Re: [PEN-TEST] PCAnywhere

[Jeff Oliver <jeff () NETMEASURE NET>]

I couldn't help but relate the reality we face around here, which is when
you don't need to worry about trying to remotely attack PCAnywhere - it
comes to us.

A neighbor on our shared class C has his home users use a version of PCA
that only allows you to specify a full class C to search for "up" PCA hosts.
Sets off my firewalls all the time and fills the logs, god love his soul.

All I need to do is set up a PCAnywhere receiver of my own - and I have a
copy - the users will catch my host first and connect, as our IP space comes
before his numerically, and sniff the transaction.  The authentication
fails, and they don't connect, but it gives me the info I need in the
meantime to brute the passwords on my own turf without him knowing.

This is a company that sells *financial services*.

Of course I've never actually done this, nor do I intend to.  Honest.

Cheers


-----Original Message-----
From: Weiss, Robert [mailto:PWCrack () AOL COM]
Sent: November 2, 2000 3:03 PM
To: PEN-TEST () SECURITYFOCUS COM
Subject: Re: [PEN-TEST] PCAnywhere


The previous response dealt with weak encryption of passwords within the
network.  I, too, would be interested in the answer to what I thought was
the
original question:

Does anyone have a remote crack for PCAnywhere or a program that would allow
for weak password checking (dictionary attack) or a brute-force attack on a
system running PCAnywhere where the tester does not have access to sniffing
packets from within the network?