Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Re: Multiple issues with Mac OS X AFP client
From: petard <petard () freeshell org>
Date: Fri, 5 Mar 2004 15:46:30 +0000

On Fri, Mar 05, 2004 at 12:49:57AM +0100, Stefan Bethke wrote:
SecureMac.com has a article on this if anyone is interested.

Is that so?  Google didn't seem to find much...

Your google-fu must be weak. OP was correct about password storage, and
google does indeed turn up articles about that on SecureMac.com. His
assumption about password transmission being the same was mistaken, as
you so handily pointed out. Anyway, here's the link to some general
info:
http://www.securemac.com/appletalk.php

And here's the algorithm to deode stored passwords along with an
implementation:
http://www.securemac.com/data/macfspwd.c

There's plenty more interesting info there, but you sound like you need
the google practice, so I'll let you find it yourself.

regards,

petard

-- 
If your message really might be confidential, download my PGP key here:
http://petard.freeshell.org/petard.asc
and encrypt it. Otherwise, save bandwidth and lose the disclaimer.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault