vendredi 17 août 2012

Not everything is secure!!

It's been a while since i've posted something :/ well here i am now ;)

While i was searching for some new applications out there, i have found a nice one called Ultimate Password Saver i liked the name and i have downloaded it jk :p anyway i wanted to see how do they do to save our passwords so i went to the folder where it's installed and found a folder called Data, that folder seemed suspicious :) in the end it's the right folder where they save our Logins and Passwords (..\Data\Pwd.zip) but the extension was .zip but when you open it in notepad you'll see that's it's a .mdb (the famous extension of the access database) not to mention that this db is used by Visual Basic coders :) the good thing is that the db was password protected, but does it mean it's safe? not at all ;) I've opened that application in ollydbg and look what i've found :D



you can see that the password "mysoft" is hard-coded and anyone can break into your database without making any effort..

The main idea of all this is to show you that not everything that seems secure from the outside is really secure and that you just have to look for further information and then decide whether it's safe or not ;)