<!-- MHonArc v2.4.4 -->
<!--X-Subject: [MUD-Dev] OT: ICQ hacks and exploits -->
<!--X-From-R13: X Q Znjerapr <pynjNhaqre.rate.ftv.pbz> -->
<!--X-Date: Fri, 5 Jun 1998 09:26:03 -0700 -->
<!--X-Message-Id: 199806051623.JAA08123#under,engr.sgi.com -->
<!--X-Content-Type: text/plain -->
<!--X-Head-End-->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<html>
<head>
<title>MUD-Dev message, [MUD-Dev] OT: ICQ hacks and exploits</title>
<!-- meta name="robots" content="noindex,nofollow" -->
<link rev="made" href="mailto:claw#under,engr.sgi.com">
</head>
<body background="/backgrounds/paperback.gif" bgcolor="#ffffff"
text="#000000" link="#0000FF" alink="#FF0000" vlink="#006000">
<font size="+4" color="#804040">
<strong><em>MUD-Dev<br>mailing list archive</em></strong>
</font>
<br>
[ <a href="../">Other Periods</a>
| <a href="../../">Other mailing lists</a>
| <a href="/search.php3">Search</a>
]
<br clear=all><hr>
<!--X-Body-Begin-->
<!--X-User-Header-->
<!--X-User-Header-End-->
<!--X-TopPNI-->
Date:
[ <a href="msg00883.html">Previous</a>
| <a href="msg00885.html">Next</a>
]
Thread:
[ <a href="msg00889.html">Previous</a>
| <a href="msg00885.html">Next</a>
]
Index:
[ <A HREF="author.html#00884">Author</A>
| <A HREF="#00884">Date</A>
| <A HREF="thread.html#00884">Thread</A>
]
<!--X-TopPNI-End-->
<!--X-MsgBody-->
<!--X-Subject-Header-Begin-->
<H1>[MUD-Dev] OT: ICQ hacks and exploits</H1>
<HR>
<!--X-Subject-Header-End-->
<!--X-Head-of-Message-->
<UL>
<LI><em>To</em>: <A HREF="mailto:mud-dev#kanga,nu">mud-dev#kanga,nu</A></LI>
<LI><em>Subject</em>: [MUD-Dev] OT: ICQ hacks and exploits</LI>
<LI><em>From</em>: J C Lawrence <<A HREF="mailto:claw#under,engr.sgi.com">claw#under,engr.sgi.com</A>></LI>
<LI><em>Date</em>: Fri, 05 Jun 1998 09:23:40 -0700</LI>
<LI><em>Reply-To</em>: <A HREF="mailto:mud-dev#kanga,nu">mud-dev#kanga,nu</A></LI>
</UL>
<!--X-Head-of-Message-End-->
<!--X-Head-Body-Sep-Begin-->
<HR>
<!--X-Head-Body-Sep-End-->
<!--X-Body-of-Message-->
<PRE>
Due to the number of ICQ users we have here:
Date: 4 Jun 1998 21:49:09 -0000
From: announce-outgoing#rootshell,com
Cc: recipient list not shown: ;
Subject: [rootshell] Security Bulletin #19
...deletia...
An archive of this list is available at :
<A HREF="http://www.rootshell.com/mailinglist-archive">http://www.rootshell.com/mailinglist-archive</A>
...deletia...
01. ICQ Hijaak
- --------------
As of 6/3/98 Mirabilis has disabled the ability to change your password at
all. The purpose of this bulletin is to alert all ICQ users of the dangers
in the ICQ protocol. Rootshell now has 4 unique exploits for the ICQ
protocol online at www.rootshell.com.
- --
Date: Sun, 31 May 1998 16:46:20 -0700
From: wumpus#INNOCENT,COM
Subject: ICQ Hijaaking.. Is YOUR account safe?
The source code here pretty much says it all. Mirabilis has been extremely
negligent in fixing protocol holes, and this allows accounts to be subverted
with possible leaks of information.
Merely by leaving your ICQ application logged in ( Java _or_ Win32 ) your
account can be hijaaked (the password changed withoyt knowing the original).
An attacker can then use that account to obtain information from people
contacting you, or to do other inappropriate things which would result in
the account being terminated.
I have given Mirabilis fair warning of this attack, and talked with Arik
about what was necessary to fix it. Unfortunately, with the last four versions
this has not been put into place. It would seem the only way to fix such
grave problems with their protocol is to air it in the public arena.
There are no real workarounds for this problem, although there are some
obvious workarounds to this exploit (left to the reader). If you value your
ICQ account, do not log into it until a fix is available. Otherwise, you
can hope no one bothers to hit your UIN --- there are a huge number and you
might be lucky.
...full source code of exploit deletia...
--
J C Lawrence Internet: claw#null,net
(Contractor) Internet: coder#ibm,net
---------(*) Internet: claw#under,engr.sgi.com
...Honourary Member of Clan McFud -- Teamer's Avenging Monolith...
