Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Vuln-Dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Beehive/SendFile.NET - Secure File Transfer Appliance Hardcoded Credenti

from [brad . antoniewicz] Network Security [Permanent Link]
Subject: Beehive/SendFile.NET - Secure File Transfer Appliance Hardcoded Credentials
Date: 29 Feb 2008 01:29:52 -0000 
Title: Beehive/SendFile.NET - Secure File Transfer Appliance Hardcoded 
Credentials

Vendor: Beehive Software
Vendor URL: http://www.thebeehive.com/

Affected File: http://<host>/sfcommon/SendFile.jar

Vendor Contact Date: 7/26/2007

Vendor Response: None

Workaround:
The simplest way to protect against this attack is to block access to 
unnecessary services (e.g FTP) from the internet. 

Description:
Within the outboxWriteUnsent() function of the FTPThread.class file of 
SendFile.jar the following lines reveal a hardcoded username and password which 
can be used to login to the FTP Server. Most servers disallow direct 
communication to the appliance from the internet however threats from the 
internal network still exist. 

SendFile.jar:

------------<snip>------------
URL url1 = new URL(url.getProtocol() + "://" + url.getHost() +
"/s.ftp?command=putfile&user=sfoutbox&pass=sfoutbox&dir=" + mAcctID +
"/" + FTPStream.escapePathName(mUser) + "&createdir=1&file=" +
mOutboxTime + ".unsent.html");
------------</snip>------------

And 

------------<snip>------------
ftpstream = new FTPStream(mApplet.getDocumentBase().getHost(),
"sfoutbox", "sfoutbox", true, false, mProgressWindow, false, mProxyIP,
mProxyPort, mProxyUser, mProxyPass);
------------</snip>------------

Credit: 
Brad Antoniewicz
Email: Brad.Antoniewicz at foundstone.com
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Beehive/SendFile.NET - Secure File Transfer Appliance Hardcoded Credentials, brad . antoniewicz <=
Previous by Date:  [ MDVSA-2008:054 ] - Updated dbus packages fix vulnerability, security
Next by Date:  Re: Loginwindow.app and Mac OS X, oc photon
Previous by Thread:  [ MDVSA-2008:054 ] - Updated dbus packages fix vulnerability, security
Next by Thread:  PHPMyTourney Remote file include Vulnerability, security
Indexes:  [Date] [Thread] [Top] [All Lists]