Security Basics mailing list archives

Re: Hotmail sign-in through Outlook Express -- clear-text?

From: "Anders Reed Mohn" <anders_rm () utepils com>
Date: Fri, 6 Jun 2003 10:37:39 +0200


----- Original Message ----- 
From: "Kenzo" <kenzo_chin () hotmail com>
To: <security-basics () securityfocus com>
Sent: Friday, May 23, 2003 9:04 PM
Subject: Re: Hotmail sign-in through Outlook Express -- clear-text?

I'm pretty sure that it's not encrypted.
At one point I ran a sniffer and was able to see all the usernames and
password in clear text.



How?  Can you tell me how to read that from the packets?
I just did the same, and I could not see my password in clear text.
Did see a lot of mentions of "MD5" among the packets, thought.
Is the password simply a little "obfuscated" in some way?

I'm not very experienced in this, so I'd like to know if I missed something.
Once before, I've seen people claim that it passwords (for VNC)
were sent in clear text, but I couldn't see them then either.
I use Ethereal for packet captures.

Cheers,
Anders :)


---------------------------------------------------------------------------
----------------------------------------------------------------------------

Current thread:

Re: Hotmail sign-in through Outlook Express -- clear-text? Anders Reed Mohn (Jun 06)
- Re: Hotmail sign-in through Outlook Express -- clear-text? James Fields (Jun 06)
- <Possible follow-ups>
- Re: Hotmail sign-in through Outlook Express -- clear-text? SVater (Jun 06)
  - Re: Hotmail sign-in through Outlook Express -- clear-text? Anders Reed Mohn (Jun 10)