Help
  • Explore Community
  • Get Started
  • Ask the Community
  • How-To & Best Practices
  • Contact Support
Notifications
Login / Register
Community
Community
Notifications
close
  • Forums
  • Knowledge Center
  • Events & Webinars
  • Ideas
  • Blogs
Help
Help
  • Explore Community
  • Get Started
  • Ask the Community
  • How-To & Best Practices
  • Contact Support
Login / Register
Sustainability
Sustainability

Join our "Ask Me About" community webinar on May 20th at 9 AM CET and 5 PM CET to explore cybersecurity and monitoring for Data Center and edge IT. Learn about market trends, cutting-edge technologies, and best practices from industry experts.
Register and secure your Critical IT infrastructure

DCE bug allows "screenscraping" of backup share credentials

EcoStruxure IT forum

Schneider Electric support forum about installation and configuration for DCIM including EcoStruxure IT Expert, IT Advisor, Data Center Expert, and NetBotz

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
  • Home
  • Schneider Electric Community
  • EcoStruxure IT
  • EcoStruxure IT forum
  • DCE bug allows "screenscraping" of backup share credentials
Options
  • Subscribe to RSS Feed
  • Mark Topic as New
  • Mark Topic as Read
  • Float this Topic for Current User
  • Bookmark
  • Subscribe
  • Mute
  • Printer Friendly Page
Invite a Co-worker
Send a co-worker an invite to the portal.Just enter their email address and we'll connect them to register. After joining, they will belong to the same company.
You have entered an invalid email address. Please re-enter the email address.
This co-worker has already been invited to the Exchange portal. Please invite another co-worker.
Please enter email address
Send Invite Cancel
Invitation Sent
Your invitation was sent.Thanks for sharing Exchange with your co-worker.
Send New Invite Close
Top Experts
User Count
Cory_McDonald
Admiral Cory_McDonald Admiral
124
Jef
Admiral Jef Admiral
108
gsterling
Captain gsterling Captain
71
APC_Steve
Captain APC_Steve Captain
62
View All

Invite a Colleague

Found this content useful? Share it with a Colleague!

Invite a Colleague Invite
Back to EcoStruxure IT forum
DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-03 09:51 PM . Last Modified: ‎2024-04-07 11:34 PM

0 Likes
7
1172
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-03 09:51 PM . Last Modified: ‎2024-04-07 11:34 PM

DCE bug allows "screenscraping" of backup share credentials

I discovered to day that the windows backup share setting dialog allows you to screen scrape the password of the user.  Not good since this is often the users windows / domain password.

FYI I used AsteriskKey to get the passwords.

The same is true for every password / sensitive field in the dialog boxes that are used to set up / edit an SNMP config template.

Version of DCE is 7.4.3

Thought it best to not post this publicly...

(CID:123348323)

Labels
  • Labels:
  • Data Center Expert
  • Tags:
  • bug
  • security
Reply

Link copied. Please paste this link to share this article on your social media post.

  • All forum topics
  • Previous Topic
  • Next Topic
Replies 7
DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-03 09:51 PM . Last Modified: ‎2024-04-07 11:34 PM

0 Likes
2
1172
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-03 09:51 PM . Last Modified: ‎2024-04-07 11:34 PM

Hi Garry,

 

I can and will forward this to engineering. You've tested this on previously saved screens and not something you just entered correct?


Steve

(CID:123348345)

Reply

Link copied. Please paste this link to share this article on your social media post.

DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-03 09:51 PM . Last Modified: ‎2024-04-07 11:34 PM

In response to DCIM_Support
0 Likes
0
1172
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-03 09:51 PM . Last Modified: ‎2024-04-07 11:34 PM

I tested it today on several dialog boxes in the SNMP template creation and editing, and was also able to find out a colleagues laptop password from the Backup screen.  I knew it used to be possible for all users on DCE but this got corrected at version 7.4+?

