|
First:
We are not trying to train Hackers of voilence and
illegality ;) We are just a "project" that tries to teach you, the
readers how Security holes work.
The first Tuts will go around the
rootes (read them to understand everything) further then we'll
discuss the more complex topics. As soon as you see "Word(1/2/3
/....)" you will find a explenation at the end of the text.
Disclaimer: These informations are for legal use only. They
are for the educational use and explain how things work they don't
tell/ask you to do this!! We take no responsibility for any illegal
activities!
So if you want to learn and don't want illegal activities
you are welcome to read and understand!
Introduction:
What to say about MSN well its a Chat tool of Microsoft!
You can use it form many things. But actually its a typically chat
client like icq, aim,...! Well first these clients are not as secure
as you might think but we will talk about that now!
1) MSN - HOTMAIL? or vice versa
2) MSN? So what is it actually?
3) Security?
4) Functions
5) How to retrieve the IP
6) Where is the password stored?
7) Social engineering possability with msn
8) Securing?
9) Other Interesting Keys
1) MSN -
HOTMAIL? or vice versa
Well hotmail is a firm and branch of Microsoft! It is a
free web based email service. They have added this so called
Microsoft Network that thought of developing a chat system - then
next hotmail took this idea msn(the network) closed down and a
client called Messanger (MSN) was developed! This a chat client
used by many people! A wide spread network as you see. This makes
things interesting!
2) MSN? So
what is it actually?
A gui(Graphical User Interface) chat system. It connects
you to a server which knows the other connections established and
thus can forward your messages to any user! A quite good idea -
course it actually doesn't use direct connections and there for you
wouldn't see the IP with a normal "netstat -a". But there is of
course a way to get the IP which I will tell you of course!
3) Security?
As I told you the security aspect of anonymity in
connotation to IP's is ok! But the password encryption is very bad!
And the storage place is the registry and there for not very secret!
And the problem is that there is no real ssl(shouldn't you
understand this "ssl" its secure socket layer and I really don't
want to explain this here course its a own protokoll and I really
don't want to explain so much in this text its pure little msn
article but you can find more information on the net!) and there for
anybody could "hash" data! And you can easily fake messages or
answers...
4) Functions
Well you can chat, send files, send sms, telefon, check
your email, visit hole chat-rooms and other things its a quite
compact little application! What else shall I say? Download it if
you want and check it... ;>
5) How to
retrieve the IP
Well you can the IP with a normal direct connection and
overlook it with "netstat -a" but you have to - as I said -
establish a DIRECT CONNECTION! This can be done by send a file! So
send a file and if he acknowledges the file and its exchanged you
can quick check the active connection tables with "netstat - a" just
open command.com and type "netstat -a".
6) Where is
the password stored?
In the registry key called:
"Hkey_Current_User\Software\Microsoft\MessengerService\PasswordMSN
Messenger Service" It is ALWAYS the password of your email account
and your username is the email adress! So if your email is
"bg@hotmail.com" your username is "bg@hotmail.com"! So if you have
cracked the password you of course have the control of the email
account and the chat system!
http://newdata.box.sk/2001/jan/win/MSDecripter.exe Find the
pwcracker here.
7) Social
engineering possability with msn
Well I just thouhgt about what could be done via social
engineering!? Well this is what I developed: When a new update of
the messanger is available you recieve an email which tells you all
about the new things! Well so what I thought of is actually that
you fake this email make it look professional spoof it from
"support@hotmail.com" or something and add a trojan to it! Even
viruses could be added everything a own chat client that logs all
text send or something! Well the possabillities are endless... Enjoy
it!
8) Securing?
Well first of course you could send an email to hotmail
that anounces your feelings about the security on hotmail! But I
doubt they will read it!! So these are the things you should/nt do:
1) Don't store the password
2) Don't accept any file from users you DON'T KNOW!
3) Use hotmail just as spam account DON'T GET DEPENDENT
FROM HOTMAIL!
These are the only things I can think of! Yeah perhaps use
other clients and proxy your connection! Well anyway enjoy!
9) Other
Interesting Keys
Well like have a look at this:
'HKEY_CURRENT_USER\Software\Microsoft\MessengerService\ListCache\.NET
Messenger Service'
and from here just have a browse through some of the
strings. The 'Allow' and 'block' strings look like they are
encrypted (i.e. stored in un-readable format). This is not the case.
Just double click any of them and you'll be able to make out the
contacts e-mail address on the right side. From here you can see who
the person has allowed to message him, and who he's blocked. ;)
Ok, now say you have NETBIOS or some other sort of access
to someones computer that you don't like very much. And you want to
spread information about them. They may have their telephone number
available to people on their msn contact list. You can extract this
info from their comp. It's under the same registry entry, i.e.
'HKEY_CURRENT_USER\Software\Microsoft\MessengerService\ListCache\.NET
Messenger Service'
Now, from here you just look for any of these three
strings:
PHH (home telephone number)
PHM (mobile telephone number)
PHW (work telephone number)
These strings will be in PLAIN TEXT! Way-to-go-microsoft!!
Anyway I'm out...have fun! ;)
Credits
Dead Beat
email: strebergarten@hotmail.com
irc: zion.extremehacker.net : 6667 #exploiters or if not
there here: "irc.box.sk : 6667 #exploiters"
http://ugw.advknowledg.net Many more tutorials can be found
here!
Be Part of the Future:
Advknowledge Network:
http://www.advknowledge.net
|