Re: ICQ Spoofing Question (part deux)

[Masial <masial () SECURED ORG>]

<< snip >>
The idea behind my question is social engineering.  I am curious if it is
possible to “spoof” being a random chatter (IE finding someone on romance of
students or games) and thus being able to produce the random sub-divisivon
in the list.

If I get a message from someone and it is not from Random chat they merely
appear as NOT IN LIST.  I want to know if I can actually spoof the
sub-divison on a client that says RANDOM.
<< /snip >>

Your initial message was indeed a bit misleading on the spoofing goal. To
acheive what you want, i think you might want to get the icqspoof.c source
and tweak it a bit. Also, dump some TCP traffic of random chat messages and
try to see if there are flags in the data to set the NOT IN LIST or RANDOM.
While its possible that there are some, from the looks of it, i think this
would be determined client side on the target based on your message uin.
Therefore, you would have to spoof an UIN of someone with the status you
intend to acheive.

I belive there are some webpages out there about the ICQ protocol you might
want to check too, i dont have urls however.

Best luck,

M.

PS: html hurts my eyes.