tag:blogger.com,1999:blog-9088195457424254397.post4663330079811785333..comments2024-03-21T09:57:59.857+02:00Comments on Markus Janssonin Blogi: Sampo Pankin epäturvallinen nettipankki vakoilee käyttäjiäänUnknownnoreply@blogger.comBlogger7125tag:blogger.com,1999:blog-9088195457424254397.post-25425776739014279092009-07-10T11:48:16.621+03:002009-07-10T11:48:16.621+03:00Ei näytä kuin siinä tapauksessa, että annettu luku...Ei näytä kuin siinä tapauksessa, että annettu luku on 2 järjestyslukua pielessä.Markus Janssonhttps://www.blogger.com/profile/09685329373478640578noreply@blogger.comtag:blogger.com,1999:blog-9088195457424254397.post-71189059621505492702009-07-09T18:01:46.563+03:002009-07-09T18:01:46.563+03:00Itse asiassa Nordea muistaakseni näyttää kertakäyt...Itse asiassa Nordea muistaakseni näyttää kertakäyttösalasanan järjestysnumeron järjestysnumeron mutta vain, jos syöttää väärän numeron.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-9088195457424254397.post-20219921202590774472008-03-27T03:54:00.000+02:002008-03-27T03:54:00.000+02:00sampopankki verkko pankki joka ajaa käyttäjän kone...sampopankki verkko pankki joka ajaa käyttäjän koneella pcid.dll tiedoston javaa käyttäen kerää wmi:llä seuraavat tiedot ja kirjoittaa rekisteriin <BR/>[HKEY_CURRENT_USER\"Software\e-SafeKey]<BR/>"IStat"=<BR/><BR/><BR/>0002FBD PUSH pcid.100142BC UNICODE "ROOT\CIMV2"<BR/>10003069 PUSH pcid.100142AC ASCII "SELECT * FROM "<BR/>100030AB PUSH pcid.100142A8 ASCII "WQL"<BR/>10003479 PUSH pcid.1001430C ASCII "ProductName"<BR/>1000349E PUSH pcid.100142DC ASCII "SOFTWARE\Microsoft\Windows NT\CurrentVersion"<BR/>100035EB PUSH pcid.100142D4 ASCII "%.64s"<BR/>100036D6 PUSH pcid.10014318 ASCII "ProductId"<BR/>100036F8 PUSH pcid.100142DC ASCII "SOFTWARE\Microsoft\Windows NT\CurrentVersion"<BR/>1000373B PUSH pcid.100142D4 ASCII "%.64s"<BR/>10003801 PUSH pcid.10014330 ASCII "SerialNumber"<BR/>10003823 PUSH pcid.10014324 ASCII "Win32_BIOS"<BR/>10003883 PUSH pcid.100142D4 ASCII "%.64s"<BR/>10003A5B PUSH pcid.1001435C ASCII "GetDiskFreeSpaceExA"<BR/>10003A60 PUSH pcid.10014340 UNICODE "kernel32.dll"<BR/>10003B81 PUSH pcid.10014384 ASCII "DeviceID"<BR/>10003BA3 PUSH pcid.10014374 ASCII "Win32_Battery"<BR/>10003C03 PUSH pcid.100142D4 ASCII "%.64s"<BR/>10003CC1 PUSH pcid.10014330 ASCII "SerialNumber"<BR/>10003CE3 PUSH pcid.10014390 ASCII "Win32_BaseBoard"<BR/>10003D43 PUSH pcid.100142D4 ASCII "%.64s"<BR/>10003E01 PUSH pcid.10014384 ASCII "DeviceID"<BR/>10003E23 PUSH pcid.100143A0 ASCII "Win32_Keyboard"<BR/>10003E83 PUSH pcid.100142D4 ASCII "%.64s"<BR/>10003F41 PUSH pcid.10014384 ASCII "DeviceID"<BR/>10003F63 PUSH pcid.100143B0 ASCII "Win32_SoundDevice"<BR/>10003FC3 PUSH pcid.100142D4 ASCII "%.64s"<BR/>10004081 PUSH pcid.10014384 ASCII "DeviceID"<BR/>100040A3 PUSH pcid.100143C4 ASCII "Win32_USBController"<BR/>10004103 PUSH pcid.100142D4 ASCII "%.64s"<BR/>100041C1 PUSH pcid.100143F0 ASCII "Model"<BR/>100041E3 PUSH pcid.100143D8 ASCII "Win32_ComputerSystem"<BR/>10004243 