Re: Clear text password vulnerability

From: Twofish -lists (twofish-lists_at_terra.es)
Date: 02/14/05

  • Next message: Ernest Nelson: "RE: Programming" 
    To: Harshil Parikh <harshil1110@gmail.com>
Date: Mon, 14 Feb 2005 22:14:35 +0100

    > Hi,
    > I've been using a web based mail service for sometime. Yesterday I
    > was trying to figure out how the packet exchange occurs between the
    > client and the server by sniffing it. I wanted to know the forking off
    > to different servers for authentication purposes. However, I noticed
    > that the client side would send the password in clear text along with
    > the username.
    Welcome to real world. POP3, SMTP does also.
    > It uses a POST method for this. I think this is a big
    > vulnerability in the mail service.

    > I wanted your opinion if I should
    > term this as a vulnerability or not and whether there is an exploit
    > for this or not.
    It's not a vulnerability. It's a lack of knowledge in the
    implementation. There have been sniffers since the invention of
    computers.
    > Also one of my friend adviced me to try and charge
    > money for figuring out this vulnerability. Should I go ahead with
    > contacting the sys admin for that ? also is there an
    > exploit that i can point out to the admin that can be used against them...
    exploit???? I think you should read a little more before asking such a
    basic thing. Ask your sysadmin to use ssl. Learn a moreon tcp/ip tools
    and basics.
    > As far as i know..this clear text pwd can be exploited only for the =
    > users in same LAN. Is there any thing else that I can point out to the admin
    >
    > Thanks,
    > Harshil Parikh

  • Next message: Ernest Nelson: "RE: Programming"

    Relevant Pages

    • Clear text password vulnerability
      ... I've been using a web based mail service for sometime. ... client and the server by sniffing it. ... term this as a vulnerability or not and whether there is an exploit ... exploit that i can point out to the admin that can be used against them... ...
      (Security-Basics)
    • Php-Nuke:users and admins password hashes vulnerability
      ... An attacker can obtain password hashes for users and admins, using a particular SQL injection with cookies. ... To get the password hash of an user, the attacker just needs a valid account... ... To get the password hash of an admin, the attacker only needs to know the name of that admin, and needs that the Web_Links module should be active and with at least one link: NOTE: The attacker doesn't need a valid account, and can exploit the bug even if the Web_Links module is active only for registered members... ... This one is to check the user vulnerability: <?php //Test-script for PHP-NUKE Vulnerabilities: Bugsman made it, ...
      (Bugtraq)
    • Re: Simple method to block outgoing traffic
      ... build our own installer (which then in turn might run with admin rights). ... MAXIMUM_ALLOWED in all fopencalls and replacing all HKLM with HKCU ... You're not a programmer that's obvious ... the AdobeLM vulnerability since years, we had to take our own measures. ...
      (comp.security.firewalls)
    • Pixel Post Multiple Vulnerabilities
      ... XSS, and SQL Injection providing full access to admin area, providing upload any type of files capabilities.. ... With this vulnerability we can fetch almost any data from the database, ... You can perform a XSS attack when commenting a post because the comment, the name, the url, and nor the email are properly sanitized. ...
      (Bugtraq)
    • Re: Secure host newbie - fun - humm
      ... You're also assuming that every admin is aware when an exploit is found, ... they probably don't know about the vulnerability.) ... >TECHNOLOGY - unexpectedly getting a flat tyre while you're driving. ... For instance, telnet is ...
      (Security-Basics)
    • Quantcast