Date   : Fri, 25 Nov 2011 06:30:34 +0100
From   : rick@... (Rick Murray)
Subject: Request for Help - Security Research Project

On 24/11/2011 23:49, jgh@... wrote:

> Without any further testing I'll take your word for it. I suspect, but
> haven't dug down enough, that the encryption is also dependant on the
> client station ID.

Even if so, I suspect it will be a deterministic factor, for example:

   EOR with (32 + StationID)

so once the pattern is known, enough data can be gleaned from 
intercepting the network transmissions to permit the password to be 
reconstituted.

Think about it - you have both parts of the network transmission, you 
have the numbers of both stations, and you probably have your own logon 
upon which to sniff and test *known* passwords. If you modify your 
password say half a dozen times with known phrases, and then try this on 
two or three different stations, you'll have a good data sample to examine.



> I need a few more stations on the network to do the required testing
> (or need to get around to disassembling the FS code a bit more).

Was this standard? I've just eyeballed RISC OS NetFS and I don't see any 
provision for this...
<https://www.riscosopen.org/viewer/view/castle/RiscOS/Sources/FileSys/NetFS/NetFS/s/Commands?rev=4.3;content-type=text%2Fx-cvsweb-markup>

If I'm bored, I might see if I can dig out my partial copy of the RISC 
OS 2 code, have a look in there... though given the number of references 
to "Arthur" in the code, I don't really think NetFS has had any major 
changes since, like... then.


Best wishes,

Rick.

-- 
Rick Murray, eeePC901 & ADSL WiFI'd into it, all ETLAs!
BBC B: DNFS, 2 x 5.25" floppies, EPROM prog, Acorn TTX
E01S FileStore, A3000/A5000/RiscPC/various PCs/blahblah...