Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Getting stored passwords in plain text from CheetaChat

Getting stored passwords in plain text from CheetaChat

by Nikola Strahija on February 13th, 2003 A bug exists in CheetaChat which lets an attacker with access to the yaliases.dat to get users yahoo passwords in plain text.


I. BACKGROUND
CheetaChat is a free and full-featured chatting client that works with
Yahoo! Chat, CheetaServ and Ichat sites. It lets users use solid
tones,fades, custom fonts and styles! Share your music and files with
friends . CheetaChat is a very popular chat client for Yahoo! Chat!. It
can be downloaded from www.cheetachat.com

II. DESCRIPTION

When users add there yahoo id to cheetachat it gets encrypted and stored
in a file called yaliases.dat which is stored in the folder CheetaChat
was installed to. An attacker who can get access to the yaliases.dat
file can easly retrive the users password's in plain text.

Example: If the attacker loads this file up with cheetachat they can then
get the users password by doing the following 1. log into cheetachat
using the id. 2. click on the settings menu then preferences then once
in there check the box that says Use internal Browser then click ok. 3.
Now click on the Chat menu and click Account/Password . After this the
internal browser will load up and send login and pass to the yahoo login
, If you look at the very end of the address box you will see the users
password in plain text like passwd= then the pass in plain text.


III. ANALYSIS
An attacker able to obtain the target users yaliases.dat file can easily
obtain there yahoo id and password. This could give the attacker access
to the targets full yahoo account including email , personal details
and if the user used the pay direct service on yahoo the attacker could
get credit card information. This is of special concern in shared
environments.

IV. DETECTION

This is vulnerable in all versions on cheetachat including the latest
version 6.5.10. I tested this on WindowsXP home with latest version of
cheetachat.

V. VENDOR
I once contacted the vendor about this problem several months ago and
never got a reply and the problem has never been fixed since.

Regards
b0f (Alan M)
www.b0f.net
[email protected]


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »