Re: Lotus 1352 NRPC Encryption

---

• From: Chris.McGinley@xxxxxxxxxxx
• Date: Thu, 20 Dec 2007 15:30:58 -0500

---

Domino has a vulnerability in that it allows Notes clients without ID
files to enter their name and ask for the ID file. You can use the Notes
client (new setup) to manually test this; just point to the server and
specify your username. Notes will grab the ID file if it exists...you'll
have to intercept it from your Notes data directory and crack its
password.

It can be scripted with Perl as well, but I've not seen a tool publicly
available to exploit it.

-Chris




Clone <c70n3@xxxxxxxxxxx>
12/20/2007 03:38 AM

To
Chris.McGinley@xxxxxxxxxxx
cc
pen-test@xxxxxxxxxxxxxxxxx
Subject
Re: Lotus 1352 NRPC Encryption






Hmm.. we are doing a blacbox pen test .. we do not
have a test username or password or ID file.. in such
a scenario how can we use the Notes client to get this
info?


--- Chris.McGinley@xxxxxxxxxxx wrote:

NRPC encryption is configured by the Notes client,
not the server.

-Chris




Clone <c70n3@xxxxxxxxxxx>
Sent by: listbounce@xxxxxxxxxxxxxxxxx
12/18/2007 11:39 PM

To
pen-test@xxxxxxxxxxxxxxxxx
cc

Subject
Lotus 1352 NRPC Encryption






Hello All,

Is there a way to find out anonymously whether port
1352 of Lotus Notes NRPC service uses encryption
mechanisms or not?

Good day.


Share files, take polls, and discuss your
passions - all under one
roof. Go to http://in.promos.yahoo.com/groups

------------------------------------------------------------------------

This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE
today!

http://www.cenzic.com/downloads

------------------------------------------------------------------------

Explore your hobbies and interests. Go to
http://in.promos.yahoo.com/groups






------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

---

• References:
  • Re: Lotus 1352 NRPC Encryption
    • From: Clone

• Prev by Date: Re: GCIA, GSEC, GCIH, CISSP, CEH ???
• Next by Date: Re: Re: GCIA, GSEC, GCIH, CISSP, CEH ???
• Previous by thread: Re: Lotus 1352 NRPC Encryption
• Next by thread: brute force ColdFusion MX7 admin page
• Index(es):
  • Date
  • Thread

---

Relevant Pages Fwd: CERT Advisory CA-2003-11 Multiple Vulnerabilities in Lotus Notes and Domino ... CERT Advisory CA-2003-11 Multiple Vulnerabilities in Lotus Notes and Domino ... (Bugtraq) [Full-Disclosure] Fwd: CERT Advisory CA-2003-11 Multiple Vulnerabilities in Lotus Notes and Domino ... CERT Advisory CA-2003-11 Multiple Vulnerabilities in Lotus Notes and Domino ... (Full-Disclosure) CERT Advisory CA-2003-11 Multiple Vulnerabilities in Lotus Notes and Domino ... Multiple vulnerabilities have been reported to affect Lotus Notes ... Multiple reporters, the close timing, and ... vulnerabilities affecting Lotus Notes and Domino. ... (Cert)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > pen-test  > 2007-12