Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

Re: BackOrifice == DDoS Server???
From: 11a () GMX NET (Bluefish)
Date: Sat, 1 Jul 2000 13:58:32 +0200


Didn't bo2k impliment an IDEA crypto module. I thought the lame crypto
packages were only included due to US export restrictions at the time of
the release.


1. the keys are derived from a password (this is concider rather weak
   by most cryptographers).
2. at least two BO2K plugins did so using a broken MD5 implementation.
   this was however fixed.

The MD5 bug obviously made the ciphers insecure no matter what algorithm
the MD5-generated key was used with. If people are overly interrested I
could try to find some old emails regarding which plugins have had this
problem, don't have available at the moment.

This "lame crypto" isn't due to US standards, it was a direct flaw in the
plugins. As far as I know, NSA wants things to be 40 - 56 bits secret so
they can easily decode it, and not others. The flaw in the original BO2K
plugins made it far weaker.

..:::::::::::::::::::::::::::::::::::::::::::::::::..
     http://www.11a.nu || http://bluefish.11a.nu
    eleventh alliance development & security team

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]