PUSH pcid.100142D4 ASCII "%.64s"<BR/>10004329 PUSH pcid.10014424 ASCII "IStat"<BR/>1000434E PUSH pcid.10014410 ASCII "Software\e-SafeKey"<BR/>10004461 PUSH pcid.10014404 ASCII "e-SafeKey"<BR/>1000447F PUSH pcid.100143F8 ASCII "Software"<BR/>100044D5 PUSH pcid.10014424 ASCII "IStat"<BR/>100044FE PUSH pcid.10014410 ASCII "Software\e-SafeKey"<BR/>10004568 PUSH pcid.100142D4 ASCII "%.64s"<BR/>10004732 PUSH pcid.1001442C UNICODE "root/cimv2"<BR/>10004A81 PUSH pcid.10014478 ASCII "AdapterRAM"<BR/>10004AA3 PUSH pcid.10014444 ASCII "Win32_VideoController.DeviceID="VideoController1""<BR/>10004B03 PUSH pcid.100142D4 ASCII "%.64s"<BR/>10004BC1 PUSH pcid.100144A4 ASCII "ProcessorId"<BR/>10004BE3 PUSH pcid.10014484 ASCII "Win32_Processor.DeviceID="CPU0""Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-9088195457424254397.post-24169398763914164962008-03-27T03:01:00.001+02:002008-03-27T03:01:00.001+02:00package dk.danskebank.ec.ec.esafekey.businesslogic...package dk.danskebank.ec.ec.esafekey.businesslogic;<BR/><BR/>import dk.danskebank.ec.ec.esafekey.utility.Debug;<BR/>import dk.danskebank.ec.ec.esafekey.utility.Utility;<BR/>import java.io.*;<BR/>import java.util.Date;<BR/><BR/>public class JNILoader<BR/>{<BR/><BR/> public JNILoader()<BR/> throws Exception<BR/> {<BR/> throw new Exception("This class cannot be instantiated");<BR/> }<BR/><BR/> public static synchronized void loadJNI(int i, boolean flag)<BR/> throws Exception<BR/> {<BR/> Exception exception;<BR/> switch(i)<BR/> {<BR/> default:<BR/> throw exception = new Exception("Unknown JNI type");<BR/><BR/> case 1: // '\001'<BR/> loadJNI("pcid.dll", flag);<BR/> return;<BR/><BR/> case 2: // '\002'<BR/> loadJNI("regdb.dll", flag);<BR/> return;<BR/><BR/> case 3: // '\003'<BR/> loadJNI("pkcs11wrapper.dll", flag);<BR/> break;<BR/> }<BR/> }<BR/><BR/> private static void loadJNI(String s, boolean flag)<BR/> throws Exception<BR/> {<BR/> String s1 = null;<BR/> String s2 = createTmpName(s);<BR/> switch(Utility.detectOS())<BR/> {<BR/> default:<BR/> Debug.log("Warning: Cannot load jni for unknown operating system");<BR/> return;<BR/><BR/> case 1: // '\001'<BR/> s1 = "/jni/win/" + s;<BR/> break;<BR/><BR/> case 2: // '\002'<BR/> s1 = "/jni/linux/" + s;<BR/> break;<BR/><BR/> case 3: // '\003'<BR/> s1 = "/jni/mac/" + s;<BR/> break;<BR/> }<BR/> File file;<BR/> (file = new File(Utility.getComponentHome())).mkdirs();<BR/> boolean flag1 = true;<BR/> try<BR/> {<BR/> FileInputStream fileinputstream;<BR/> (fileinputstream = new FileInputStream(Utility.getComponentHome() + s2)).close();<BR/> File file1;<BR/> flag1 = (file1 = new File(Utility.getComponentHome() + s2)).delete();<BR/> }<BR/> catch(FileNotFoundException _ex) { }<BR/> catch(IOException _ex) { }<BR/> if(flag1)<BR/> writeJNIFile(s1, s2);<BR/> try<BR/> {<BR/> if(flag)<BR/> {<BR/> System.load(Utility.getComponentHome() + s2);<BR/> return;<BR/> }<BR/> }<BR/> catch(UnsatisfiedLinkError _ex)<BR/> {<BR/> Debug.log("Warning: Could not load file: " + Utility.getComponentHome() + s2);<BR/> }<BR/> }<BR/><BR/> public static void cleanup()<BR/> {<BR/> File file;<BR/> if((file = new File(Utility.getComponentHome())).isDirectory())<BR/> {<BR/> String as[] = file.list();<BR/> for(int i = 0; i < as.length; i++)<BR/> {<BR/> String s;<BR/> if((s = as[i]).substring(0, 3).equals("tmp") && s.endsWith(".dll"))<BR/> {<BR/> File file1 = new File(Utility.getComponentHome() + s);<BR/> try<BR/> {<BR/> file1.delete();<BR/> }<BR/> catch(Exception _ex)<BR/> {<BR/> Debug.log("Warning: Could not delete file: " + Utility.getComponentHome() + s);<BR/> }<BR/> }<BR/> }<BR/><BR/> }<BR/> }<BR/><BR/> public static String createTmpName(String s)<BR/> {<BR/> Date date;<BR/> long l = (date = new Date()).getTime();<BR/> return "tmp" + l + s;<BR/> }<BR/><BR/> public static void writeJNIFile(String s, String s1)<BR/> {<BR/> try<BR/> {<BR/> InputStream inputstream = dk.danskebank.ec.ec.esafekey.businesslogic.JNILoader.class.getResourceAsStream(s);<BR/> FileOutputStream fileoutputstream = new FileOutputStream(Utility.getComponentHome() + s1);<BR/> byte abyte0[] = new byte[1024];<BR/> for(int i = 0; (i = inputstream.read(abyte0)) != -1;)<BR/> fileoutputstream.write(abyte0, 0, i);<BR/><BR/> inputstream.close();<BR/> fileoutputstream.close();<BR/> return;<BR/> }<BR/> catch(Exception _ex)<BR/> {<BR/> Debug.log("Warning: Could not write file: " + Utility.getComponentHome() + s1);<BR/> }<BR/> }<BR/><BR/> public static final int JNI_PCID = 1;<BR/> public static final int JNI_REGDB = 2;<BR/> public static final int JNI_PKCS11 = 3;<BR/>}Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-9088195457424254397.post-58104049788651132852008-03-27T03:01:00.000+02:002008-03-27T03:01:00.000+02:00package dk.danskebank.ec.ec.esafekey.businesslogic...package dk.danskebank.ec.ec.esafekey.businesslogic;<BR/><BR/>import dk.danskebank.ec.ec.esafekey.utility.Debug;<BR/>import dk.danskebank.ec.ec.esafekey.utility.Utility;<BR/>import java.io.FileInputStream;<BR/>import java.io.FileOutputStream;<BR/><BR/>// Referenced classes of package dk.danskebank.ec.ec.esafekey.businesslogic:<BR/>// CryptoKernel, JNILoader<BR/><BR/>public class IDFactory<BR/>{<BR/><BR/> public IDFactory()<BR/> throws Exception<BR/> {<BR/> try<BR/> {<BR/> isLoaded();<BR/> return;<BR/> }<BR/> catch(UnsatisfiedLinkError _ex)<BR/> {<BR/> JNILoader.loadJNI(1, true);<BR/> }<BR/> }<BR/><BR/> public String getIDs()<BR/> {<BR/> String s;<BR/> byte abyte0[];<BR/> try<BR/> {<BR/> FileInputStream fileinputstream;<BR/> abyte0 = new byte[(fileinputstream = new FileInputStream(Utility.getComponentHome() + "global.dat")).available()];<BR/> fileinputstream.read(abyte0);<BR/> fileinputstream.close();<BR/> }<BR/> catch(Exception _ex)<BR/> {<BR/> byte abyte1[];<BR/> abyte0 = CryptoKernel.getB64Hash(abyte1 = CryptoKernel.getRandom(20), "SHA256").getBytes();<BR/> try<BR/> {<BR/> FileOutputStream fileoutputstream;<BR/> (fileoutputstream = new