"Pretty Good Privacy (PGP) is a computer program which provides cryptographic privacy and authentication. "
PGP Self Decrypting Archive (SDA) allow users to send conventionally encrypted files to people who do not have PGP installed.
A design flaw allows attackers to bypass authentication with PGP SDA.
Vulnerable Systems:
* PGP version 8
* PGP version 9
When a user create a text file and wrote inside it "aa" and then create a SDA, an hex edit of the exe out, will show the user at the very buttom of the file some bytes separated by 803E.
Example: E7 93 A0 90 E9 62 D1 21
803E
A1 50 AF 5F 6F 9E FE D6
Analyzing the bytes carefully, you will notice that 803E is the value used for a loop. The loop starts at 0040590D. Further analysis showed that the bytes right before 803E, are used for extraction and authentication.
Authentication is done in the following way:
When some enters a passphrase a series of instructions is executed against the bytes right before 803E, to be exact in the function at address 00404E8F. This function generates a series of bytes which are compared later on to the bytes AFTER 803E. If they match the user is granted authentication.
There are two ways to bypass the authentication need:
1. Modifying the contents of the address 00890D70.
The modification should be done in: 0040598F |. E8 AC3D0000 CALL filename_s.00409740
NOTE: At this point if you change the contents of 00BAF670, you won't have to bypass authentication, it will work like a charm, and it will grant authentication/extract.
Once you have patched the passphrase location attackers can do whatever they like to do to the users. The problem with user management is a clear issue. When the passphrase is changed PGP does not change the underlying key which will allow any user who had access to regain that access back.
Note to forensic investigators: Imagine you are working on some cases and for some reason you do not want Mr. Y to have access to some of the evidence file, so you decided to change the passphrase on your PGP virtual Disk. Mr. Y can still access the evidence if he patch the Virtual Disk binary file.