The clue was that the field lengths were shorter (less asterisks were displayed) than normal since the 7.4+ update.  The screen scraper returns DEFAULT_PASSWORD on 'protected' password fields which is actually displayed as ****************  - 16 asterisks as there are 16 chars in "DEFAULT_PASSWORD"

An example today also was that I was able to scrape the passwords from NMC that had their credentials changed using a saved SNMP config template.  Actually very useful 😀 arguably not secure. Truth is I can't do any of this unless I have the DCE server Administrative access anyway, so is it that insecure?

 

The image above is an example of what I mean, (but is not the one I did today)

(CID:123348358)

Reply

Link copied. Please paste this link to share this article on your social media post.

DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-03 09:51 PM . Last Modified: ‎2024-04-07 11:34 PM

In response to DCIM_Support
0 Likes
0
1172
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-03 09:51 PM . Last Modified: ‎2024-04-07 11:34 PM

Hi Garry,

Yea, looks like they fixed it at least in 7.4.3. I tried and as long as I save and go back to the dialog, I just see default_password too:

 

Steve

(CID:123348678)

Reply

Link copied. Please paste this link to share this article on your social media post.

DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-03 09:51 PM . Last Modified: ‎2024-04-07 11:34 PM

0 Likes
0
1172
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-03 09:51 PM . Last Modified: ‎2024-04-07 11:34 PM

Hi Steve - I was on another site on Thursday and managed to get the customers share password from their backup config using this same method.  I had not set up this backup or logged into this server locally before until Thursday and the server is on V7.4.3.

 

I have no idea why we are getting what appears to be different behaviour.  The only thing I can think of is that the Servers I was connected to were all upgraded from previous versions.  Was the one you were using a clean install at 7.4.3 or was it upgraded too?

 

(CID:123996069)

Reply

Link copied. Please paste this link to share this article on your social media post.

DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-03 09:51 PM . Last Modified: ‎2024-04-07 11:34 PM

0 Likes
0
1172
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-03 09:51 PM . Last Modified: ‎2024-04-07 11:34 PM

Hi Garry,

 

I think it may have been a restore. Do you know what version(s) of java they have on their system?

 

Steve

(CID:123996099)

Reply

Link copied. Please paste this link to share this article on your social media post.

DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-03 09:52 PM . Last Modified: ‎2024-04-07 11:34 PM

0 Likes
0
1172
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-03 09:52 PM . Last Modified: ‎2024-04-07 11:34 PM

Hey Garry,

Did you find out anything more about the customer's client....any other versions of Java? After requesting that kind of info I thought more about your suggestion about it being a system that has been updated multiple times vs something that has been recently restored. I'm thinking that really should't matter. You're not capturing anything from the server, you're pulling the data from the client. The client should pull any required data regardless of the server. An install of the client on a fresh system should be able to tell.


Steve

(CID:123996731)

Reply

Link copied. Please paste this link to share this article on your social media post.

DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-03 09:52 PM . Last Modified: ‎2023-10-22 01:23 AM

0 Likes
0
1172
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-03 09:52 PM . Last Modified: ‎2023-10-22 01:23 AM

superhero.png

This question is closed for comments. You're welcome to start a new topic if you have further comments on this issue.

Reply

Link copied. Please paste this link to share this article on your social media post.

To The Top!

Forums

  • APC UPS Data Center Backup Solutions
  • EcoStruxure IT
  • EcoStruxure Geo SCADA Expert
  • Metering & Power Quality
  • Schneider Electric Wiser

Knowledge Center

Events & webinars

Ideas

Blogs

Get Started

  • Ask the Community
  • Community Guidelines
  • Community User Guide
  • How-To & Best Practice
  • Experts Leaderboard
  • Contact Support
Brand-Logo
Subscribing is a smart move!
You can subscribe to this board after you log in or create your free account.
Forum-Icon

Create your free account or log in to subscribe to the board - and gain access to more than 10,000+ support articles along with insights from experts and peers.

Register today for FREE

Register Now

Already have an account? Login

Terms & Conditions Privacy Notice Change your Cookie Settings © 2025 Schneider Electric

This is a heading

With achievable small steps, users progress and continually feel satisfaction in task accomplishment.

Usetiful Onboarding Checklist remembers the progress of every user, allowing them to take bite-sized journeys and continue where they left.

of