UC attracts more and more chat users with its low resource consumption and complete functions. Since there are not many attacks against UC, many users are taken care of by the security of UC. Here I introduce a UC vulnerability to everyone, I hope everyone will strengthen their security awareness.
Easy Peeping - Modify UC to implement password-free automatic login
For convenience, you will often set UC to "automatic login". So when we run UC on the network, UC will automatically log in, avoiding the trouble of entering our password. The vulnerability I am going to say is hidden in the "automatic login" function.
To verify the correctness of this vulnerability, we installed two UC clients on the machine. Use the "automatic login" and "normal login" methods to log in to the UC, and use the file editor "UltraEdit" to open the two "UC.exe" files that have been automatically logged in and logged in. Obviously, the difference between the two can be seen (Figure 1 is the UC executable file after automatic login, Figure 2 is the UC executable file in normal login mode). FIG
UC
main routine of FIG. 1 in an automatic logon mode UC main
under normal login mode 2
By comparison analysis can be found, the same number of the first four lines It is the same as the last three bytes of code. In the last line, only the fourth and sixth bytes of the countdown are different (the parts marked with dark colors in Figures 2 and 3). And there is a feature that the value of the automatic login method is "1" (hexadecimal value) larger than the value of the normal login.
When we log in with other UC numbers, we find that they all have the same pattern. Seeing this, I believe that many of my friends know that as long as the UC file that does not select "automatic login" is added with "1" in the corresponding position with "UltraEdit", it can be modified to automatically log in. This way, others can log in directly to UC without entering your login password. What privacy is there with UC!
Deep Mining - Password Viewing Software to Find UC Passwords
This method is better by modifying the main program file, but the technical requirements are relatively high. The method we will introduce below is simple and practical. This is also the method that most people generally adopt, but it is not as flexible as the method of modifying the main program file.
Software such as the "asterisk viewer" is now everywhere, everywhere. When we select "Auto Login", the UC password will be displayed with the "*" sign. Take the "Viewpass" password viewing software as an example (Figure 3). Figure 3 "Viewpass" is an asterisk under a command-line prompt viewer
according to the software, as long as you move the mouse to the password box, asterisks password will be displayed automatically. Use "UltraEdit" to modify the UC login mode to "automatic login". Select "Menu" → "Change User". When changing the user interface, just move your mouse over the password box and the password will appear immediately (Figure 4). 4 Move your mouse over the password box you can see the password.
these two methods to crack passwords UC, time is not more than one minute. No matter what software, or the old saying "safety first."
cf embedded QT voice, cross-fire walkie-talkie function shocked, in the battle scene, press and hold
Now, many netizens have purchased a good and cheap camera, and can video chat with other friends. Ho
Q: How do the horses breed? A: Reproduction needs to meet the following conditio
When you transfer a very large file, if you use Foxmail, Outlook or QQ to operate
Edit user's registry without logging in
Video troubleshooting solutions for four cases
Reasons for not completing the download and solutions
Transfer "big chunks" simply transfer large files
Teach you how to print transparent labels with a printer
Jianling 1-5 file effect difference
Teach you how to recover data from CD-RW bad discs
Can DNF be double open, which double open tool is good
Win7 5.1 channel settings graphic tutorial
Windows7 system download total drop how to solve (1)
Win7 how to close the pop-up window that sends an error report when an error occurs in the system
Win7 system prompts can not set up a family group how to do?
How to delete the stubborn video files under several XP systems
How to delete accounts in Windows 7
Win8.1 system using the administrator administrator account login method
Master tricks teach you to play "open" way (a)
After connecting to VPN under Windows 8, the display shows limited