Vulnerability Development mailing list archives
Re: ICQ pass cracking
From: JklojLrnzn () AOL COM (JklojLrnzn () AOL COM)
Date: Tue, 1 Feb 2000 10:07:36 EST
| WolF Knox wrote: | > One day i was doing absolutely nothing on the net and i though, hell, | > why not make a password crack for ICQ since it's only 8 chars? something | > like, you put that long-lost-UIN-with-fake-email in a field and the | > program will try all the possibles combinations to discover the | > password, of course, 8 chars is relatively small....the program would | > need to have some kind of pause/resume system, like you try today, you | > need to disconnect, you pause, go offline, later you come back and try | > again resuming since the point you stopped. | | Please elaborate. Is there a local ICQ password on the HD that can be | poked at? Do you know what the allowed character set is? Or are you | talking about bruting the ICQ servers? If it's the latter, 8 characters | can take a long, long time across a network, and that's assuming there is | no lockout feature. | | BB
Of course, local pass crackers can be written in fact they have already been written. Just take a look at the respective archives at packetstorm, neworder or AntiCode: http://packetstorm.securify.com/icq/ http://neworder.box.sk/box.php3?act=2&prj=neworder&gfx=neworder&srch=icq http://www.AntiCode.com/cgi-bin/showdsc.anticode?cat=icq.html I also found one program, homepage here: http://icqrinfo.headstrong.de/ derDoc
Current thread:
- Re: ICQ pass cracking JklojLrnzn () AOL COM (Feb 01)
- Re: ICQ pass cracking WolF Knox (Feb 03)