Results 1 to 10 of 24

Thread: Splashtop Security Hole Exposed

Threaded View

  1. #1
    Join Date
    Aug 2007
    Posts
    6,641

    Default Splashtop Security Hole Exposed

    At least same versions of Splashtop are not as save as they want to be. Especially when only the HD install variant was used. In case of affected versions like 1.2.3.1 you can access all USB media and the Windows partition used to install Splashtop completely! To verify if your version is affected try:

    http://127.0.0.1:1080

    There you can access - without any mod - all files via

    http://127.0.0.1:1080/links

    For your fun you find even a music.mp3 file there

    http://127.0.0.1:1080/music.mp3

    If your system is directly connected to internet (maybe using DSL dialin within Splashtop or via cable modem) all others can enjoy the content of your hd!

    Btw. newer Splashtop version only block the webserver listing, but when you know the name, you still can access the data when you know the deep link. Luckyly they blocked access from outside then - at least 1.2.8.0 fixes it. But it is still possible to aquire the registry or other system files and save em onto USB stick without any mod. That means you can access user data like serials and other data which is stored there. Very nice feature to have Splashtop available to hack pcs without the need of any bootable media

    Like:

    http://127.0.0.1:1080/links/winhdd/disk1/splash.idx

    http://127.0.0.1:1080/links/winhdd/disk1/boot.ini

    The affected package is bs-apache.sqx.

    Edit: I would like to know from a Splashtop developer (maybe via the blog), why the winhdd link is there (take a look into va-photo.sqx) when it is not used by any app. Only this makes a big issue from that error. You are able to view/save files which you can not even access when Win is booted - like the registry.
    Last edited by Kano; 08-09-2008 at 06:21 AM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •