` From: Luciano Martins <[email protected]
To: <[email protected]>
Sent: Wednesday, October 27, 1999 2:36 PM
Subject: MSN Messenger Service 1.0 Problem: The encryption
algorithm used is
weak and easily broken.
MSN Messenger Service 1.0
Problem: The encryption algorithm used is weak and easily broken.
MSN Messenger Service allows users to save their email password using the
"Save this password so I don't have to enter it every time i log on"
checkbox when try to logon in the Messenger Service. The email and the
password are stored in the registry key
KEY_CURRENT_USER\Identities\{9C53B920-A2E8-11D1-A59D-008048B12
C6E}\Software\ Microsoft\MessengerService\PasswordMSN Messenger Service
{9C53B920-A2E8-11D1-A59D-008048B12C6E} = this change in all machines
This information can be decripted using the
MessengerServiceEmailPasswordDumper 1.0
Published by: Ussr
Solution:
If a user does not check the 'Save this password so I don't have to enter
it every time i log on' checkbox prevents the password from being stored
and decripted.
MessengerServiceEmailPasswordDumper 1.0 binary for i386 or source code go
to wwww.ussrback.com/MSNMS10/
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation