accept no compromises

padlock-it.txt

padlock-it.txt
Posted Aug 17, 1999
Authored by Efrain Torres, lownoise

The password protection program PADLOCK-IT Version 1.01 does not properly implement the TwoFish encryption used, rendering both the encryption algorithm and the software program security meaningless.

tags | exploit
MD5 | 06070ea89646e2327e75582a1a5ea840

padlock-it.txt

Change Mirror Download
Date: Fri, 19 Feb 1999 13:51:39 -0500 (EST)
From: ET LoWNOISE <et@cyberspace.org>
To: schneier@counterpane.com
Cc: PacketStorm@Genocide2600.com
Subject: PADLOCK-IT and TwoFish

Hi,
2 months ago, i deliver this advisory to bugtraq... but now i have found
that this program is more popular than ever because have been showed on
WIRED magazine like one of the best prodcuts ever to manage passwords. So
i think people need to know the truth.


[LOWNOISE] Advisory:
et@cyberspace.org
by ET.
PADLOCK-IT 1.01
===============

DISCLAIMER: Learn, there are dark things behind a nice GUI.

Well, maybe this isnt a topic for bugtraq but many people is
using this kind of programs to protect all kind of passwords.
(Dial-up passwords, UNIX accounts, etc etc etc..............)
This is just a quick note about this product. Im going deeper
later.


PRODUCT: PADLOCK-IT Version 1.01 1998
1998 WinWare Inc.
1998 eEye Digital Security Team <---- Hmmmm!!
http://www.eEye.com

PROBLEM: Poor Implementation of TWOFISH
(Counterpane Systems) encryption


DESCRIPTION: PadLock-it is a utility program for
Windows 95, 98 and NT. It remembers
all your passwords in a single, easy
to use interface. It protects your
passwords using encryption and fixes
many loop holes in windows applications
password management.

Well, im not a guru on cryptoanalisys but theres something
wrong about PadLock-it. I agree that it has a really cool
GUI and its easy to use. But its opening new problems on
password managment.

First, remeber that now all the passwords will be encrypted
on 1 file called Padlock-it.dat so any person can grab this
file and analize it using just a text editor.

Padlock-it.dat (EXAMPLE)
=========================

[General]
Version=1.01
MP=588b1c441a

[Options]
TrayIcon=1
Confirm=0
Startup=1
Quick Tips=1

[Accounts]
prueba=4a0e54f8^Ä^Å4a0e54f8625f
prueba1=5d2bd3e4e7^Ä^Å4a169a9f8901
prueba2=4a169a9f^Ä^Å3db126d6f1fc83a4
enter=588b1c441a^Ä^Å588b1c441a
noise=5554c02c0b^Ä^Å5554c02c0b

--------------------------------------------------
First problem:
THEY ARE NOT USING A RANDOM SEED BETWEEN USERID AND HIS PASSWORD

example:
prueba = 4a169a9f__ 4a169a9f8900
root root98

If there are some weak passwords:
U can guess what is the weak password for a especified USER
Remember that is easy to have some USER IDs just because
other programs will give u that kind of info.


Second problem:
THEY ARE NOT USING A RANDOM SEED BETWEEN ACCOUNTS

example:
prueba1= 5d2bd3e4e7__ 4a169a9f8901
admin root98

So here is more help to have an idea to find the passwords


Third problem:
U CAN KNOW THE FIRST LETTER (and sometimes the SECOND too)
OF ANY USER ID AND THE PASSWORD (THIS INCLUDE THE MASTER
PASSWORD MP= "Take a look at the Padlock-it.dat (EXAMPLE)")

Weell there is no random seed (IMPORTANT PART ON ANY CRYPTO-THING)

So here is it a very little table:


1st letter encrypted
a 5d
b 5f
c 5e
d 59
e 58
f 5a
g 5b
h 51
i 50
j 52
k 53
l 57
m 56
n 55
o 54
p 48
q 49
r 4a
s 4b
t 4d
u 4c
v 4f
w 4e
x 46
y 47
z 44

Another problem:
U KNOW HOW MANY CHARACTERS ARE IN THE USER ID AND THE
PASSWORD AND THE MASTER PASSWORD.

Count the characters on the encrypted password,
divide it by 2.

example:
prueba=4a0e54f8^Ä^Å4a0e54f8625f

r*** r*****

prueba1=5d2bd3e4e7^Ä^Å4a169a9f8901

a**** r*****
Another problem:
THEY SAY (On HELP):
I can only enter 5 characters for my master
password, why?

The evaluation version of PadLock-it^Ù
is limited to 40 bit encryption, only US
full versions of PadLock-it^Ù support 128
bit encryption, which translates into 16
character passwords.

SO U KNOW THE FIRST LETTER OF THE MP SO A BRUTE FORCE
ATTACK IS EASY TO DO TO FIND THE NEXT 4 CHARACTERS.

Another problem:
THEY SAY (On HELP):
I forgot my master password, can I get it
back?

No, PadLock-it uses a state of the art security
that is unbreakable, no one can get your master
password. Not even the developers of PadLock-it.

WHEN U ENTER TO EDIT AN ACCOUNT PADLOCK DECRYPT THE
USERID AND IT SHOW YOU ON CLEAR TEXT.

THE MP USES THE SAME TWOFISH ENCRYPTION WITHOUT SEED
LIKE THE ACCOUNTS:

[General]
Version=1.01
MP=588b1c441a "guess the password"

[Accounts]
enter=588b1c441a^Ä^Å588b1c441a
"enter" "enter"

THE MP JUST WORK TO AUTENTICATE YOU, IT HAS NO JOB
ON LATER ENCRYPTION.

CONCLUSION:
IF THEY DECRYPT THE USER ID, THEY CAN BREAK
THE MP.!!!!!

NOTE:
THEY SAY:

What Encryption algorythm does PadLock-it^Ù use?

PadLock-it^Ù uses the latest release of Twofish
encryption from Counterpane Systems.
BRUCE SCHNEIER is the president of Counterpane
Systems, the author of Applied Cryptography
(John Wiley & Sons, 1994 & 1996), and the
developer of Blowfish and Twofish.


WELL THEY ARE JUST USING THE POPULARITY OF A
GREAT DUDE... Twofish its c00l... the
implementation on this proggy just sucks.

================================================================
Efrain `ET` Torres
LoWNOISE Colombia.
et@cyberspace.org
1999

et@my.narco-goverment.sucks.co
================================================================

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

September 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    5 Files
  • 2
    Sep 2nd
    5 Files
  • 3
    Sep 3rd
    3 Files
  • 4
    Sep 4th
    13 Files
  • 5
    Sep 5th
    16 Files
  • 6
    Sep 6th
    15 Files
  • 7
    Sep 7th
    20 Files
  • 8
    Sep 8th
    16 Files
  • 9
    Sep 9th
    4 Files
  • 10
    Sep 10th
    2 Files
  • 11
    Sep 11th
    15 Files
  • 12
    Sep 12th
    19 Files
  • 13
    Sep 13th
    20 Files
  • 14
    Sep 14th
    38 Files
  • 15
    Sep 15th
    31 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    7 Files
  • 18
    Sep 18th
    15 Files
  • 19
    Sep 19th
    40 Files
  • 20
    Sep 20th
    8 Files
  • 21
    Sep 21st
    1 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close