-
Notifications
You must be signed in to change notification settings - Fork 0
/
snac_01_1f.html
142 lines (125 loc) · 4.42 KB
/
snac_01_1f.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
<html>
<head>
<title>SNAC(01,1F) server client verification command</title>
<style type="text/css">
body {background-color: white; font-size: 13px;}
td {font-size: 16px;}
</style>
</head>
<body bgcolor=white>
<table width=640 bgcolor=darkblue cellSpacing=0 cellPadding=0 border=0><tr><td>
<table width=100% cellSpacing=2 cellPadding=0 border=0><tr><td bgcolor=#4040FF >
<table width=100% cellSpacing=0 cellPadding=0 border=0>
<tr>
<td><b><font color="white">SNAC(01,1F) </font></b></td>
<td width=70% align=right><b><font color="white">SRV_CLI_VERIFICATION </font></b></td>
</tr>
</table>
</td></tr>
</table>
</td></tr></table>
<table width=640 cellSpacing=0 cellPadding=0 border=0>
<tr>
<td>
<br>
The verification request contains eight bytes. The first four are an offset,
the second four are a length.<br><br>
The offset is an offset into aim.exe when it is mapped during execution
on Win32. So far, AOL has only been requesting bytes in static regions
of memory.<br><br>
When the client recieves the request, it adds it to the current ds
(0x00400000) and dereferences it, copying the data into a buffer which
it then runs directly through the MD5 hasher. The 16 byte output of
the hash is then sent back to the server.<br><br>
If the client does not send any data back, or the data does not match
the data that the specific client should have, the client will get the
following message from "AOL Instant Messenger":<br><br>
"<font color=blue>You have been disconnected from the AOL Instant Message
Service (SM) for accessing the AOL network using unauthorized software.
You can download a FREE, fully featured, and authorized client, here
http://www.aol.com/aim/download2.html</font>"<br><br>
The connection is then closed, recieving disconnect code 1, URL
http://www.aim.aol.com/errors/USER_LOGGED_OFF_NEW_LOGIN.html.
<br><br>
<table width=640 bgcolor=darkblue cellSpacing=0 cellPadding=0 border=0><tr><td>
<table width=100% cellSpacing=2 cellPadding=0 border=0><tr><td bgcolor=#E9E9E9 >
<table width=640 cellSpacing=0 cellPadding=0 align=center border=0>
<tr>
<td width=169> 00 01</td>
<td width=5> </td>
<td>word</td>
<td width=5> </td>
<td width=55%>SNAC family</td>
</tr>
<tr>
<td> 00 1F</td>
<td> </td>
<td>word</td>
<td> </td>
<td>SNAC subtype</td>
</tr>
<tr>
<td> 00 00</td>
<td> </td>
<td>word</td>
<td> </td>
<td>SNAC flags</td>
</tr>
<tr>
<td> xx xx xx xx</td>
<td> </td>
<td>dword</td>
<td> </td>
<td>SNAC request-id</td>
</tr>
</table>
</td></tr>
<tr><td bgcolor=#E9E9E9>
<table width=640 cellSpacing=0 cellPadding=0 align=center border=0>
<tr>
<td width=169> xx xx xx xx</td>
<td width=5> </td>
<td>dword</td>
<td width=5> </td>
<td width=55%>Requested data offset</td>
</tr>
<tr>
<td> xx xx xx xx</td>
<td> </td>
<td>dword</td>
<td> </td>
<td>Requested data length</td>
</tr>
</table>
</td></tr></table>
</td></tr></table>
</td></tr></table>
<br>Example SNAC dump with flap header:
<table width=640 bgcolor=darkblue cellSpacing=0 cellPadding=0 border=0><tr><td>
<table width=100% cellSpacing=2 cellPadding=0 border=0><tr>
<td bgcolor=#E9E9E9>
<font size=3><pre style="font-size: 13px">
2A 02 E5 65 00 12 00 01 00 1F 00 00 82 E8 D1 D1 *..e............
03 FF FF FF 03 FF FF FF ........
</pre></font>
</td></tr></table>
</td></tr></table>
<br>
<table width=640 bgcolor=darkgray cellSpacing=0 cellPadding=0 border=0><tr><td>
<table width=100% cellSpacing=2 cellPadding=0 border=0><tr><td bgcolor=#E9E9E9 ><table width=100% cellSpacing=0 cellPadding=0 border=0>
<tr><td align=center valign=middle><b><font color=black size=2>
<a href="index.html" target="_top">Main</a> |
<a href="basic.html" target="_top">Basic</a> |
<a href="login.html" target="_top">Login</a> |
<a href="families.html" target="_top">Snaclist</a> |
<a href="sequences.html" target="_top">Sequences</a> |
<a href="lists.html" target="_top">Misc</a> |
<a href="changes.html" target="_top">Changes</a> |
<a href="credits.html" target="_top">Credits</a> |
<a href="terms.html" target="_top">Terms</a>
</font></b></td></tr></table>
</td></tr></table>
</td></tr></table>
<!--#include virtual="_bottom.htxt" -->
</body>
</html>