[CrackMonkey] Patent infringement! Patent infringement!
Don Marti
dmarti at zgp.org
Thu Sep 28 10:28:18 PDT 2000
Digital Convergence is infringing ETrade's super-elite patented
encryption, or vice versa.
----- Forwarded message from Tim Hollebeek <thollebeek at CIGITAL.COM> -----
Date: Wed, 27 Sep 2000 14:51:18 -0400
From: Tim Hollebeek <thollebeek at CIGITAL.COM>
Subject: E*TRADE's encryption algorithm is XOR
To: BUGTRAQ at SECURITYFOCUS.COM
Delivered-To: dmarti at zgp.org
Approved-By: aleph1 at SECURITYFOCUS.COM
Delivered-To: bugtraq at lists.securityfocus.com
Delivered-To: bugtraq at securityfocus.com
Reply-To: Tim Hollebeek <thollebeek at CIGITAL.COM>
X-cc: Gary McGraw <gem at cigital.com>, "viega at list.org" <viega at list.org>
Jeffrey Baker's advisory on security vulnerabilities with E*TRADE's web
interface describes the cookie encryption algorithm in terms of a lookup
table, and Marc Slemko has posted an implementation with a series of
compares, additions, and subtractions.
In fact, it is much worse: The encryption scheme is just XOR with a fixed
byte.
"Encryption" proceeds as follows:
1. Take the ASCII byte and XOR it with 0xA8. (e.g. for 'f'
[0x66] -> [0xCE])
2. Split it into the high and low nibbles. (e.g. [0xCE]
-> [0xC, 0xE])
3. Add 0x40 to produce an uppercase letter or '@' (e.g. [0xC,
0xE] -> "LN")
Repeat for the rest of the characters in the username and password. That's
it.
Tim Hollebeek
Cigital, Inc.
(formerly Reliable Software Technologies)
----- End forwarded message -----
--
Don Marti dmarti at linuxjournal.com
Technical Editor, Linux Journal 650-962-9601
Published by SSC http://www.ssc.com/
More information about the Crackmonkey
mailing list