Vulnerability in ZOOM allows attackers to crack any private meeting passwords by brute-force.
Vulnerability found in the Zoom video conferencing app allows attackers to crack private meeting passwords using Brute-Force. Tom Anthony, VP Product at SearchPilot, found the vulnerability and said “Zoom meetings are (were) default protected by a 6 digit numeric password, meaning 1 million maximum passwords,”
According to the discovery, the attackers were able to guess any private meeting’s password by trying all possible combinations until finding the correct one in the Zoom web client. Earlier, Zoom also came under heavy scrutiny from security companies and privacy advocates, which pushed it to improve the security of its users, including through implementing end-to-end encryption and through revamping its bug bounty program.
A user requires an auto-generated password to join a Zoom meeting. Moreover, the PWD parameter be removed from the link when attempting to join using the web client, the user is provided with a login screen.
So a few months ago I realised Zoom doesn't rate limit password attempts for meetings, and has only 1 million passwords. Meaning you could join private meetings within minutes. 😮 https://t.co/NDUEmzUprX
— Tom Anthony (@TomAnthonySEO) July 29, 2020
“However, the speed is limited by how quickly you can make HTTP requests, which have a natural latency which would make cracking a password a slow process; the server-side state means you have to wait for the first request to complete before you can send the second,” Anthony explains.
The researcher claimed that he was able to generate a correct password after checking over 40,000 of them in approximately half an hour, but notes that the process could be much faster when running multiple threads distributed across several cloud servers.
If you use private Zoom meetings then you must know that the meeting does not require users to log in to the meeting using the password again, this means once cracked the attacker can access all the meetings that are further created in the room.
The researcher later informed the Zoom developer team and the bug was solved by the team within a week. Meanwhile, the company also suggested the researcher apply the bug to their bug bounty program to receive the monetary reward.
For more news on tech and cybersecurity stay tuned on Android Rookies by subscribing to our newsletter from here.