imfreedom/knowledgebase
Clone
Initial conversion, still missing myspace and msn
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/comparisons/avatars.md Sat Apr 09 07:23:53 2022 -0500
+Avatars, Buddy Icons, Profile Pictures, etc have been around for a long time +and as such, everyone has their own take on them. This page attempts to +summarize these differences. +Protocol/Network | Supported | Animated | Transparency +---------------- | --------- | -------- | ------------ +[Bonjour](../protocols/bonjour.md) | Yes | Yes | ? +[Discord](../protocols/discord.md) | Yes | Yes | Yes +[Facebook](../protocols/facebook.md) | Yes | ? | ? +[Hangouts](../protocols/hangouts.md) | Yes | ? | ? +[ICQ](../protocols/icq.md) | Yes | ? | ? +[IRC](../protocols/irc.md) | No | - | - +[Matrix](../protocols/matrix.md) | Yes | ? | ? +[Mattermost](../protocols/mattermost.md) | Yes | ? | ? +[Rocketchat](../protocols/rocketchat.md) | ? | ? | ? +[Skype](../protocols/skype.md) | ? | ? | ? +[Slack](../protocols/slack.md) | Yes | No | No +[Telegram](../protocols/telegram.md) | Yes | ? | ? +[XMPP](../protocols/xmpp.md) | Yes | No | ? --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/comparisons/emoji.md Sat Apr 09 07:23:53 2022 -0500
+This is a list of protocols and how they go about implementing emoji as well as +custom emoji. This list is not meant to be exhaustive but perhaps over time it +**alpha code**: The text that is displayed or that a user types to display an +emote. On Twitch this could be something like `Kappa`, `LUL`, `rwgrimWave`, +Official twitch emotes come in a few varieties; global which are available to +everyone at all times, special "cheermotes" that will donate Twitch bits to +streamers, channel specific emotes available to subscribers (some at different +levels), and other emotes that are unlocked via gifting from other events. At +the time of this writing Twitch is running a special +[K-Pop](https://blog.twitch.tv/en/2020/10/19/celebrating-k-pop-on-twitch-unlock-exclusive-k-pop-emotes/) +emote give away that need to be unlocked but remain available forever. Other +times the emotes are only available for a limited time. +For Talkatu's sake, cheermotes are no different than any other emote on Twitch, +as their special behavior (sending bits to a streamer) would have to be +implemented via the protocol plugin itself. That said, it looks like cheermotes +are not rendered unless the ircv3 tag is on the privmsg. +Anyways, emotes come in from Twitch with a numeric identifier and boundaries of +where it is used in a message; see the emotes section of the +[tags](https://dev.twitch.tv/docs/irc/tags#privmsg-twitch-tags) documentation +for more information. This is the responsibility of the protocol plugin to +replace before it ends up in Talkatu. However, since you need the identifier of +the emote to get the pixel data (it's part of the URL) we should probably keep +Also, as alluded to before, just because an emote exists does not mean a user +can actually use it. We can ask Twitch which emotes the user can use but we +will have to keep track of that somehow. However, incoming emotes from other +users should be tagged as such for display. +* Users can only use a subset of the emote set. +* Must keep track of additional data (identifier). +* Available emotes can change at any time (new subscriptions, emote unlocked, + subscription expired, etc). +* Emote location is provided in incoming messages. +* Some animated emotes, namely cheermotes. +Discord causes a lot of scale issues due to its "one account, many servers" +paradigm which is vastly different from just about every other chat network out +there. Because of that, the emoji set is around the same order of magnitude as +Discord has a global emote set as well as per sever emotes that may or may not +be available to be used on external servers. +* Huge emoji set due to 1 account many servers. +* Each sever has a limited number of custom emojis. +* 100 static and 100 animated for non-partnered servers. +* Animated emoji available to "Nitro Subscribers". +* Emote location is provided in incoming messages. +* Some servers don't allow emotes from other servers. +Slack's emoji are a lot easier to deal with than Twitch and Discord. There is a +global [list of emoji](https://api.slack.com/methods/emoji.list) per instance +and they can be used by anyone. I have not been able to find a limit to the +number of custom emojis per server, but one slack I'm on currently has `2980` +custom emojis. Also Slack keeps track of who added and emote and when. +One of the downsides to Slack's implementation is that there is no data passed +to the client about the emote. It shows up like `:rwgrimLOL:` inline in the +I'm not aware of any mechanisms to tell clients about new emoji at this time, +but I also haven't explicitly looked for it yet. +* Potentially very large emote sets. +* All users can use all emotes. +* Additional data available (creator and creation date). +* Emotes can be added and removed at any time by users/admins. --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/index.md Sat Apr 09 07:23:53 2022 -0500
+# IMFreedom Knowledge Base +This is the Instant Messaging Freedome Knowledge Base, a project to gather IM +libraries and share the reverse engineering effort on protocols. We welcome +contributions from anyone, so if you have information about an IM network, +share it with the world! --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/mailinglists.md Sat Apr 09 07:23:53 2022 -0500
+imfreedom.org hosts mailing lists to promote the discussion of IM protocols and client specifications. The following lists are currently available: +* [messagestyles@imfreedom.org](http://imfreedom.org/cgi-bin/mailman/listinfo/messagestyles) + For discussion about [Message styles](specifications/messagestyles.md). +* [openim@imfreedom.org](http://imfreedom.org/cgi-bin/mailman/listinfo/openim) + For general discussion about implementing IM protocols. Specialized, + per-protocol lists, should follow. +* [discussion@imfreedom.org](http://imfreedom.org/cgi-bin/mailman/listinfo/discussion) + For general discussion about all IM Freedom activities. --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/aim.md Sat Apr 09 07:23:53 2022 -0500
+[AOL Instant Messenger (AIM)](https://en.wikipedia.org/wiki/AIM_(software)) +was a proprietary instant messaging program which used the OSCAR instant +messaging protocol. User were also able to connect to the network using the +[TOC](toc.md) and [TOC2](toc2.md) protocols. +It was released by AOL in May of 1997 and shutdown in December of 2017. + * [kingant.net/oscar/](https://kingant.net/oscar/) +## Additional Information + * [Wikipedia](https://en.wikipedia.org/wiki/AIM_(software)) --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/alitalk.md Sat Apr 09 07:23:53 2022 -0500
+[Downloads](http://im.alisoft.com/download/index.html?traceLog=alisoft) --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/baiduhi.md Sat Apr 09 07:23:53 2022 -0500
+Baidu Hi is Baidu's proprietary IM system. Baidu is the number one search and +## Additional Information +* [im.baidu.com](http://im.baidu.com/) --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/battle.net.md Sat Apr 09 07:23:53 2022 -0500
+Battle.net is a free-to-use gaming service developed by Blizzard Entertainment +to connect their games, specifically from their three big franchises, +StarCraft, Diablo, and WarCraft. It is proprietary. +The Battle.net service is an old service dating back to 1996 with the release +of the original Diablo game, and is best known as the first gaming service +integrated into the games. +Battle.net as a set of servers has always provided three basic things, +chatting, matchmaking, and player statistics. +Classic Battle.net (or BNET), the name retroactively given to the first set of +servers, allows game owners to connect to their servers and chat with other +players in channels. Battle.net was meant to loosely work like IRC, though its +moderation capabilities are less powerful, and the fact that players are +limited to a single channel at a time says otherwise. +* **Chat** (1996-2005) (they used to allow standard Telnet clients to connect + to their servers for chat purposes) +* **Diablo** (1996-present) (limited to public chat channels) +* **StarCraft** (1998-present) (and expansion) +* **WarCraft II** (1999-present) (support added by the "Battle.net Edition" +* **Diablo II** (2000-present) (and expansion) +* **WarCraft III** (2002-present) (and expansion) +The shareware and [Spawn](#spawn-clients) versions of the above games (Diablo +Shareware, StarCraft Spawn, WarCraft II Spawn) work too, but are limited to +### Battle.net Chat Server +The Battle.net Chat Server (BNCS) allows players to connect and join a channel. +* Account logon, creation, and password changes +* E-mail binding to accounts, and initiating e-mail-based password resetting +* Multiple-user public and private channels, where each player can be in one +* A list of Battle.net news and a message of the day +* A list of games you can advertise to or join one of (in Diablo II this is + Open Battle.net, and inWarCraft III, this is Custom Games) +* User profiles and game statistics +* For WarCraft III, ladder arranged-team matches +* For WarCraft III, ladder random-opponent matches +* For WarCraft III, tournament matches and statistics +* For WarCraft III, clan joining, creating, and management +* For WarCraft III, clan game statistics +Chat channels are either public, or private. Blizzard has the policy of not +interfering with players in private channels. +List of public channels: +* **Blizzard Tech Support** (used to conduct moderated tech support by + Blizzard employees, now defunct) +* **Open Tech Support** (for players to help other players with technical +* **Blizzard Chat** (for public chat about Blizzard) +* Public Chat (#) (historically the product channel for Telnet Chat, now used + for public chat, for