FileOutputStream(Utility.getComponentHome() + "global.dat")).write(abyte0);<BR/> fileoutputstream.close();<BR/> }<BR/> catch(Exception _ex2)<BR/> {<BR/> abyte0 = new byte[44];<BR/> for(int j = 0; j < abyte0.length; j++)<BR/> abyte0[j] = 25;<BR/><BR/> }<BR/> }<BR/> try<BR/> {<BR/> s = getID(Utility.getComponentHome(), new String(abyte0, "ISO-8859-1"), System.getProperty("os.arch"), System.getProperty("os.name"), System.getProperty("os.version"), System.getProperty("user.name"), System.getProperty("java.vm.vendor"));<BR/> String as[] = {<BR/> "C0", "C1", "C2", "C3", "C4", "C5", "C6", "C7", "C8", "C9", <BR/> "CA", "CB", "CC", "CD", "CE", "CF", "CG", "CH", "CI", "CJ", <BR/> "CK", "CL", "CM", "CN", "80", "81", "82", "83", "84", "85", <BR/> "86", "87", "88", "89", "8A", "8B", "8C", "8D", "8E", "8F", <BR/> "8G", "8H", "8I", "8J", "8K", "8L", "8M", "8N", "40", "41", <BR/> "42", "43", "44", "45", "46", "47", "48", "49", "4A", "4B", <BR/> "4C", "4D", "4E", "4F", "4G", "4H", "4I", "4J", "4K", "4L", <BR/> "4M", "4N"<BR/> };<BR/> boolean flag = true;<BR/> for(int i = 44; i < s.length(); i += 46)<BR/> {<BR/> String s1 = s.substring(i, i + 2);<BR/> boolean flag1 = false;<BR/> for(int k = 0; k < as.length; k++)<BR/> {<BR/> if(!s1.equals(as[k]))<BR/> continue;<BR/> flag1 = true;<BR/> break;<BR/> }<BR/><BR/> if(flag1)<BR/> continue;<BR/> flag = false;<BR/> break;<BR/> }<BR/><BR/> if(!flag)<BR/> {<BR/> Debug.log("Illegal PCID (rejected): " + s);<BR/> s = "";<BR/> }<BR/> JNILoader.cleanup();<BR/> break MISSING_BLOCK_LABEL_737;<BR/> }<BR/> catch(UnsatisfiedLinkError _ex)<BR/> {<BR/> Debug.log("Warning: No PCID generated.");<BR/> }<BR/> return "";<BR/> try<BR/> {<BR/> return s;<BR/> }<BR/> catch(Exception exception)<BR/> {<BR/> Debug.log("Warning: No PCID generated.");<BR/> Debug.log(exception);<BR/> return "";<BR/> }<BR/> }<BR/><BR/> private native String getID(String s, String s1, String s2, String s3, String s4, String s5, String s6);<BR/><BR/> private native void isLoaded();<BR/>}Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-9088195457424254397.post-46228575202127725462008-03-26T14:33:00.000+02:002008-03-26T14:33:00.000+02:00Joo, huomasin just saman itsekin. Aika säälittävää...Joo, huomasin just saman itsekin. Aika säälittävää toimintaa Sampo Pankilta.<BR/><BR/>Pitääpä hakea jostain IRC:stä noita skriptipätkiä ja kokeilla itsekin mitä kaikkea hauskaa niillä saakaan aikaiseksi. Heh. Tietysti jos jollakin on jo valmiina, niin postatkaapa tänne vaan tai pistäkää sähköpostitse mulle. ;)Markus Janssonhttps://www.blogger.com/profile/09685329373478640578noreply@blogger.comtag:blogger.com,1999:blog-9088195457424254397.post-69979960281951181082008-03-26T13:14:00.000+02:002008-03-26T13:14:00.000+02:00No nyt sitten on cross-site skriptauskin mahdollis...No nyt sitten on cross-site skriptauskin mahdollista: http://www.digitoday.fi/tietoturva/2008/03/26/Sampo+pankin+sivut+avoinna+kalastelijoille/20088576/66Timo Shttps://www.blogger.com/profile/07078277847331182973noreply@blogger.com