October 5, 2017 lawrenceamer no responses

AnyDesk – leaking users sessions IP

Want create site? With Free visual composer you can do it easy.

Hi .

first if all i was using team viewer for a while , and it was really good in sharing screen and for team cooperation , so after that i was looking forward to try something fast,stable,tiny and Anydesk program was the choice .

from hackers point of views the first thing to do is to pen test and try to find a suitable program for your privacy and safety .

then i started to analyze the application from software security until network protocols , relay servers ..etc , and every thing was cool , until i have discovered that the software is vulnerable to leaking the Private IP Address of users during the session ,

any desk after accepting the connection from sharer screen will encrypt your traffic , and secure your ip address with their relay servers and your privacy will be good . but the weakness occurs when incoming connection request is coming to you as [ hacker] , you will be able to retrieve other user ip address without interaction .

so in this case i have opened the case with AnyDesk and followed the current procedures to make sure that they are clearly read and explain all the details in this report , but they kindly replay with this as shown in picture ,

 

in this condition , talking about in public is acceptable until they can push another fix to at least secure the privacy of users , since they consider it as not a vulnerability .

 

Did you find apk for android? You can find new Free Android Games and apps.
Share it!
Aenean mattis venenatis

Leave a Reply

Your email address will not be published. Required fields are marked *

Lawrence Amer | OSCP – CPTE