Security Basics mailing list archives
Re: Hotmail sign-in through Outlook Express -- clear-text?
From: "Anders Reed Mohn" <anders_rm () utepils com>
Date: Fri, 6 Jun 2003 10:37:39 +0200
----- Original Message ----- From: "Kenzo" <kenzo_chin () hotmail com> To: <security-basics () securityfocus com> Sent: Friday, May 23, 2003 9:04 PM Subject: Re: Hotmail sign-in through Outlook Express -- clear-text?
I'm pretty sure that it's not encrypted. At one point I ran a sniffer and was able to see all the usernames and password in clear text.
How? Can you tell me how to read that from the packets? I just did the same, and I could not see my password in clear text. Did see a lot of mentions of "MD5" among the packets, thought. Is the password simply a little "obfuscated" in some way? I'm not very experienced in this, so I'd like to know if I missed something. Once before, I've seen people claim that it passwords (for VNC) were sent in clear text, but I couldn't see them then either. I use Ethereal for packet captures. Cheers, Anders :) --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Re: Hotmail sign-in through Outlook Express -- clear-text? Anders Reed Mohn (Jun 06)
- Re: Hotmail sign-in through Outlook Express -- clear-text? James Fields (Jun 06)
- <Possible follow-ups>
- Re: Hotmail sign-in through Outlook Express -- clear-text? SVater (Jun 06)
- Re: Hotmail sign-in through Outlook Express -- clear-text? Anders Reed Mohn (Jun 10)