NotSync demonstrates the simplicity of obtaining and decoding the Palm system password. This version imitates the initial stages of the HotSync process via the IR port and retrieves and decodes the password of the target device.
7c3c502a14191792cb5a0b396a99c3ae44638139bd248d926f033f961fd04774Atstake Security Advisory - PalmOS Password Retrieval and Decoding. Severity: Moderate. PalmOS offers a built-in Security application which is used for the legitimate user to protect and hide records from unauthorized users by means of a password. Passwords can easily be obtained and decoded allowing an attacker to access all private records on a Palm device.
605b134f485bfa1453bdfd428bc29ebf0cd76aa76b8b91cd4a84f25e95ed0c2dL0pht Security Advisory - Rainbow Technologies' iKey 1000 contains vulnerabilities which allow an attacker to login as administrator and access all private information stored on the device with no detection by the legitimate user. The attack requires physical access to the device and a EEPROM programmer. Includes a proof of concept tool, iSpy, which retrieves and displays configuration data for the inserted iKey and displays ll public and private data.
b09f4d1b30cd7023b8dba22307ee8935b43313f10168392ba0b354ee1febc1d5l0pht Security Advisory - eToken Private Information Extraction and Physical Attack. Aladdin Knowledge Systems' (https://www.ealaddin.com) eToken is a portable USB (Universal Serial Bus) authentication device providing complete access control for digital assets. eToken stores private keys, passwords or electronic certificates in a hardware token the size of a house key. The eToken makes use of two-factor authentication. Using the legitimate user's PIN number ("what you know") and the physical USB key ("what you have"), access to the public and private data within the key will be granted.
5e11a6c4d048dd58ac24b30009579e749a7e507f27f37ea2471b6b99db381e0eCRYPTOCard's CRYPTOAdmin pin can be decrypted from the .pdb file - Windows 9X demonstration program.
1c39bef81b495add319b132a0b439b84f5ac8247873637ae83f4dbc4f2ba012fCRYPTOCard's CRYPTOAdmin software is a challenge/response user authentication administration system. The PT-1 token, which runs on a PalmOS device, generates the one-time-password response. A PalmOS .PDB file is created for each user and loaded onto their Palm device. By gaining access to the .PDB file, the legitimate user's PIN can be determined through a series of DES decrypts-and-compares. Using the demonstration tool, the PIN can be determined in under 5 minutes on a Pentium III 450MHz.
e6389d8ca2def0371d397ac69b9cc79c004fcfe85414c5e79412c03aaadabb09TBA is the first wardialer for the PalmOS platform. Using a Palm device with a modem, you can wardial from anywhere a phone line is available - throw it in a phone can to retrieve later, toss it up in the ceiling during a security audit - the possibilities are endless.
1801181a24d4d625d53dc3a84decaaa06032ff50a5c99d5974c4f30297e2b37fDocumentation for TBA, the first wardialer for the PalmOS platform. In Microsoft Word format.
d4b35eadb78e27a5a58a73b4f11e9f560f66ca811fb3fbb960cd8dcf4bff0229BeamCrack is a simple application that will set or reset the bit in each application's database header which tells the launcher that it should or shouldn't be beamable, thus bypassing the PalmPilot's infantile copy-protection.
217629f25097a18e38f40fa24472ef4c6bc44bbf1af6810bb6f8fd8c62739cb8Enables you to examine all of the registers inside the Motorola DragonBall processor (running the show on the PalmPilot). Very nifty. Use at your own risk. For devices running MC68328 only.
1afeb3c239746512da4d830517a97a5af937d98be43466aadfae50e591a26945"Cloning MAC Addresses" Whitepaper - "At one time or another, you may find it useful to have two machines with the same physical network address. This is how it is done." In .pdf format.
9c0e7d6f37aff0b9a0e08d9c78734ce15d8792444e1a09b2287e376c9bb4588cAt one time or another, you may find it useful to have two machines with the same physical network address. This is how it is done.
b620a2d250dcb84679b355e85c47a69f4fdf7c005badeea64ef109b28578f22d
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed