Navigation
 show/hide nav list 
 
Links
 show/hide nav list 






 
Ads
 
 

06.29.08

More poetry. Work on ShadowQuest is moving along.

06.21.08

More quotes. Fixed the CSS so the navbar stays on top in FF3...

06.21.08

More quotes. Fixed the CSS so the navbar stays on top in FF3...

04.17.08

More quotes added - and the other quote pages were removed.

03.05.08

Discontinuing the aim_ssl socket, since AOL has released a semi-open AOL framework: http://dev.aol.com/aim

03.03.08

New post.

02.07.08

Updated my old UHolder program - ported it from VB6 to Java. Get the source here.

10.28.07

New project uploaded, it's basically a socket to make coding for AIM Triton/AIM6 easier - it handles the login sequence and the sockets, and hands you the data from the packets so you can process it. Documentation is here: http://tsourceweb.com/aim_java_ssl/. The source and classes you need are here: http://tsourceweb.com/aim_java_ssl/aim_java_ssl.zip.

1.22.07

New layout is up. The navbars on the left are draggable and should also remember their position when you load a new page. You can minimize them as well by clicking on the arrows - there's a weird bug in IE which I'll work out sometime this week, but overall it works pretty well.

12.30.06

Thought some of you might find this tidbit interesting - the AIM 5.x hashes in the registry are actually formatted in such a way that they are extremely easy to crack, even for longer passwords.

Let's look at an example hash:

KiXrSfv5vY+aublU5zh0L3M+cqJ/3HBOX+Sb/7r8iK4=

This hash represents the password:

08-L7TwCzFc9j\'6

Now, lets de-Base64 it and enhex it so it's easier to read:

2a25eb49fbf9bd8f9ab9b954e738742f    733e72a27fdc704e5fe49bffbafc88ae

Note how I've split it into two segments - the first half is just the md5 hash of the password, plain and simple. The second half is the md5 hash of the first eight characters, in lowercase. One caveat though, any characters that are not alphanumeric are discarded, so in this case the actual password we are hashing is:

08l7twc

If five of the first eight characters had been non-alphanumeric we would have only hashed the remaining three in lowercase form. This makes cracking exceptionally easy for passwords eight characters or less, because you only have to crack the alphanumeric password, then if that doesn't work it's just a matter of determining where the extra symbols fit. With passwords longer than eight characters it reduces the number of possibilities you have to try by the billions, since you can find the first eight alone. It makes it the equivalent of cracking two eight character passwords instead of one sixteen character password.

This is the difference between 43608742899428874059776 and 417654129152 possibilities to try (based on all combinations of lowercase letters) - as you can see, it's many magnitudes easier to crack two smaller passwords. Enjoy! :)

-Unfair

12.29.06

No surprises here, you can use your hashes from 5.x aim versions to sign on with AIM6 - it makes a new key in the registry with this path:

HKEY_CURRENT_USER\Software\America Online\AIM6\HashedPasswords

put a new string value in that section - it should have a name which is the same as the screenname you wish to sign on, the value should be the hash from your 5.x version of aim, usually found here:

HKEY_CURRENT_USER\Software\America Online\AOL Instant Messenger (TM)\CurrentVersion\Users\[Name of user]\Login\Password1

You also need to add a new DWORD with the same name in the following section:

HKEY_CURRENT_USER\Software\America Online\AIM6\Options

Last but not least alter the UserList value, found here:

HKEY_CURRENT_USER\Software\America Online\AIM6

It's in the format:

username1,username2,username3,

Note the trailing comma. For this login method they send the straight md5 of your password, no extra salting or anything like in previous AIM versions. Anyway, I should have some more interesting stuff for you guys in the next few days leading up to the new year.

-Unfair

12.18.06

Got the mail server all up and working happily. Address is unfair@tsourceweb.com if you need to contact me.

The UnfairNet.com site and Freehax.com forum should be back up within the next few days too (still finishing a bit of recoding on the forum... okay it was a major overhaul)

-Unfair

12.16.06

I've been playing around with AIM6/Triton, and managed to replicate their login sequence - it's extremely insecure and I would suggest avoiding it at all costs. Also of note, the AIM6 passwords are stored encoded in the registry under:

HKEY_CURRENT_USER\Software\America Online\AIM6\Passwords

Yes, that's right, I said the password is encoded/encrypted there is no hashing involved so it is possible to extract plaintext passwords from the registry! I'm still working on figuring out how it is encoded/encrypted, but I should say it is definitely a block encryption, working on 8 byte blocks. Possibly DES. The whole thing is prefaced with 8 bytes which are not part of the password (could be the key I guess), and the whole shebang is then base64 encoded and placed in your registry for anyone to grab and decrypt.

Oh and here's the crappy AIM 5.2 VB OCX source code you guys have been asking for:
http://tsourceweb.com/files/unfairoscsock.zip

I'll post a Java class that emulates the AIM6/Triton login soon, keep checking back.

-Unfair

12.12.06

Server is up - sites will be coming back online over the next few days!
Some of the sites have been, or are currently in the process of being redesigned.
We'll also have a few new AOL related files/programs going up, for those of you that are interested in that kind of stuff. ;)

AOL just can't keep our server offline.
Thanks to Turbzy for hosting the freehax index page during the transition


I do not agree with what you have to say, but I'll defend to the death your right to say it.    -Voltaire