done in:
0040598F |. E8 AC3D0000 CALL filename_s.00409740

At: 00409740 /$ 8B4424 0C MOV EAX,DWORD PTR SS:[ESP+C]

At this point change the contents of 00890D70.

After the bytes change, you will have to bypass authentication. After
bypassing authentication you will be able to extract.

2. Modifying the contents of the address 00BAF670
The Modification should be done in:
0040595F FF15 90324100 CALL DWORD PTR DS:[413290]

At: 004019DA /$ FF7424 08 PUSH DWORD PTR SS:[ESP+8]

At this point change the contents of 00BAF670.

NOTE: At this point if you change the contents of 00BAF670, you won't have
to bypass authentication, it will work like a charm, and it will grant
authentication/extract.

Once you have patched the passphrase location attackers can do whatever
they like to do to the users. The problem with user management is a clear
issue. When the passphrase is changed PGP does not change the underlying
key which will allow any user who had access to regain that access back.

Note to forensic investigators: Imagine you are working on some cases and
for some reason you do not want Mr. Y to have access to some of the
evidence file, so you decided to change the passphrase on your PGP virtual
Disk. Mr. Y can still access the evidence if he patch the Virtual Disk
binary file.

Related Links:
* <http://www.safehack.com/Advisory/pgp/78da63LOCATION.png> Extraction
bytes GENERATION location for PGP SDA file.
*
<http://www.safehack.com/Advisory/pgp/Locating%2078%20DA%20sequence.txt>
Locating 78 DA sequence area.
*
<http://www.safehack.com/Advisory/pgp/PGPcrack.html#Two_Ways_to_bypass_PGP_SDA_Authentication> Two Ways to bypass PGP SDA Authentication and EXTRACT with success
* <http://www.safehack.com/Advisory/pgp/pgpsdacrack.htm> Semi Detailed
Block Diagram
* <http://www.safehack.com/Advisory/pgp/PGPcrack.html> Other Discovered
issues with PGP


ADDITIONAL INFORMATION

The information has been provided by <mailto:thesinoda@xxxxxxxxxxx>
sinoda swan.
The original article can be found at:
<http://www.safehack.com/Advisory/pgp/PGPcrack.html>
http://www.safehack.com/Advisory/pgp/PGPcrack.html



========================================


This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@xxxxxxxxxxxxxx
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@xxxxxxxxxxxxxx


====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

Quantcast