lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Sun Aug  7 17:37:04 2005
From: ad at class101.org (ad@...ss101.org)
Subject: [HAT-SQUAD][Release] Tiny MSN fuzzer (passwd demo)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

/*
C:\>msn_fuzzer test@...l.com testpasswd
[.] Resolving.....: messenger.hotmail.com = 65.54.239.140
[.] Connected.....: 207.46.4.25:1863
[.] HTTPS.........: unauthorized (login/passwd)
[.] Disconnection..

C:\>msn_fuzzer test@...l.com testpasswd -v
[.] Resolving.....: messenger.hotmail.com
[.] Resolving.....: messenger.hotmail.com = 65.54.239.140
[.] Connecting....: 65.54.239.140:1863
[.] Connected.....: logging (test@...l.com)
[.] Connected.....: 207.46.4.33:1863
[.] Connected.....: logging (test@...l.com)
[.] Connected.....: challenge string OK
[.] HTTPS.........: unauthorized (login/passwd)
[.] Disconnection..

C:\>msn_fuzzer test@...l.com testpasswd -vv
[.] Resolving.....: messenger.hotmail.com
[.] Resolving.....: messenger.hotmail.com = 65.54.239.140
[.] Connecting....: 65.54.239.140:1863
[.] Connected.....: 65.54.239.140:1863
[.] Connected.....: logging (test@...l.com)
[.] Connected.....: buffer #1
[.] Connected.....: buffer #2
[.] Connected.....: buffer #3
[.] Transferred...: 207.46.4.92:1863
[.] Connected.....: 207.46.4.92:1863
[.] Connected.....: logging (test@...l.com)
[.] Connected.....: buffer #1
[.] Connected.....: buffer #2
[.] Connected.....: buffer #3
[.] Connected.....: challenge string OK
[.] HTTPS.........: subconnection #1 (nexus.passport.com)
[.] HTTPS.........: retrieving login server
[.] HTTPS.........: retrieving login server (success)
[.] HTTPS.........: subconnection #2 (loginnet.passport.com)
[.] HTTPS.........: retrieving hash ticket
[.] HTTPS.........: unauthorized (login/passwd)
[.] Disconnection..

C:\>msn_fuzzer 207.46.4.92 1863 test@...l.com testpasswd -vv
[.] Connecting....: 207.46.4.92:1863
[.] Connected.....: 207.46.4.92:1863
[.] Connected.....: logging (test@...l.com)
[.] Connected.....: buffer #1
[.] Connected.....: buffer #2
[.] Connected.....: buffer #3
[.] Connected.....: challenge string OK
[.] HTTPS.........: subconnection #1 (nexus.passport.com)
[.] HTTPS.........: retrieving login server
[.] HTTPS.........: retrieving login server (success)
[.] HTTPS.........: subconnection #2 (loginnet.passport.com)
[.] HTTPS.........: retrieving hash ticket
[.] HTTPS.........: unauthorized (login/passwd)
[.] Disconnection..

etc,etc..

The C code might be used to fuzze some MSN clients, bruteforce, etc,
etc...

demonstration:

http://class101.org/MSN_fuzzer.zip
*/
#include <stdio.h>
#include <string.h>
#include <io.h>
#include <afxext.h>
#include <afxinet.h>
#include <winsock2.h>
#pragma comment(lib, "ws2_32")
#pragma comment(lib, "mpr")
#pragma comment(lib, "wininet")

void ver(),usage(),error(),foot(),done(SOCKET s);
int vb1=0,vb2=0,port,i,j,l00p=0;
char
*ar0,*ar1,*ar2,*ar3,*ar4,*ar5,*one,*pwd,*mail,mail_[128],mail__[128],newip[1
5],newport[5];
hostent* one_;
WSADATA wsadata;

int engine1(char *one,int port,char *mail,int argc);

int main(int argc,char *argv[])
{
 ver();

ar0=argv[0],ar1=argv[1],ar2=argv[2],ar3=argv[3],ar4=argv[4],ar5=argv[5];
 if (argc==1){usage();return 0;}
[......sniipppppppped......]

probably much infos where you know =]

****************************************************************
KEY: 0xA7C69C5F
PRINT: 694C 3495 BCC4 2F8B D794  6BD4 AF8B 457B A7C6 9C5F
****************************************************************

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2rc2 (MingW32) - GPGOE 0.4.1

iQIVAwUBQvY28q+LRXunxpxfAQJ76A/+IyBcK0oDBYUi739FYBsg7BE5uu6cJjod
/wz7RiQfFr8ylfZ+TnWwt73orhak26fCVyZ+2E0KDZnuuyA9C7/RxQHyGcA1PEJe
fjVEu6qwG74boR2QVEdoYQvJSTz9lpCpt8tu3XCm3O7Ne68uZLtluEnyyEL0wvc0
Y805tzn5X+ha/tCAEtClGe0opNocRZ7MI1v2lq4JkvVbuMphBfXakVWJZHCCciT8
6U1Iwf2gqU6u0INhpuubTZzKHGiUqL2UpiqudfCoEI/w1uLRvje3syi4bpJovN1w
yXHoKvQkdSzbSSbADOl4LSi/mXFLfez7oSBbephtXlTVTgFBMgqWyUoQiJmfter/
xs6HtYW0KJOh6BhxSAgedF/UlAb3QxVea5NWPriSBJlkznjwfO7ZuSngS6xocjKe
jomHnlIjyJZrlS24WDHXn4vFvHDvLjaNj+dIjhvlvgtl6LkNCFLChUYN9PvWEj9S
ntvWTDTJMQKYQo8c1XWNlYQghxFawJpfNyNsqxpZDAIHU4kYVwYRMOf6YVsVkw2L
KuSJtHHgzSOC8UgBur/MH07P8/e2HmyZiIrtSI90DNq6uHpWVH//5TSVTHd8QVWl
vzrBH1jE/VKbtf0HX8ThQNrmtCoherPJiB1E55ZNcEmaUHSs6SLufyOCGP0+r0uK
bR1mANKpGQo=
=owt+
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