topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Saturday December 14, 2024, 6:57 am
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: iTunes Password Recovery (advice) Needed  (Read 6920 times)

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,649
    • View Profile
    • Donate to Member
iTunes Password Recovery (advice) Needed
« on: October 03, 2011, 06:36 PM »
Okay, first off yes it's a client machine ... I haven't lost my mind. :)

Google search results all seem to point to one password recovery tool, but there are more that a few things about it that just don't feel right.

It says it "portable", but comes (only) with a setup program.

It claims to have a command line version ... Which I'll be damned if I can find.

 - But seeing that the client's machine is already infected seven ways to Sunday... I figured what the hell and set it off anyhow -

The "Portable" setup claimed to be downloading something during the install. It claimed that it downloaded some-damn-thing.exe on port 53??? successfully. Even though the machine was running off-Wire, and in Safe Mode.

Now knowing the owner of said machine quite well, I do believe that the PW it claims to have recovered is legit ... But none the less, I find the apps behavior quite troubling.

So has anyone else seen/used/heard of this widget??

Renegade

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 13,291
  • Tell me something you don't know...
    • View Profile
    • Renegade Minds
    • Donate to Member
Re: iTunes Password Recovery (advice) Needed
« Reply #1 on: October 04, 2011, 12:07 AM »
Never heard of it. :(

For the download, it might just be that it looks for an update, and has the messages wrong, e.g. update file 123.exe, no network, file 123.exe is still there, oh well... success!

The worrisome thing seems to be that passwords can be retrieved from browsers like that. :(
Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker

Carol Haynes

  • Waffles for England (patent pending)
  • Global Moderator
  • Joined in 2005
  • *****
  • Posts: 8,069
    • View Profile
    • Donate to Member
Re: iTunes Password Recovery (advice) Needed
« Reply #2 on: October 04, 2011, 03:04 AM »
Sounds suspicious to me - why not just get your friend to ask iTunes CS to send or reset the lost password? On the few occasions I have contacted them they have been pretty quick to respond and helpful (not that I have shopped at iTunes in the last couple of years).

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,859
    • View Profile
    • Donate to Member
Re: iTunes Password Recovery (advice) Needed
« Reply #3 on: October 04, 2011, 06:57 AM »
Scary site these guys have.

While it looks legit, it's just a little too perfect to my eyes. But I'm The cagey type when it comes to security. Especially crack tools.

Thats one of the reasons why I prefer open source software when it comes to security tools. Backdoors and Trojans get spotted a lot more easily if they're lurking in those.

Opening a port may not in itself be cause for alarm. But with a black box app, opening a port without asking, or (at the very least) without advance notice and explanation is considerably more worrisome.

Did some quick research and haven't found much of anything about the website as far as commentary or reviews. Which is odd considering how big and fancy that website is. Freebie info sites usually start small. You'd think the usual tech blogs would have covered it.

Maybe it's brand new? Which, if so, would also be a little odd considering how extensive and polished it is for a non-sales site. Didn't spot a single typo either. It's all extremely professional.

I'd want to know a lot more verifiable info about securityexploded.com and the people behind it before I'd be comfortable using anything they offer for download. Until then, I'd be very cautious.

But that's me.   ;D



Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,649
    • View Profile
    • Donate to Member
Re: iTunes Password Recovery (advice) Needed
« Reply #4 on: October 04, 2011, 07:06 AM »
Never heard of it. :(

Me either, hence the question ;) ...But them again I maintain a vigilant iBan so it's hardly a shock I'd not run across it before. I had hoped you'd seen something of the nature before.


For the download, it might just be that it looks for an update, and has the messages wrong, e.g. update file 123.exe, no network, file 123.exe is still there, oh well... success!

While it was tempting to give it quarter in that fashion, the timeout just didn't feel right. Way to short to be a web check, and way to long to be an adapter check. Socket timeouts tend to be a real bitch unless you take great paint to slam it shut ... Which is of course in itself a rather odd behavior. Not to mention that getting the messages backwards is a pretty rookie mistake, and there is not a lot of rookies writing hacking tools. :)


The worrisome thing seems to be that passwords can be retrieved from browsers like that. :(

I've used many password recovery tools for all kind of things so its existence is hardly shocking. But it is part of why I use f0dder's fskrit and never store passwords anywhere in the system.



