Re: Secure Yahoo logins
From: Alan McCaig (alanmccaig@yahoo.co.uk)Date: 08/28/02
- Previous message: Nick Jacobsen: "Re: Secure Yahoo logins"
- Maybe in reply to: Jeremy: "Secure Yahoo logins"
- Next in thread: Chris Caydes: "Re: Secure Yahoo logins"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 28 Aug 2002 14:32:25 -0000 From: Alan McCaig <alanmccaig@yahoo.co.uk> To: vuln-dev@securityfocus.com('binary' encoding is not supported, stored as-is) In-Reply-To: <028d01c24e44$201eb060$6501a8c0@uiyetr>
>A couple things - one, yahoo DOES send the password in plain text, you
just
>have to capture it at the right time,
That aint true the last time i was messing with yahoo protocols i learned
alot for them there main ones are called ycht and ymsg and depending on
what protocol you use when logging in it will then depend how the
password is sent. On the ycht protocol your password will be sent in
clear text in the login string i here there is plans for yahoo to stop
using this protocol but ymsg it is alot more secure at first ymsg wasn't
to great and it had problems where people could authenticate there selfs
as any user without there password for a good txt on ymsg9 you should
read http://www.venkydude.com/articles/yahoo.htm yahoo is now at ymsg10
but it ant much changes from 9.
Regards
Alan
- Previous message: Nick Jacobsen: "Re: Secure Yahoo logins"
- Maybe in reply to: Jeremy: "Secure Yahoo logins"
- Next in thread: Chris Caydes: "Re: Secure Yahoo logins"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