example * "Public Chat 3") +* **Clan Recruitment** (for advertising your clan or group) +* (product name) (region-3-letter-code)-(#) (product channel for the client, + for example "Brood War USA-1") +* **Diablo II** (realm)-(region-3-letter-code)-(#) (product channel for a + closed Diablo II realm, for example "Diablo II Europe-GBR-10") +* various product-related channels (for example, channels for map making or +Any channel with the product name (list of product names: "Diablo", +"StarCraft", "StarCraftJ", "Brood War", "WarCraft II", "Diablo II", "LoD", +"WarCraft III", "Frozen Throne") followed by any single name is a product +channel for that client. All non-Diablo II product channels are public +channels, while Diablo II product channels are only public to users on the +correct Realm on Diablo II. +There are four official BNCS "gateways", which are a set of servers that +correspond to a certain region and have an associated domain and two associated +* USEast/Azeroth (useast.battle.net) +* USWest/Lordaeron (uswest.battle.net) +* Europe/Northrend (europe.battle.net) +* Asia/Kalimdor (asia.battle.net) +There were sometimes additional official servers: +* Beta/Westfall (beta.battle.net) (used to publicly test future patches) +* USTest/Stratholme (ustest.battle.net) (used to publicly test a hardware +* (unknown namespace) (demo.war3.battle.net) (an old version of the Battle.net +server software used to host the WarCraft III Demo. This is still running, +but does not support chatting or many other features, as they wanted to push +you to buy WarCraft III) +Unofficial (private) servers have been hosted by various people, leading to the +[bnetd controversy](http://en.wikipedia.org/wiki/Bnetd). This has since been +resolved. Hosting of private servers such as the open source +[PvPGN software](http://en.wikipedia.org/wiki/PvPGN) is deemed legal as long as +you do not check players' [CD Keys](#cd-keys). +A namespace is an unofficial term for the way BNCS handles multiple account +logon systems. All clients except WarCraft III used a broken SHA-1 based logon +system. With the release of WarCraft III, Blizzard wanted to allow users to +create all new accounts using their new SRP-based logon system that was more +secure, but they wanted to keep all old accounts for their previous games. All +accounts got `'@' + namespace` added to their username and new namespaces were +added, named after regions in the WarCraft universe. When you are on an +account, usernames appear without your current namespace. +For example, `A` is on WarCraft III and `B` is on StarCraft on +useast.battle.net. `A` sees `B@USEast` and `B` sees `A@Azeroth`. Both see +themselves and players on their namespace as the username they logged on with. +A special namespace exists for Blizzard employees. All Blizzard Representatives +and System Operators appear as `name@Blizzard`. +To connect, use **TCP** port **6112** and the domain name or IP address of the +Battle.net has had many players using various forms of automated programs, +"bots", on the Battle.net servers. They have been made to do everything from +chat and moderation, "warring" (the act of spamming or filling up a channel to +annoy or aggrevate the players), cheating (win bots, which fake games to +increase a win record, or Diablo II run bots). Blizzard does not approve of any +of these uses, but has only taken action against those bots which affect the +game experience, namely any bots who join a game server or hosted game. They +ignore bots who do chat and moderation with the policy that they won't +interfere with private channel disputes. +To log on to Battle.net with a game you own, BNCS requires that you securely +send your game's product key (known as a CD Key, as all these titles came only +on CDs when they came out). +CD Keys come in 13-digit (StarCraft), 16-character (WarCraft II and Diablo II), +and 26-character (WarCraft III and all digital download/digital purchase keys) +variants, and are decoded into a product value, public value, and private value +using different algorithms for each key type. You send the product and public +values and do a hash of the three values to verify that you have the key. +Spawning is a method by which friends could share copies of the game. Though +heavily restricted, the spawned client could join the official client on +Battle.net as long as the official client hosted the game. Battle.net 2 +recently brought the feature back with StarCraft II where joining a party with +a Starter Edition (basically someone who hasn't bought the game) upgrades the +SE player to the full client for the time the person is in the party. +Diablo, WarCraft II, and StarCraft bases their peer-to-peer networking on a +system dubbed the Storm UDP Protocol, based on its similarities between the +three games, and their common reliance on the Storm library packaged with the +games. Games are set up by the BNCS game list and hosted by one player. They +are joinable by up to