Sounds suspicious to me - why not just get your friend to ask iTunes CS to send or reset the lost password? On the few occasions I have contacted them they have been pretty quick to respond and helpful (not that I have shopped at iTunes in the last couple of years).

(Um...) *Shrug* Cracking tools are faster and more fun that sitting on hold waiting for tech support to rescue you from yourself.  :D

(But seriously...) I've had really good luck with this type of tool in the past ... This ones behavior just made me really uneasy about it's true intentions.


I did finally get past the rootkit (bootrec /fixmbr) last night and have at least partial control of the shell but the box still has major issues. I just like to play with one of the Uber infested machines now and then to see how long it takes (/if it can be) to get it completely cleaned.

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,649
    • View Profile
    • Donate to Member
Re: iTunes Password Recovery (advice) Needed
« Reply #5 on: October 04, 2011, 07:12 AM »
Scary site these guys have.

While it looks legit, it's just a little too perfect to my eyes. But I'm The cagey type when it comes to security. Especially crack tools.

Thats one of the reasons why I prefer open source software when it comes to security tools. Backdoors and Trojans get spotted a lot more easily if they're lurking in those.

Opening a port may not in itself be cause for alarm. But with a black box app, opening a port without asking, or (at the very least) without advance notice and explanation is considerably more worrisome.

Ding! Ding! Ding! :Thmbsup: ...Give that man a prize!

Did some quick research and haven't found much of anything about the website as far as commentary or reviews. Which is odd considering how big and fancy that website is. Freebie info sites usually start small. You'd think the usual tech blogs would have covered it.

Maybe it's brand new? Which, if so, would also be a little odd considering how extensive and polished it is for a non-sales site. Didn't spot a single typo either. It's all extremely professional.

I'd want to know a lot more verifiable info about securityexploded.com and the people behind it before I'd be comfortable using anything they offer for download. Until then, I'd be very cautious.

But that's me.   ;D





It really is spooky how much time we spend on the same page.

But like I said before the box was already completely torched ... So I gave it a shot. And sofar It hasn't made any other attempts to (Um...) share its findings with a mothership.

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,859
    • View Profile
    • Donate to Member
Re: iTunes Password Recovery (advice) Needed
« Reply #6 on: October 04, 2011, 09:28 AM »

It really is spooky how much time we spend on the same page.


Similar jobs. Similar interests. Anybody that does what we do tends to independently arrive at much the same conclusions and hold much the same attitudes towards things. (I'll even bet you like redheads too!)

They don't lump us together and call us geeks (I prefer 'wonks') for nothing. ;D

P.S. I agree with you. If the box is already compromised and FUBARed to the nines, it's the perfect teaching lab for screwing around with. Now you can try out stuff you'd never dare play with on a working system. And guilt free too! (I know you already got the user's data off it.) So why not have a little fun? Heck, if you're not real careful, you could even learn something - as Bill Cosby used to say. :Thmbsup:
« Last Edit: October 04, 2011, 09:35 AM by 40hz »

Eóin

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,401
    • View Profile
    • Donate to Member
Re: iTunes Password Recovery (advice) Needed
« Reply #7 on: October 04, 2011, 09:39 AM »
The worrisome thing seems to be that passwords can be retrieved from browsers like that. :(

The browser themselves have to be able to get at the password in plaintext if they're to submit it to the server, so unless they store the passwords in another password encrypted database it's no real surprise other programs can recover them.

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,649
    • View Profile
    • Donate to Member
Re: iTunes Password Recovery (advice) Needed
« Reply #8 on: October 04, 2011, 11:18 AM »
(I'll even bet you like redheads too!)

Oh for me it's (much worse) compulsory ... I am one. ;)


I used to love watching Fat Albert and the Cosby kids on Saturdays

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,859
    • View Profile
    • Donate to Member
Re: iTunes Password Recovery (advice) Needed
« Reply #9 on: October 04, 2011, 11:56 AM »
(I'll even bet you like redheads too!)

Oh for me it's (much worse) compulsory ... I am one. ;)


Be sure to reproduce. There can never be enough redheads in the world. (Skips generations on my mother's side of the family. Go Celts and Bretons!) I'm in the in-between group. None in mine. One in my niece's. :D
 :Thmbsup: