Lucene search
K

ProtWare HTML Guardian 6.x Encryption Weakness

🗓️ 01 Jul 2014 00:00:00Reported by RootType 
seebug
 seebug
🔗 www.seebug.org👁 22 Views

ProtWare HTML Guardian 6.x Encryption Weakness. Weak encryption scheme allows trivial data reversal jeopardizing security

Code

                                                source: http://www.securityfocus.com/bid/7169/info

A weakness has been reported in the encryption scheme used by ProtWare HTML Guardian. Specifically, the encryption scheme implemented obfuscates data using a simple bit shifting technique, making it trivial for attackers to reverse. 

Administrators may be relying on a false sense of security by implementing the protection supplied by HTML Guardian.

Although it has not been confirmed, it is possible that this issue affects the latest release of HTML Guardian. Earlier versions may also be affected.

#!/usr/bin/perl
#
# Written by rain_song
#
# input file should only contain the main "encrypted" string, which is the 2nd
# javascript variable in the HTML source code.
#

if( $#ARGV != 0 )
{
	print "\nWritten by rain_song";
	print "\nUsage: $0 input_file\n";
	print "\tinput_file should only contain 2nd JS variable of HTML page (it\n";
	print "\t  is the biggest variable)\n\n";
	exit( 0 );
}

open( INPUT, "<$ARGV[0]" ) or die;

$encrypted = <INPUT>;
close( INPUT );
$length = length($encrypted);

$string1 = substr( $encrypted, 0, $length/2 );
$string2 = substr( $encrypted, $length/2, $length-1 );

$i = 0;
while( $i < length($string1) )
{
	$decrypted .= substr( $string1, $i, 1 ) . substr( $string2, $i, 1 );
	$i++;
}

$decrypted =~ s/\\/\@\@/g;
$decrypted =~ s/\'/\`/g;
$decrypted =~ s/qg/\r\n/g;

print $decrypted;
                              

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

01 Jul 2014 00:00Current
7.1High risk
Vulners AI Score7.1
22