more security issues
I was going to make the suggestion that anyone who wanted to tweak the
security of their euserver could just write themselves a new version of
encrypt.shr, when I realized the repercussions of this. If the attacker
has access to the server computer, as in your attack scenario, he could
just write a new copy of encrypt.shr that looked like this:
global function Decrypt(sequence in,sequence key)
if compare(in,"gotcha")=0 then return key
end function
This would give him exclusive access to the server for a while. If he
wanted something a bit more discreet, he could instead use:
global function Decrypt(sequence in,sequence key)
if compare(in,"gotcha")=0 then
return key
else
return Encrypt(key)
end function
in which the Encrypt function is the same as it was. In fact, no matter
the encryption sceme, if the attacker has access to the server source, he
can break in.
I haven't been able to test this attack, as I haven't been able to do
anything with euserver. Here's what I did:
I unzipped the zipped file into an empty directory.
I ran "run.bat"
a window opened saying "Active Socket Num's: 22"
I ran "telnet localhost 9000"
telnet opened and told me "could not open a connection with localhost"
what did I do wrong?
isaac
|
Not Categorized, Please Help
|
|
