Thursday, February 28, 2008

The Hack without a Hack - Part 2

The XStart file was a configuration file used to login and start the trading application (located on another server). The file kept the user ID, password and method of entry into the server, and with it, Bill could log in as Louis. A plan started to formulate in his mind.

Bill knew that the traders remotely logged in to the server to run their trading application. All traders went through this server to a third party service. He didn't know much more than that, other than that was the application the traders were constantly in - exchanging money on their clients behalf. Bill began to ponder how much money actually went through that server on a daily basis. It had to be in the millions.

If he could get on that server and set up some type of sniffer, there was a good chance he could start pulling down account numbers and such. From there, who knows what type of money he could get? Bill had long ago decided that if he found a way to make some quick money at the bank he would. He had every indication that he would have no problem getting away with it. Besides, even if it was noticed it would be under Louis' ID and he would get fired.

With his plan in mind, he downloaded the file to his computer and unmounted the drive. Already having Exceed loaded on his computer, he started the XStart program and loaded the trader's file.

Immediately, the window which popped up in front of him told him the server's address, the trader's user ID and the protocol used to log in. Unsurprisingly, TELNET was used. For a bank, Bill thought, they sure skimped on security where they could.

Bill wanted to log on to the server to see what was on there but he knew that he couldn't just run the XStart file. If he did, it would launch the trading application and Louis would get kicked off as it only allowed one of the same login at a time to be on. That would alert him something was wrong and things could go down from there. If only he could get the password from the file.

Opening up the XStart file proved un-fruitful. It was some kind of binary format and didn't appear to store any type of clear-text password anywhere in the file. There had to be another way, Bill thought. Within a few minutes of searching Google, he had his answer.

Anyone want to venture a guess as to what Bill found?

No comments: