11 lines
No EOL
755 B
Text
11 lines
No EOL
755 B
Text
source: https://www.securityfocus.com/bid/551/info
|
|
|
|
Screen to Screen is a remote control utility for systems runnig MacOS. To use it, you need to have an administrator password. This password is stored in encrypted form in a file called "Authorization" located in the System Folder under Preferences:Power On Preferences:Screen To Screen.
|
|
|
|
There are two problems:
|
|
1: The file can be deleted, and then the next time Screen to Screen is started it will reset the username to 'administrator' and the password to 'admin'.
|
|
2: The encryption scheme is weak and can be broken.
|
|
|
|
This program, written by mSec, will decrypt the administrator password for Screen to Screen.
|
|
|
|
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19437.sit |