Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

GlobeTrotter Mobility Manager - security issue

From: dzelek () gmail com
Date: 23 Jun 2006 21:30:22 -0000
Discovered by Damian Zelek -> [03 April 2006]
Published -> [23 June 2006]
Vendor was informed -> [24 April 2006]
Vendors answer -> "We will talk with our Department of Software" :-D


Summary:
     GlobeTrotter Mobility Manager is a unique PC software solution that enables fast, simple and easy access to 
wireless data whilst hiding from the user the complexity of the underlying wireless technologies. GlobeTrotter Mobility 
Manager seamlessly controls both wireless Internet and fixed line dial-up connections to remote networks with support 
for 3G, E-GPRS, GPRS/GSM, WLAN/Wi-Fi, ADSL and standard PC modem connections. More info about software:
http://www.option.com/news/detail.cfm?newsitemgroup_id=84


Details:
     There's a security issue in the implementation of virtual-keyboard.

As we all know virtual-keyboards should prevent from "keyloggers". In GlobeTrotter Mobility Manager [GTMM] 
implementation of virtual-keyboard when we "click" on some figure [for example when we are typing our PIN code] we can 
see effect of "active button", so good keylogger which can makes screenshoots will "sniff" that codes even when there's 
a virtual-keyboard.

Good virtual-keyboard shouldnt change view/size/depth/color/etc of button when someones is "clicking" on it [it should 
have "stoned-face"]. That issue/problem was mentioned many times, for example on SecurityFocus [publication, arts].

When I was making tests, my own short-coded keylogger easily "catched" [via screenshoots] all PIN codes that I was 
typing throught "bad" implementation of virtual-keyboard [in GlobeTrotter implementation of virtual-keyboard when we 
"click" on button it changes its color + we can see depth-effect]. As soon as it's possible Option Wireless Technology 
should fix that issue in software. When we have a good implementation of virtual-keyboard, when we click on some button 
that button doesnt change color/size or other effects of "active button". So even if keylogger is making a good 
screenshoots we do know nothing about typing password (especially when user likes to "fly-only"  [even unintentionally] 
over many buttons, but click only 4 of them).


Developers should read this: http://www.securityfocus.com/infocus/1829 [section Preventing Keystroke Capture.]


BTW. I didnt published it earlier because I thought that vendor will quickly fix it, but when I saw on the Internet 
that many "bad programms" are already waiting for GTMM, I decided to inform all of You (especially GTMM users). Beware 
:-D


PoC screenshoot ::
http://img45.imageshack.us/my.php?image=poc7ik.jpg
Previous By Date Next
Previous By Thread Next

Current thread: