[18714] in cryptography@c2.net mail archive
Re: Cisco VPN password recovery program
daemon@ATHENA.MIT.EDU (Bill Squier)
Fri Oct 21 11:25:43 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <87u0fdzikg.fsf@snark.piermont.com>
Cc: cryptography@metzdowd.com
From: Bill Squier <groo@old-ones.com>
Date: Thu, 20 Oct 2005 19:31:19 -0400
To: Perry E.Metzger <perry@piermont.com>
On Oct 19, 2005, at 10:29 AM, Perry E. Metzger wrote:
>
> Via cryptome:
>
> http://evilscientists.de/blog/?page_id=343
>
> The Cisco VPN Client uses weak encryption to store user and group
> passwords in your local profile file. I coded a little tool to
> reveal the saved passwords from a given profile file.
>
> If this is true, it doesn't sound like Cisco used a particularly smart
> design for this.
No matter what their strategy for encrypting the on-disk passphrase,
this simple trick will work:
"ltrace -i ./vpnclient connect ... 2>&1 | fgrep 805ac57" (or similar
library call tracing technique on an OS besides linux).
This used to be used by
http://www.unix-ag.uni-kl.de/~massar/bin/cisco-decode
but apparently they've switched to the evilscientists' method.
-wps
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
