Skip to content
/ onedecrypt Public

PoC to decrypt the registry password stored by the WebEx One-Click client

9 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

OpenSecurityResearch/onedecrypt

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
README
README
 
 
webex-onedecrypt.c
webex-onedecrypt.c
 
 

Repository files navigation

WebEx One-Click Registry Key Decryptor
[email protected]
-------------------------------------------------

The WebEx One-Click client stores user passwords 
encrypted within the registry however the encryption
is really not all that amazing. 

It takes the values of these registry keys:

    HKEY_CURRENT_USER\Software\WebEx\ProdTools\UserName
    HKEY_CURRENT_USER\Software\WebEx\ProdTools\SiteName

Combines and repeats them out to 32 bytes. For instance
    UserName key = braanton
    SiteName key = siteaa.webex.com/siteaa

So the encryption key would be:

    braantonsiteaa.webex.com/siteaab

Next it takes uses the following IV to make things "secure":
    123456789abcdef03456789abcdef012

webex-onedecrypt.c is a PoC to decrypt the values stored in the 
registry. Just manually set the regVal, regLength and key variables. 

To compile:
    gcc -o webex-onedecrypt -lssl webex-onedecrypt.c

then make a metasploit harvester module..

Enjoy!

Tracked by PSIRT-0219916903

About

PoC to decrypt the registry password stored by the WebEx One-Click client

Resources

Readme
Activity
Custom properties

Stars

9 stars

Watchers

5 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages