[10563] in bugtraq
pIRCH32/98 Exploit
daemon@ATHENA.MIT.EDU (Mike Arnold)
Fri May 14 13:59:58 1999
Mime-Version: 1.0
Content-Type: text/plain; format=flowed;
Message-Id: <19990514115655.13421.qmail@hotmail.com>
Date: Fri, 14 May 1999 04:56:55 PDT
Reply-To: Mike Arnold <mikey27@HOTMAIL.COM>
From: Mike Arnold <mikey27@HOTMAIL.COM>
To: BUGTRAQ@NETSPACE.ORG
pIRCH version 32 and 98 save the users NickName password onto disk in
c:\pirch32\pirch.ini or c:\pirch98\pirch.ini depending on what version.
pIRCH Encrypts the password but i have released a program that can crack the
password if you supply the .ini you need to get the victims pirch.ini file
somehow maybe Social Engineering or whatever, then run pIRCHCrack against
it. The user may also use the same password for their ISP, E-mail ETC.
pIRCHCrack is available at
http://members.xoom.com/zaiman/pirchcrack.zip
--Mike
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com
