Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:1834
HistoryJul 16, 2001 - 12:00 a.m.

Messenger/hotmail MITM exploit

2001-07-1600:00:00
vulners.com
13
JSON

hello,

this a little sploit i wrote for Linux to test a man in the
middle attack
against Messenger/Hotmail.
A kind of swiss army knife that:

*/ use the messenger scrambler bug to get passwords hashes
*/ spoof hotmail site to retrieve plaintext passwords (since
protocol is not
enciphered) when users open their hotmail account directly from
messenger.
*/ remotely crash the client (i did not yet identify where
exactly live the
bug)
*/ upload a malicious program of your choice as an update. Since
it was not
signed by microsoft, messenger will complain about it but
however will ask
the user if he wishes to open it anyway. Guess what should be a
typical user
behavior ? ;)

this script need the useful arptool from Cristiano Lincoln
Mattos and our
favorite web server (for hotmail spoofing and fake messenger
update)

use it for educationnal purpose only.

cheers,

Gregory Duchemin

Get Your Private, Free E-mail from MSN Hotmail at
http://www.hotmail.com.

JSON