Cracked the encryption key of the Superfish Certificate

The security that ται από το Superfish το εγκατεστημένο add-on στους υπολογιστές της Lenovo μόλις έσπασε ().

We have recently reported that the Superfish software used by Lenovo produces a security certificate to re-sign all the security certificates it receives from HTTPS pages, such as bank pages, virtually allowing access to plain text information to traffic between client and server otherwise it would be encrypted.

Many security experts who have examined the subject have discovered that the add-on uses the same RSA key (1024 bits) on all devices, which means that if someone manages to break it, they will be able to "read" the encrypted traffic exchanged between a user with a Lenovo user computer and a secure service. This is exactly what he did Robert Graham, Chief Executive Officer of Errata Security.

The researcher used a system with Superfish installed by dumping the data generated by processes into the system memory.super-vs

Μετά την ανακάλυψη του κρυπτογραφημένου ιδιωτικό κλειδιού του πιστοποιητικού ασφαλείας που χρησιμοποιείται από το Superfish, και το ίδιο το πιστοποιητικό, προσπάθησε να εξακριβώσει ότι τα στοιχεία προστατεύονται με έναν κωδικό .super-01 cracked

Cracking the password turned out to be a bit more difficult than expected, as it required a modified brute-force program. When Graham had to develop a new brute-force software for the needs of this attack.super-02 cracked

Υπέθεσε ότι ο δεν θα ήταν πολύπλοκος, οπότε έδωσε στο πρόγραμμα εντολή αναζήτησης μόνο μεταξύ πεζών γραμμάτων. Σε λιγότερο από 10 δευτερόλεπτα, ανακάλυψε τον κωδικό πρόσβασης ό οποίος ήταν “komodia.”super-03 cracked

The password decrypts the root certificate and could be used in man-in-the-middle attacks against Lenovo users who have Superfish installed on their system.

super-04 cracked The Best Technology Site in Greecefgns

Subscribe to Blog by Email

Subscribe to this blog and receive notifications of new posts by email.

Written by Dimitris

Dimitris hates on Mondays .....

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).