[LOWNOISE] Advisory: 
et@cyberspace.org
by ET.
			PADLOCK-IT 1.01
			===============

DISCLAIMER: Learn, there are dark things behind a nice GUI.
 
Well, maybe this isnt a topic for bugtraq but many people is
using this kind of programs to protect all kind of passwords.
(Dial-up passwords, UNIX accounts, etc etc etc..............)
This is just a quick note about this product. Im going deeper
later.


PRODUCT:	PADLOCK-IT Version 1.01 1998
		1998 WinWare Inc.
		1998 eEye Digital Security Team <---- Hmmmm!!
		     http://www.eEye.com

PROBLEM: 	Poor Implementation of TWOFISH
                (Counterpane Systems) encryption


DESCRIPTION:	PadLock-it is a utility program for 
		Windows 95, 98 and NT. It remembers
	        all your passwords in a single, easy
		to use interface. It protects your
		passwords using encryption and fixes
		many loop holes in windows applications
		password management.

Well, im not a guru on cryptoanalisys but theres something
wrong about PadLock-it. I agree that it has a really cool
GUI and its easy to use. But its opening new problems on 
password managment.

First, remeber that now all the passwords will be encrypted
on 1 file called Padlock-it.dat so any person can grab this
file and analize it using just a text editor.

Padlock-it.dat (EXAMPLE)
=========================
 
[General]
Version=1.01
MP=588b1c441a   

[Options]
TrayIcon=1
Confirm=0
Startup=1
Quick Tips=1

[Accounts]
prueba=4a0e54f8„…4a0e54f8625f
prueba1=5d2bd3e4e7„…4a169a9f8901
prueba2=4a169a9f„…3db126d6f1fc83a4
enter=588b1c441a„…588b1c441a
noise=5554c02c0b„…5554c02c0b

--------------------------------------------------
First problem:
 THEY ARE NOT USING A RANDOM SEED BETWEEN USERID AND HIS PASSWORD

 example: 
 prueba = 4a169a9f__ 4a169a9f8900
          root       root98
 
 If there are some weak passwords:
 U can guess what is the weak password for a especified USER
 Remember that is easy to have some USER IDs just because
 other programs will give u that kind of info.
 

Second problem:
 THEY ARE NOT USING A RANDOM SEED BETWEEN ACCOUNTS

 example:
 prueba1= 5d2bd3e4e7__ 4a169a9f8901  
          admin        root98
                                 
 So here is more help to have an idea to find the passwords


Third problem:
  U CAN KNOW THE FIRST LETTER (and sometimes the SECOND too)
  OF ANY USER ID AND THE PASSWORD (THIS INCLUDE THE MASTER
  PASSWORD MP= "Take a look at the Padlock-it.dat (EXAMPLE)")
  
  Weell there is no random seed (IMPORTANT PART ON ANY CRYPTO-THING)

  So here is it a very little table:


     1st letter      encrypted 	
	a		5d 	
	b		5f	
	c		5e	
	d		59
	e		58
	f		5a
	g		5b
	h		51
	i		50
	j		52
	k		53
	l       	57
	m               56
	n		55
	o		54
	p		48	
	q		49
	r		4a
	s		4b
	t		4d	
	u		4c
	v		4f
	w		4e
	x		46
	y	        47
	z		44

Another problem:
	U KNOW HOW MANY CHARACTERS ARE IN THE USER ID AND THE 
        PASSWORD AND THE MASTER PASSWORD.

        Count the characters on the encrypted password, 
        divide it by 2.

  	example:
		prueba=4a0e54f8„…4a0e54f8625f
		        
                       r***      r*****
             
                prueba1=5d2bd3e4e7„…4a169a9f8901       
                       
                        a****       r*****   
Another problem:
	THEY SAY (On HELP):
                   I can only enter 5 characters for my master
                   password, why?

                   The evaluation version of PadLock-it™
                   is limited to 40 bit encryption, only US
                   full versions of PadLock-it™ support 128 
                   bit encryption, which translates into 16
                   character passwords.

       SO U KNOW THE FIRST LETTER OF THE MP SO A BRUTE FORCE
       ATTACK IS EASY TO DO TO FIND THE NEXT 4 CHARACTERS.

Another problem:
       THEY SAY (On HELP):
		I forgot my master password, can I get it 
		back?
		
		No, PadLock-it uses a state of the art security
		that is unbreakable, no one can get your master
		password. Not even the developers of PadLock-it.

        WHEN U ENTER TO EDIT AN ACCOUNT PADLOCK DECRYPT THE 
	USERID AND IT SHOW YOU ON CLEAR TEXT.
	
	THE MP USES THE SAME TWOFISH ENCRYPTION WITHOUT SEED
	LIKE THE ACCOUNTS:

		[General]
		Version=1.01
		MP=588b1c441a    "guess the password"
             	
		[Accounts]
		enter=588b1c441a„…588b1c441a
			"enter"	   "enter"

        THE MP JUST WORK TO AUTENTICATE YOU, IT HAS NO JOB
        ON LATER ENCRYPTION.

        CONCLUSION:
		IF THEY DECRYPT THE USER ID, THEY CAN BREAK
		THE MP.!!!!!

	NOTE: 
		THEY SAY:
		
		What Encryption algorythm does PadLock-it™ use?

		PadLock-it™ uses the latest release of Twofish
		encryption from Counterpane Systems.
		BRUCE SCHNEIER is the president of Counterpane
		Systems, the author of Applied Cryptography 
		(John Wiley & Sons, 1994 & 1996), and the 
		developer of Blowfish and Twofish.


		WELL THEY ARE JUST USING THE POPULARITY OF A
		GREAT DUDE... Twofish its c00l... the 
		implementation on this proggy just sucks.
			
================================================================
Efrain `ET` Torres
LoWNOISE Colombia. 
et@cyberspace.org 
1999

et@my.narco-goverment.sucks.co
================================================================