Post by 101 on Jun 12, 2012 10:58:14 GMT -5
Hi
reg QUERY "HKEY_LOCAL_MACHINE\SOFTWARE\eMingSoftware\NetPeeker\"
HKEY_LOCAL_MACHINE\SOFTWARE\eMingSoftware\NetPeeker
CheckUpdate REG_DWORD 0x1
AlwaysOnTop REG_DWORD 0x0
AutoRemove REG_DWORD 0x1
AutoRemoveTime REG_DWORD 0x78
HomePage REG_SZ www.net-peeker.com/
InstallDir REG_SZ C:\NetPeeker
LocalNetList REG_SZ 10.0.0.0/255.0.0.0, 192.168.0.0/255.255.0.0
RunAtStart REG_DWORD 0x1
SpeedGraphTimeRange REG_DWORD 0x2
Version REG_SZ 3.40.0.1102
Authentication REG_SZ CCD87C0E9326EE3D
ShowSessions REG_DWORD 0x1
An administrator can reset the password with Authentication=""
However, users without admin rights cannot use the same trick.
I've found a simple way to bypass "Net-Peeker Authenticate".
The configuration is allocated in a static structure in memory.
Find this structure, overwrite the password with NULL bytes.
That's cool for a recovery but... a local user could exploit this
weakness to modify settings.
Regards,
reg QUERY "HKEY_LOCAL_MACHINE\SOFTWARE\eMingSoftware\NetPeeker\"
HKEY_LOCAL_MACHINE\SOFTWARE\eMingSoftware\NetPeeker
CheckUpdate REG_DWORD 0x1
AlwaysOnTop REG_DWORD 0x0
AutoRemove REG_DWORD 0x1
AutoRemoveTime REG_DWORD 0x78
HomePage REG_SZ www.net-peeker.com/
InstallDir REG_SZ C:\NetPeeker
LocalNetList REG_SZ 10.0.0.0/255.0.0.0, 192.168.0.0/255.255.0.0
RunAtStart REG_DWORD 0x1
SpeedGraphTimeRange REG_DWORD 0x2
Version REG_SZ 3.40.0.1102
Authentication REG_SZ CCD87C0E9326EE3D
ShowSessions REG_DWORD 0x1
An administrator can reset the password with Authentication=""
However, users without admin rights cannot use the same trick.
I've found a simple way to bypass "Net-Peeker Authenticate".
The configuration is allocated in a static structure in memory.
Find this structure, overwrite the password with NULL bytes.
That's cool for a recovery but... a local user could exploit this
weakness to modify settings.
Regards,