Hello, I keep hearing and reading about Yahoo Messenger as the least secure IM software, because the passwords are transmitted in plaintext. Yet Yahoo has changed the login process in their Messenger several months ago, and I don't know if the critics about Y!Msg transmitting clear text passwords applies to the current versions of the product, or only the old ones. Or do they apply only if one tries to connect to Yahoo through an HTTP proxy ? or a SOCKS proxy ? I did some quick testing using "direct" connections (no proxies). I sniffed my own Yahoo login with both Ethereal and Ettercap, and couldn't collect the password. The login name however, as well as all the aliases and the entire buddy list, were sniffed as they are transmitted in clear text. I could easily read all that information in Ethereal. Both Ethereal and Ettercap claim to decode the Yahoo protocol, but neither actually did. What I saw were "raw TCP packets" :-) I did the same test with ICQ and I collected the password easily using Ettercap. I believe Yahoo has made some changes in their IM protocol a few months ago, and the sniffers only decode the previous version of the protocol. I came across the following document on the web, which explains some of the Yahoo Protocol. http://www.venkydude.com/articles/yahoo.htm Regards Chris __________________________________________________ Do You Yahoo!? Yahoo! Finance - Get real-time stock quotes http://finance.yahoo.com
This archive was generated by hypermail 2b30 : Wed Aug 28 2002 - 09:21:07 PDT