Bugtraq mailing list archives

JpegX 2.0.0.3 Password Bypass Vulnerability

From: JeiAr <jeiar () kmfms com>
Date: 5 Apr 2003 21:16:30 -0000



JpegX 2.0.0.3 Password Bypass Vulnerability
--------------------------------------------------
Written by Lawrence Kom
09/30/01
http://www.nerdlogic.org/jpegx
larry () nerdlogic org
aim: kloned


Modified the encryption format to avoid guillermito's program.
http://www.pipo.com/guillermito/jpegx/index.html

Still has all previous features 
Can read version 1 & version 2 files.
Can clean files & overwrite jpegx messages in files.
Will automaticly overwrite with the new encryption format.

Now includes a wizard to make it easier to read/write jpeg files.
Got input? check out the new homepage.

http://nerdlogic.org/jpegx


Problem
--------------------------------------------------
Nothin complex here. Just open a crypted .jpg with
the wizard, enter ANY password and message is then
successfully decrypted. Only works when using the 
wizard.


Credits Go To JeiAr of GulfTech Computers And CASR

Current thread:

JpegX 2.0.0.3 Password Bypass Vulnerability JeiAr (Apr 07)