On Fri, 12 Apr 2002, Vinay Pai wrote:
What do you think we're trying to do? The official yahoo client uses an MD5 Challenge/Response pair that is near impossible to crack.
I don't know anything about the Yahoo protocol etc. But speaking from a purely cryptographic stand point, this protocol necessarily has to be crackable. In the absence of an external key (i.e. one entered by
The point is we don't know what the key is. If we can figure that out, we'd make some progress. What we do know, is that the yahoo server sends a challenge string - a MD5 hash - that I'm guessing is used somehow to hash the password. Now, this hash that is sent by the server may be generated based on anything, but possibly a timestamp and the userid that is sent through first. We don't really care about that as you said. We care about what the yahoo client does with this hash and the password.
However, it can be immune to a passive attack, i.e. simply listening to communications go back and forth. To break it one would need to reverse-engineer the Yahoo program.
Not necessarily. Just a thought - the libcrypto library being used is free software, so why not just restrict our tracing to what goes into and what comes out of MD5_* functions. That should give us a fair idea of how the hash is being generated. I've done a preliminary analysis, and judging by the number of calls to MD5_Update, I'm guessing that this is almost identical to how pam generates passwords. What's the probability that yahoo would use the same tried and tested algorithm rather than develop their own?
If you can, please help.
If it is legal to do it, I can try to disassemble and reverse-engineer the Yahoo protocol.
The protocol you can reverse-engineer - it is broadcast over a TCP/IP network, which means all packets are available for public inspection. The binary you may not be allowed to, but check the licence agreement anyway.
Get a packet sniffer (I think you already have one),
tcpdump?
ethereal is better for separating out the parts of the packets, and it also understands several protocols.