[28711] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

silc question - insecure memory

daemon@ATHENA.MIT.EDU (cdowns)
Sat Feb 1 02:57:41 2003

Message-ID: <3E3B5095.40306@angrypacket.com>
Date: Fri, 31 Jan 2003 23:44:05 -0500
From: cdowns <cdowns@angrypacket.com>
MIME-Version: 1.0
To: bugtraq@securityfocus.com
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

Good Evening,
    while screwing around tonight checking memory for the SSH2 
advisory.  I noticed passphrase and complete sessions from silc in 
memory. I dont know if this is normal for silc ( I wouldnt think it 
would be ) but all you need to do it is:

cdowns@Vader:~$ sudo dd if=/dev/mem of=/home/cdowns/mem.dump | less 
~cdowns/mem.dump

then just search for you key phrase.

~!>D

-- 
------------------------------------------
      http://www.angrypacket.com
       Christopher M Downs,RHCE
       cdowns@angrypacket.com
	
   char ash[]="\x48\x61\x69\x6C\x20"
   "\x74\x6F\x20\x74\x68\x65\x20\x4B"
   "\x69\x6E\x67";
-------------------------------------------


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[28711] in bugtraq

silc question - insecure memory

daemon@ATHENA.MIT.EDU (cdowns)Sat Feb 1 02:57:41 2003

daemon@ATHENA.MIT.EDU (cdowns)
Sat Feb 1 02:57:41 2003