From mds1281@ritvax.isc.rit.edu Mon May 4 14:23:30 1998 Date: Tue, 28 Apr 1998 07:25:13 +0000 From: Matt Smith Reply-To: icq-devel@tjsgroup.com To: icq-devel@tjsgroup.com Subject: [ICQdev] V4 more info on the encryption I've already posted some info on V4 encryption but just found out some more stuff so here goes. It looks like version 4 packets udp have the following structure. ver 04 00 version X1 xx xx unknown random key1 xx xx xx xx see below key2 xx xx xx xx ditto uin xx xx xx xx encyrpted (sometimes) uin X2 xx xx xx xx unknown random key1 and key2 are xored together and the high word is the command and the low word appears to be the SEQ number. This only works sometimes but it seems to usually be right unless key2 is obviously not an actual key something like 00 02 00 02 or even 00 00 00 00. Some of the commands are the same as older versions login and send text code at least. It also seems that much of the same structure is used but is prepended with random junk which may be keys signatures crc SEQ or something else. Probably not seq since it's in the 2 keys. X1 xored with the high word of key1 seems not to be completely random but I have yet to determine weather or not it's important or my imagination. The server and the client seem to pass large blocks of encrypted data back and forth and I'm not sure what that's for since the encryption seems fairly simple they're not public keys or anything like that. Obviously more investigation is needed. -- Matt ===================================================== The "unoffical, not-sponsored-by-Mirabilis-one-bit" ICQ Clone Development List