Vulnerability Development mailing list archives
Re: Secure Yahoo logins
From: Alan McCaig <alanmccaig () yahoo co uk>
Date: 28 Aug 2002 14:32:25 -0000
In-Reply-To: <028d01c24e44$201eb060$6501a8c0@uiyetr>
A couple things - one, yahoo DOES send the password in plain text, you
just
have to capture it at the right time,
That aint true the last time i was messing with yahoo protocols i learned alot for them there main ones are called ycht and ymsg and depending on what protocol you use when logging in it will then depend how the password is sent. On the ycht protocol your password will be sent in clear text in the login string i here there is plans for yahoo to stop using this protocol but ymsg it is alot more secure at first ymsg wasn't to great and it had problems where people could authenticate there selfs as any user without there password for a good txt on ymsg9 you should read http://www.venkydude.com/articles/yahoo.htm yahoo is now at ymsg10 but it ant much changes from 9. Regards Alan
Current thread:
- Secure Yahoo logins Jeremy (Aug 27)
- Re: Secure Yahoo logins Roland Postle (Aug 27)
- Re: Secure Yahoo logins David Schwartz (Aug 27)
- Re: Secure Yahoo logins John Madden (Aug 27)
- Re: Secure Yahoo logins Roland Postle (Aug 28)
- Re: Secure Yahoo logins Nick Jacobsen (Aug 27)
- Re: Secure Yahoo logins David Thiel (Aug 27)
- Re: Secure Yahoo logins Nick Jacobsen (Aug 28)
- Re: Secure Yahoo logins David Thiel (Aug 28)
- Re: Secure Yahoo logins Steve Bremer (Aug 28)
- Re: Secure Yahoo logins David Thiel (Aug 27)
- Re: Secure Yahoo logins Roland Postle (Aug 27)
- <Possible follow-ups>
- Re: Secure Yahoo logins Alan McCaig (Aug 28)
- Re: Secure Yahoo logins Chris Caydes (Aug 28)
- Re: Secure Yahoo logins Chris Caydes (Aug 28)
- RE: Secure Yahoo logins Kayne Ian (Softlab) (Aug 29)
- Re: Secure Yahoo logins Muhammad Faisal Rauf Danka (Aug 29)