Re: ICQ Pass Cracker.

[Inedag () AOL COM (Inedag () AOL COM)]

In a message dated 1/27/2000 4:51:15 PM Pacific Standard Time,
robertw () WOJO COM writes:

> I don't know about the latest versions (99b), but I recall that ICQ stored
>  passwords in PLAINTEXT in the .dat file located in <ICQDIR>\db or
>  <ICQDIR>\db99b, etc.  I checked my .dat file, and found an old password in
>  there... plain text.  I can't seem to get rid of it, so I will just hex
edit
>  it out.  It amazes me how lazy some programmers can be.

I was unable to locate the plaintext password for ICQ99b, beta 3.19, build
2569.  I don't have "Save Password" checked, but it obviously doesn't go to
the mirabilis servers to verify the password (I have that
request-password-for-everything option turned on).  I looked into the .dat,
and found old messages and chats that I've long since deleted -- sighhh.  It
seems also to store my smtp and pop servers (never put them in ICQ -- just
Eudora), and an apparent encrypted password, in the form of 22 hex bytes.

-ine