three other players (Diablo), or seven other players +(StarCraft and WarCraft II). The BNCS determines UDP support during logon and +clients will warn you if it cannot be established. +Game clients bind to **UDP** port **6112** to allow hosting games. During BNCS +logon they communicate with the BNCS server at port **6112**. For games, the +game list specifies how to connect to the game host. The game host manages +connecting to the other players to create a fully connected network for the +other members of a game. +Players of Diablo II may see that there are two ways to connect to Battle.net, +known as open and closed. Open allows players to share their singleplayer save +with multiplayer, and has no way of verifying characters are not modified. When +playing games on open Battle.net, Diablo II uses the BNCS to advertise and join +games the same way as the peer-to-peer clients, except the "host" is an +official game server, not a player. +Closed Battle.net restricts players from cheating, by storing character data on +their Realm servers. When playing games on closed Battle.net, the BNCS tells +Diablo II clients how to connect to the Realm server during logon. This Realm +server keeps track of characters and game lists for closed Battle.net. The +Realm server tells closed Diablo II clients how to connect to a game server +All Diablo II communication uses **TCP**, often port **6112**. However, the +Realm server and the game server have their IP and port specified during logon. +### Warcraft III Peer-to-Peer +WarCraft III returns to peer-to-peer networking for games, but uses **TCP** +exclusively and a protocol unrelated to Storm UDP. Games are again set up by +the BNCS game list and hosted by one player. They are joinable by up to +fourteen other players. For ladder games (random matchups or arranged team +matchups), the host may be an official Battle.net server, to lessen cheating. +Game clients bind to **TCP** port **6112** to allow hosting games, though this +is configurable in the client. During BNCS logon the client advertises the port +it is bound to so that the game list can list your hosted games correctly. +The second set of servers, dubbed Battle.net 2 (or BN2), was released around +the time of StarCraft II's release and supports the modern Blizzard games. The +Battle.net account is integrated with the +[Battle.net website](http://battle.net/). Though there have been rumors and +claims of Classic Battle.net games and accounts being upgraded or somehow +integrated with the modern Battle.net 2 systems, no changes have taken place. +* **StarCraft II** (2010-present) (and expansion) +* **World of Warcraft** (2010-present) (and four expansions, support added in + 2010 with the "migration" of WoW accounts) +* **Diablo III** (2012-present) (and expansion) +* **Battle.net Desktop App** (future) (this is in open beta now, allowing + players to communicate with other players while not in-game or game menus) +* **Hearthstone** (future) (this is in closed beta now) +Each product seems to have their own different protocol with BN2, however they +all use **TCP** port **1119**. +* [BnetDocs Redux](http://bnetdocs.org/) - a complete reference for the + procedure for connecting to and using the BNCS and Diablo II's MCP (for + Realms), and some infromation on the various game protocols. +* [vL Bot Development Forum](http://forum.valhallalegends.com/index.php/board,17.0.html) - + a forum for a clan whose members are known for doing a lot of the reverse +* [Classic Battle.net Plugin for Pidgin](https://github.com/nmbook/pidgin-libbnet/) - + allows users to connect to and use BNCS for chatting while they are not able + or willing to run the game clients, for any libpurple client. \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/bonjour.md Sat Apr 09 07:23:53 2022 -0500
+[Bonjour](http://www.apple.com/macosx/technology/bonjour.html), formerly +Rendezvous, is Apple Inc.'s trade name for its implementation of Zeroconf, a +service discovery protocol used in Apple's Mac OS X operating system from +version 10.2 onwards. Intended for use on local area networks, Bonjour uses +multicast Domain Name System service records to locate devices such as +printers, as well as other computers, and the services that those devices +The [XMPP Standards Foundation](http://www.xmpp.org/) worked with developers at +Apple and several open-source projects to generate complete documentation of +Bonjour messaging. The relevant specification is +[XEP-0174: Link-Local Messaging](http://www.xmpp.org/extensions/xep-0174.html). +## Additional Information +* [Wikipedia](http://en.wikipedia.org/wiki/Bonjour_(software)) +* [Bonjour Homepage](http://www.apple.com/macosx/technology/bonjour.html) --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/cspace.md Sat Apr 09 07:23:53 2022 -0500
