Another recent review of mine, about AMMYY Admin software – usually used for quick and easy remote access to computer.
1. Fast [it is damn fast, indeed]
2. Simple for end user: Click – Run – Spell – Approve.
3. No installation required (possible, but not have to) + free.
4. Embedded File Explorer to transfer files between computers (both ways)
5. Secure [so they say, at least!] ….
Now, what we know about it else?
1. You run client, and got ID. If You run few computers in line – ID numbers increase, so eventually (sometimes it +2, sometimes +4) so eventually You can guess newly run clients ID.
2. ID of PC in AMMYY not that simple to renew to average user (I still not found, but it there I’m sure ), so once assigned, ID is permanent per machine.
3. To get access, You only need to press Accept in small pop-up window like this:
Looks friendly and “trust me, I am know what to do”, no? 🙂 So – accepting remote connection require only one click from user.
4. Take a good look of what is enabled on Accept window [previous screenshot]. File Manager? Yes. With System permissions by default 🙂 See Screenshot2:
5. Last and not least, as You may see in default configuration for Network:
6. And finally, when minimized, AMMYY directly hidden to tray. In newer Vista\WIn7 systems it completely disappear from user’s eyes. And – continue to run. 🙂
Now, as “pure evil” Black Hat hacker, let’s combine :))
Open AMMYY, check Your ID, add +1 and enter in Connect window. Press Connect
Responses of AMMYY:
The Computer ID=[NUMBER] wasn’t found – computer with current ID is not present, or offline.
Waiting for authorization from remote PC – computer is Online, request sent, waiting for user action
Remote computer rejected your query to access – user declined Your request.
Exceeded session limit – someone already connected
Now, final results, without HOWTO
- In properly catched sequence – each second computer is online
- Each forth computer, from those who online, approve Your request to connect – 25 % success.
- If You retry request 2-3 times to the same ID – success is up to 50%
- From 10 computers that Reject initial sessions, during 24 hours period 33% allow access when attempt repeated.
- Almost 30% of all once successfully identified online computers available for significant amount of time later (tested for 2 weeks)
- None of approved connection clients not disabled File Explorer feature of AMMYY
And, finally, I was in a middle of typing my ideas to AMMYY tech support, when found this thread from support forum:
It dated 19.09.2010. [if deleted – i have screenshots]. Nothing to add – problem is acknowledged by vendor. Solution – change by Yourself.
Actually, AMMYY have a lot of good, useful and handy features indeed. Including security improvements. But: this piece of software advertised as SIMPLE RUN & USE. So all customers do so. So – as You may see – they in security problem.
By the way, it’s not a problem at all to enumerate online users ID of AMMYY.
Please, use safe software, teach Your customers how to use it and have a great day.