Vulnerability Development mailing list archives
Re: ICQ Spoofing Question (or second dumb question of the day)
From: Robert van der Meulen <rvdm () CISTRON NL>
Date: Wed, 20 Sep 2000 10:58:07 +0200
Hi, Quoting Sander Smeenk (CistroN Medewerker) (ssmeenk () cistron nl):
Ehrm.. I've never seen an icqspoof tool which could spoof as being a random chatter in Free for Chat state. And that is what the poster requested.
I didn't get that at first :)
But I think that isn't spoofable, since you must connect with the ICQ server to be present and marked 'Free for Chat'. And to connect to the server you need a UIN and a password. :]
It is possible to send a change-password request after the client has connected to the server. It is imperative, though, that the client has not been 'active' after the connect (i.e. no send-trough-server messages recieved or sent), because of a serial-number guessing problem. Very probably it is possible to send a free-for-chat request/packet in the same manner. (Ofcourse everybody knows by now that ICQ is a braindead protocol that was meant to be broken from day #1) Greets, Robert -- | rvdm () cistron nl - Cistron Internet Services - www.cistron.nl | | php3/c/perl/html/c++/sed/awk/linux/sql/cgi/security | | My statements are mine, and not necessarily cistron's. | Marijuana is nature's way of saying, "Hi!".
Current thread:
- ICQ Spoofing Question (or second dumb question of the day) Leon Rosenstein (Sep 19)
- Re: ICQ Spoofing Question (or second dumb question of the day) Robert van der Meulen (Sep 19)
- Re: ICQ Spoofing Question (or second dumb question of the day) Riley Hassell (Sep 19)
- Re: ICQ Spoofing Question (or second dumb question of the day) Sander Smeenk (CistroN Medewerker) (Sep 20)
- Re: ICQ Spoofing Question (or second dumb question of the day) Robert van der Meulen (Sep 20)
- Re: ICQ Spoofing Question (or second dumb question of the day) Masial (Sep 20)
- Re: ICQ Spoofing Question (or second dumb question of the day) Robert van der Meulen (Sep 21)
- Re: ICQ Spoofing Question (or second dumb question of the day) dis (Sep 22)
- Message not available
- Re: ICQ Spoofing Question (or second dumb question of the day) Audun (Sep 24)
- Re: ICQ Spoofing Question (or second dumb question of the day) Bluefish (P.Magnusson) (Sep 23)
- Re: ICQ Spoofing Question (or second dumb question of the day) Masial (Sep 24)
- Re: ICQ Spoofing Question (or second dumb question of the day) Robert van der Meulen (Sep 19)
- Re: ICQ Spoofing Question (or second dumb question of the day) 3APA3A (Sep 20)
- <Possible follow-ups>
- Re: ICQ Spoofing Question (or second dumb question of the day) Ozy --- (Sep 24)