Hack ICQ bằng C

Merely by leaving your ICQ application logged in ( Java _or_ Win32 ) youraccount can be hijaaked (the password changed withoyt knowing the original).An attacker can then use that account to obtain information from peoplecontacting you, or to do other inappropriate things which would result inthe account being terminated.
Nội dung trích xuất từ tài liệu:
Hack ICQ bằng CHackICQbằngC:trangnàyđãđượcđọc lầnDate:Sun,31May199816:46:200700From:wumpus@INNOCENT.COMSubject:ICQHijaaking..IsYOURaccountsafe?Thesourcecodehereprettymuchsaysitall.Mirabilishasbeenextremelynegligentinfixingprotocolholes,andthisallowsaccountstobesubvertedwithpossibleleaksofinformation.MerelybyleavingyourICQapplicationloggedin(Java_or_Win32)youraccountcanbehijaaked(thepasswordchangedwithoytknowingtheoriginal).Anattackercanthenusethataccounttoobtaininformationfrompeoplecontactingyou,ortodootherinappropriatethingswhichwouldresultintheaccountbeingterminated.IhavegivenMirabilisfairwarningofthisattack,andtalkedwithArikaboutwhatwasnecessarytofixit.Unfortunately,withthelastfourversionsthishasnotbeenputintoplace.Itwouldseemtheonlywaytofixsuchgraveproblemswiththeirprotocolistoairitinthepublicarena.Therearenorealworkaroundsforthisproblem,althoughtherearesomeobviousworkaroundstothisexploit(lefttothereader).IfyouvalueyourICQaccount,donotlogintoituntilafixisavailable.Otherwise,youcanhopenoonebotherstohityourUINthereareahugenumberandyoumightbelucky.Ihadtoshrinkthecommentsandstuffdowntomakethisfitthe1klinelimitonbugtraq...*shrug*Readatyourownperil./*.ICQHijaak.Version1C..Author:wumpus@innocent.com.Copyright(c)1998Wolvesbane..Bydownloadingorcompilingthisprogram,youagreetothetermsofthis.license.IfyoudonotagreewithanyofthesetermsyouMUSTdeletethis.programimmediatelyfromallstorageareas(includingbrowsercaches)..(A)Youagreenottousethisprograminanywaythatwouldconstitutea.violateofanyapplicablelaws.Thismayincludedfederallawsifyou.liveintheUnitedStatesandsimilarlawsregardingcomputersecurity.inothercountries..(B)Youagreetoholdtheauthors(referredtocollectiveasWolvesbane).harmlessinanydamagesthatresultduetoyourpossessionoruseof.thissoftware..(C)Wolvesbanedoesnotclaimthatthisprogramimplementsanyfunctions..Asthesayinggoes,Yougetwhatyoupayfor.Andyoudidntpay.anythingforthis..(D)ThissoftwareisFREEfor_NONCOMMERCIAL_use.Youmaynotusethis.programforanycommercialuse(oranyotheractivitywhichmakesyou.moneywiththeassistanceofthisprogram).Theauthorisnot.interestedincommercialuseofthisprogram(andcannotthinkofwhat.commercialusewouldconsistof)..(E)ThisprogramwascreatedusingLinuxwithIPMasqueradingtorunthe.ICQprogramunmodifiedandwithoutanydissassembly.Thetesting.wasdonewithvolunteers,andwithasecondcomputerloggedintothe.ICQnetwork.NoICQuserswereharmedinthecreationortestingof.thisprogram..(F)ThiscopyrightappliesonlytothecodewrittenbyWolvesbane,andnot.toanythingincludedunderFairUse..(G)PleasenotethatifyouuseANYsectionsofthiscodeinyourwork,.(whichIexpresslyallowaslongasitisNONCOMMERCIAL),youare.obligatedtogivemesomecreditinyourcomments(ifitisasource.file)orinastringconstantifitisabinaryfile.Ifyoudonot.wishtodoso,youmayNOTincludeANYportionofthisfileinyour.ownwork.*//**UPDATES,forMay31,1998**InotifiedMirabilisaboutthisbugaboutamonthago(whichfrom*whatIrecallisthesemiofficialdelaytoallowafix).*Inthattime,MirabilishasgonefromDLL1.22toDLL1.26.This*exploithasbeentestedagain1.26andstillworks.*ooops*!*ThisexploithasrathersimplisticUDPscanningcode...ifitdoesnt*work(ie,against.sehosts),thenyoucanthijaakthem.Sorry,but*Ijustdontcareenough.**Lastly,evenaWindowsusercangetanyonesIPfromICQbysendinga*messagetotheirUIN,anddoinganetstat.**WiththeacquistionofMirabilisandtheICQprotocolbyAOL,Iwill*nolongerbeplayingwiththeICQprotocol.Priortothatactualevent*youmightcontactmewithquestionsonthisprogram.*//*.IamindebtedtotheauthorofICQSNIFF.C,forhiscleardescriptionof.theICQprotocol(althoughithassincechanged).Andfortheideaas.well...SomeinformationcamefromanonymoussourcesandUsenetpostingswhich.Ididntjotdowntheauthor.Iapologizetoanyauthorwhoseeshis/her.ideasinhere.Noneofthiscodewasstolen..*//*ToquoteArik:ArikVardi(arik@ICQ.COM)Mon,15Dec199713:55:160500Thanksforthevoteofconfidence.Actualy,wedontpublishtheprotocolsinceitsaworkinprogressandwestillhaveprettymajorchangesfromversiontoversion.Passwordencryptionwillbeaddressedinthenextclientrelease,spoofingclientmessageshasalreadybeenaddressedinournewversionICQ98a,(whichisnotwhatyouareusing)andshouldnotbepossibleoncewephaseoutolderclients(hopfulybytheendofthismonth).Weapreciateyourpointingoutvulnrabilitiestousandwilldoourbesttofixtheminfuturereleases.*//*.Guesswhat,Arik.You*lied*aboutfixingspoofingandthisprovesit.*/#include#include#include#include#include#include#include#include/*forAF_INET*/#include#include#includeintMultiResolve(char*hostname,int*addr_count,structin_addr**addresses);enum{FAILURE=1,SUCCESS=0};/*=========================================================================*/typedefunsignedshortintu16;typedefunsignedlongintu32;typedefunsignedcharu8;/*=========================================================================*/#definebyte(v,o)(*((u8*)(&(v))+(o)))#defineword(v,o)(*((u16*)((unsignedchar*)(&(v))+(o))))#definedword(v,o)(*((u32*)((unsignedchar*)(&(v))+(o))))unsignedchar ...