Re: ICQ Spoofing Question (or second dumb question of the day)

[Robert van der Meulen <rvdm () CISTRON NL>]

Hi,

Quoting Masial (masial () SECURED ORG):
> Are you certain that this information is still valid? I certainly remember
> about this but it was awhile back with an older version of ICQ. I belive
> they fixed this server-side after much account stealing occured, thats too
> bad because i could have had my old UIN back (sub mil). I belive
> change-password now requires you to be authenticated with the icq server
> first. Or maybe im not understanding your point?
Yep - and that's why the client has to be in an inactive state from the
moment it logs on to the moment you try to spoof the request..
You profit from the client-authentication, and spoof the password-change
request, and it works because the client is readily authenticated.

> I remember a public statement they once stated someone had hacked icq
> accounts via a trojan JPEG image, uhh, yeah, ok (r33t).
I'm curious about how they did _that_ :) don't recall reading anything about
that...

Greets,
        Robert

--
|      rvdm () cistron nl - Cistron Internet Services - www.cistron.nl        |
|          php3/c/perl/html/c++/sed/awk/linux/sql/cgi/security             |
|         My statements are mine, and not necessarily cistron's.           |
      If you can't learn to do it well, learn to enjoy doing it badly.