|
|||||||||
|
|||||||||
| |||||||||
|
|||||||||
|
|||||||||
| |||||||||
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
Dev Shed Forums Sponsor:
|
|
Generate data entry and reporting .NET Web apps in minutes, straight from your database. Read our FREE whitepaper “Build Web 2.0 Applications Without Hand-Coding” Download now! |
|
#1
March 22nd, 2008, 01:30 PM
|
|||
|
|||
|
Crypto Algorithm Question - What algothrim is used ??
I am conducting an internal pen test on our Lotus Sametime client and have found the following. While in a CHAT session with the other user I have found a way to get ST 7.5.1 to send me, without the end user seeing it- any file in the Java root directories of the other user.
I have figured out that the stored/saved passwords (when you check the "save password" box) are kept in a user directory in the ....people\personcache\st999999 where 9999 corresponds to some Domino chat server. In this directory are 2 files: .index and p$440fc5876a7677a8 ( the p$ name changes when the password is changed ) There is also another variable in the p$999.... file - that looks like a salt. Trying to see how the password got decrypted I ran Olly & windbg and found out that I need to learn how to debug Java programs. Anyway - I found a reference to "ROT64" in the Java code that handles the password. However, I have yet to find a Java function called ROT64 This seems might be similar to a 32 bit rotate X86 instruction - maybe a modern variant of the Caesar cipher. I found 2 google references (2) about Java passwords being encrypted with ROT64. Anyway – given the data below – can anyone identify the salt and tell me the algorithm used to encrypt the password ? I am guessing that the last update value is the salt ?? OK - what algorithm is used to encrypt ? thanks  2 different ST chat sessions same password for each session = !@DDT00n ( my test pswd - not my normal pass phrase) p$4046199F7D22D88F.xml <<<< changes with password change >>>> <?xml version="1.0" encoding="UTF-8"?> <person communityId="st2100283905" communityProviderId="Sametime" contactId="CN=xxx x xxxxxx,OU=xxx,O=xxS" displayName="xx" isExternal="false" lastChatTime=""> <attribute name="Title" value="xxxxxxx"/> <attribute name="Name" value="xxx x xxxxxx"/> <attribute name="MailAddress" value="xxx.xxxxxx@xx.xxx.xxx"/> <attribute name="lastUpdate" value="1205647515512"/> <<<< changes with password change >>>> </person> ST chat session password = !@DDT00n p$4C1820F9C8440B2A.xml <<<< changes with password change >>>> <?xml version="1.0" encoding="UTF-8"?> <person communityId="st237781252" communityProviderId="Sametime" contactId="CN=xxx x xxxxxx,OU=xxx,O=xxS" displayName="xx" isExternal="false" lastChatTime=""> <attribute name="Title" value="xxxxxxx"/> <attribute name="Name" value="xxx x xxxxxx"/> <attribute name="MailAddress" value="xxx.xxxxxx@xx.xxx.xxx"/> <attribute name="lastUpdate" value="1205647704722"/> <<< changes with pswd change >>>> </person>
|
|
| Viewing: Dev Shed Forums > System Administration > Security and Cryptography > Crypto Algorithm Question - What algothrim is used ?? |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
 |
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
