Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:13340
HistoryJun 27, 2006 - 12:00 a.m.

GlobeTrotter Mobility Manager - security issue

2006-06-2700:00:00
vulners.com
14
JSON

Discovered by Damian Zelek -> [03 April 2006]
Published -> [23 June 2006]
Vendor was informed -> [24 April 2006]
Vendors answer -> "We will talk with our Department of Software" :-D

Summary:
GlobeTrotter Mobility Manager is a unique PC software solution that enables fast, simple and easy
access to wireless data whilst hiding from the user the complexity of the underlying wireless
technologies. GlobeTrotter Mobility Manager seamlessly controls both wireless Internet and fixed line
dial-up connections to remote networks with support for 3G, E-GPRS, GPRS/GSM, WLAN/Wi-Fi, ADSL and
standard PC modem connections. More info about software:
http://www.option.com/news/detail.cfm?newsitemgroup_id=84

Details:
There's a security issue in the implementation of virtual-keyboard.

As we all know virtual-keyboards should prevent from "keyloggers". In GlobeTrotter Mobility Manager
[GTMM] implementation of virtual-keyboard when we "click" on some figure [for example when we are
typing our PIN code] we can see effect of "active button", so good keylogger which can makes
screenshoots will "sniff" that codes even when there's a virtual-keyboard.

Good virtual-keyboard shouldnt change view/size/depth/color/etc of button when someones is "clicking"
on it [it should have "stoned-face"]. That issue/problem was mentioned many times, for example on
SecurityFocus [publication, arts].

When I was making tests, my own short-coded keylogger easily "catched" [via screenshoots] all PIN
codes that I was typing throught "bad" implementation of virtual-keyboard [in GlobeTrotter
implementation of virtual-keyboard when we "click" on button it changes its color + we can see
depth-effect]. As soon as it's possible Option Wireless Technology should fix that issue in software.
When we have a good implementation of virtual-keyboard, when we click on some button that button doesnt
change color/size or other effects of "active button". So even if keylogger is making a good
screenshoots we do know nothing about typing password (especially when user likes to "fly-only" [even
unintentionally] over many buttons, but click only 4 of them).

Developers should read this: http://www.securityfocus.com/infocus/1829 [section Preventing Keystroke
Capture.]

BTW. I didnt published it earlier because I thought that vendor will quickly fix it, but when I saw on
the Internet that many "bad programms" are already waiting for GTMM, I decided to inform all of You
(especially GTMM users). Beware :-D

PoC screenshoot ::
http://img45.imageshack.us/my.php?image=poc7ik.jpg

JSON