Password encryption (was Re: [icq-devel] Family 2 SNACs on ICQ)



Zoe Smale skyerat at hotmail.com
Sat Feb 16 06:47:56 CET 2002


>starting from the very basics..plain text data and a hardcored bytes
>table xored
>password..turns any interesting protocol into crap.

On the subject of passwords, has anyone tried using the AIM logon process on 
an ICQ server? I don't know the exact details, but it looks like it involves 
the server sending a challenge string which the client combines with its 
password and sends back as an MD5 digest. It certainly seems a lot more 
secure than the ICQ logon.

If anyone is interested, I'm sure you can find the details in gaim. The 
SNACs involved are 17/6, 17/7, 17/2 and 17/3. Most of the TLVs look the same 
as those used by ICQ channel 1 packets.

Regards
- Zoe


_________________________________________________________________
Chat with friends online, try MSN Messenger: http://messenger.msn.com




More information about the icq-devel mailing list