</PRE>
<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->
<HR>
<ul compact><li><strong>Follow-Ups</strong>:
<ul>
<li><strong><A NAME="00885" HREF="msg00885.html">[MUD-Dev] Re: OT: ICQ hacks and exploits</A></strong>
<ul compact><li><em>From:</em> Mike Sellers <mike#bignetwork,com></li></ul>
</UL></LI></UL>
<!--X-Follow-Ups-End-->
<!--X-References-->
<!--X-References-End-->
<!--X-BotPNI-->
<UL>
<LI>Prev by Date:
<STRONG><A HREF="msg00883.html">[MUD-Dev] Re: Administrative Meddling</A></STRONG>
</LI>
<LI>Next by Date:
<STRONG><A HREF="msg00885.html">[MUD-Dev] Re: OT: ICQ hacks and exploits</A></STRONG>
</LI>
<LI>Prev by thread:
<STRONG><A HREF="msg00889.html">[MUD-Dev] META: membership list</A></STRONG>
</LI>
<LI>Next by thread:
<STRONG><A HREF="msg00885.html">[MUD-Dev] Re: OT: ICQ hacks and exploits</A></STRONG>
</LI>
<LI>Index(es):
<UL>
<LI><A HREF="index.html#00884"><STRONG>Date</STRONG></A></LI>
<LI><A HREF="thread.html#00884"><STRONG>Thread</STRONG></A></LI>
</UL>
</LI>
</UL>
<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->
<ul><li>Thread context:
<BLOCKQUOTE><UL>
<LI><STRONG>[MUD-Dev] Re: Levelless MUDs</STRONG>, <EM>(continued)</EM>
<ul compact>
<ul compact>
<ul compact>
<LI><strong><A NAME="01156" HREF="msg01156.html">[MUD-Dev] Re: Levelless MUDs</A></strong>,
Matt Chatterley <a href="mailto:matt#mpc,dyn.ml.org">matt#mpc,dyn.ml.org</a>, Sun 21 Jun 1998, 16:30 GMT
</LI>
</ul>
</ul>
</ul>
</LI>
<LI><strong><A NAME="00898" HREF="msg00898.html">[MUD-Dev] RE: META: Archives.</A></strong>,
Koster, Raph <a href="mailto:rkoster#origin,ea.com">rkoster#origin,ea.com</a>, Mon 08 Jun 1998, 15:29 GMT
<LI><strong><A NAME="00895" HREF="msg00895.html">[MUD-Dev] META: Archives.</A></strong>,
Ling <a href="mailto:K.L.Lo-94#student,lboro.ac.uk">K.L.Lo-94#student,lboro.ac.uk</a>, Sat 06 Jun 1998, 17:17 GMT
<LI><strong><A NAME="00889" HREF="msg00889.html">[MUD-Dev] META: membership list</A></strong>,
J C Lawrence <a href="mailto:claw#under,engr.sgi.com">claw#under,engr.sgi.com</a>, Fri 05 Jun 1998, 22:57 GMT
<LI><strong><A NAME="00884" HREF="msg00884.html">[MUD-Dev] OT: ICQ hacks and exploits</A></strong>,
J C Lawrence <a href="mailto:claw#under,engr.sgi.com">claw#under,engr.sgi.com</a>, Fri 05 Jun 1998, 16:26 GMT
<UL>
<LI><strong><A NAME="00885" HREF="msg00885.html">[MUD-Dev] Re: OT: ICQ hacks and exploits</A></strong>,
Mike Sellers <a href="mailto:mike#bignetwork,com">mike#bignetwork,com</a>, Fri 05 Jun 1998, 17:22 GMT
<UL>
<LI><strong><A NAME="00891" HREF="msg00891.html">[MUD-Dev] Re: OT: ICQ hacks and exploits</A></strong>,
J C Lawrence <a href="mailto:claw#under,engr.sgi.com">claw#under,engr.sgi.com</a>, Sat 06 Jun 1998, 01:18 GMT
</LI>
</UL>
</LI>
</UL>
</LI>
<LI><strong><A NAME="00876" HREF="msg00876.html">[MUD-Dev] Re: skill system</A></strong>,
John Bertoglio <a href="mailto:alexb#internetcds,com">alexb#internetcds,com</a>, Thu 04 Jun 1998, 08:18 GMT
<UL>
<LI><strong><A NAME="00926" HREF="msg00926.html">[MUD-Dev] Re: skill system</A></strong>,
J C Lawrence <a href="mailto:claw#under,engr.sgi.com">claw#under,engr.sgi.com</a>, Wed 10 Jun 1998, 02:07 GMT
</LI>
</UL>
</LI>
</UL></BLOCKQUOTE>
</ul>
<hr>
<center>
[ <a href="../">Other Periods</a>
| <a href="../../">Other mailing lists</a>
| <a href="/search.php3">Search</a>
]
</center>
<hr>
</body>
</html>
