The Lydia pop3 email utility produced by Kabsoftware uses a weak encryption algorithm, leaving user passwords locally vulnerable.
0058b79f1038405d4d136dab9fc159fb719755d252212222dc920096bd1b9d32
Yet Another password storing problem (was: Re: Possible Netscape
Yiorgos Adamopoulos (adamo@dblab.ece.ntua.gr)
Fri, 19 Feb 1999 16:58:13 +0200
On Tue, Feb 16, 1999 at 01:02:08PM -0600, HD Moore wrote:
> The password is *still* in the registry after you close netscape,
Now that we are talking about Netscape, here is another similar bug.
Kabsoftware (http://www.kabsoftware.com) produces a *very* handy utility that
let's you check your email via POP3 (without downloading it) and other stuff
like that (check their www page if you are interested).
It appears that Lydia (the utility) stores the user passwords in
C:\Windows\Lydia.INI.
However, the encryption algorithm is trivial. I am not a cryptanalyst in any
way and it took me 30min to find out the mapping between the ascii space and
the scrambling they do. (Basically they map each character to 2 bytes).
I notified Kabsoftware in January, and they responded promptly that "the
encryption in Lydia algorithm is casual" and that they are going to change it
in a future release.
--
Yiorgos Adamopoulos -- #include <std/disclaimer.h>
adamo@dblab.ece.ntua.gr -- Knowledge and Data Base Systems Laboratory, NTUA