[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] FW1 Session Auth exploit (fwd)
Have you any informations on this problem ? Bye. -- BAILLEUX Christophe - Responsable Securite Grolier Interactive Europe OG / Club-Internet Centre Serveur - Tel : 01.55.45.47.89 E-mail : [email protected]
hi, fwsa.sh is a bash tool i wrote to implement all the security holes on FW1 session auth recently posted on the mailing list. It can be used to make a DOS on every machine inside a corporate network, eventually to crash them but its first goal remain to recover user password by guessing it or asking for it. the last method is far more efficient (and not logged). actually all NT and windows 9.x boxes are vulnerables and for all version of FW1 ( 4.1 sp2 included ) because the flaw doesn't actually reside into the code on itself but come from a misconfiguration of both FW or agent. ( Not true for fw 4.0 that has no feature for session encryption ) Solutions are to not allow plain text password in agents properties while using encryption in FW session authentication rules ( fw 4.1 ) Another expensive solution exists in the "one time passwords" but whatever u choose, use encryption. Gregory Duchemin
Share information about yourself, create your own public profile at http://profiles.msn.com. Attachment:
fwsa.sh
|