+[Cspace](http://www.cspace.in/) is a cryptographically secure, decentralised +peer-to-peer-based communications system for file sharing, chat based on text +In CSpace, every participant is uniquely identified by a 2048-bit RSA public +key. Where in traditional networking one would establish a connection +parameterised by an IP address and a port number, in CSpace connections are +parameterised by user ID and service identifier. Since each user runs the +services they are interested in using, there are typically no central servers +in CSpace - except one, to generate an account and to launch the application. --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/directnet.md Sat Apr 09 07:23:53 2022 -0500
+[DirectNet](http://directnet.sourceforge.net/index.php?title=Index) is a +instant messaging protocol that connects users directly to each other instead +of through a central server and all messages are sent directly between users. +It was written, for the most part, by Gregor Richards. +[Official Documentation](https://directnet.svn.sourceforge.net/svnroot/directnet/trunk/docs/) +## Additional Information +* [Wikipedia](http://en.wikipedia.org/wiki/DirectNet) +* [DirectNet Homepage](http://directnet.sourceforge.net/index.php?title=Index) --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/facebook.md Sat Apr 09 07:23:53 2022 -0500
+Facebook uses asynchronous javascript calls (ajax) with responses in javascript +object notation (JSON) over an HTTP connection (port 80). +Login is HTTP posted to https://login.facebook.com/login.php with POST +data `md5pass=0&noerror=1&email={email}&pass={pass}` where {email} and {pass} +are the user who is logging in's facebook email and password respectively. The +cookies that are set by the server must be sent during every POST and GET +request to the server(s) below +Every user on Facebook has it's own unique id (UID) number which can be found +easiest in the URL of their profile eg +"http://www.facebook.com/profile.php?id=1234567890" but can also be done via a +search query to http://www.facebook.com/srch.php?nm={search termhere} and is +stored in the cookie with name "c_user". Facebook chat uses these UID's for +sending and receiving instant messages. +Visibility is updated by sending an HTTP POST to +htttp://apps.facebook.com/ajax/chat/settings.php with the POST data +`visibility=true&post_form_id=1234` where post_form_id is an arbitrary id that +will be used throughout the process of communication (the facebook response +normally modifies the html that is contained within this form, and needs this +The buddy list is fetched via POST to +http://apps.facebook.com/ajax/presence/update.php with POST data +`notifications=1&popped_out=false&force_render=true&buddy_list=1` +Previous history of chat with another user is requested via POST to +http://apps.facebook.com/ajax/chat/history.php with POST data +`id=596176850&post_form_id=1234` where id is set to the UID of the user you +wish to download history of +Messages are sent via HTTP POST to http://www.facebook.com/ajax/chat/send.php +`msg_text={message}&msg_id=3409501070&client_time={timestamp}&to={uid}&popped_out=true&num_tabs=1&post_form_id=1234` +where {message} is the urlencoded text that is being sent, {timestamp} is the +local unix timestamp of the sender and {uid} is the UID of the user to send to +Messages are retreived by polling +`http://{1-30}.channel{1-20}.facebook.com/x/{UID}/false/p_{yourUID}={requestnumber}&` +using an HTTP GET request (not sure what the false bit is, but it can be true +too), where the {UID} is the uid of the buddy to download messages from and +{requestnumber} is an incrementing number, probably to work around +proxy/browser caches. The message that is returned from the server is like +`for (;;);{"t":"msg","c":"p_800753867","ms":[{"type":"msg","msg":{"text":"i'm sending u a message","time":1209548203464,"clientTime":1209548202312,"msgID":"3409501070"},"from":800753867,"to":596176850,"from_name":"Eion Robb","to_name":"Jeremy Lawson","from_first_name":"Eion","to_first_name":"Jeremy"}]}` +and are in JSON. Messages that are sent to a buddy are also returned back by +Setting a status message is done by POSTing `status={status_message_here}` to +`www.facebook.com/updatestatus.php` +It has been announced that Facebook will expose an XMPP interface to Facebook's --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/gadugadu.md Sat Apr 09 07:23:53 2022 -0500
+Reverse engineered Gadu-Gadu protocol is described in +[the protocol document](http://toxygen.net/svn/libgadu/trunk/docs/protocol.html) +together with its [libgadu](http://toxygen.net/libgadu/) library +implementation. (Polish language only.) --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/gale.md Sat Apr 09 07:23:53 2022 -0500
+[Gale](http://www.gale.org/) is an open instant messaging protocol. +Documentation is mostly incomplete but some can be found here: +* [GaleWiki](http://wiki.ofb.net/?GaleWiki) --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/goim.md Sat Apr 09 07:23:53 2022 -0500
+**GOIM** (Gamers Own Instant Messenger), is a +[free software](https://wiki.imfreedom.org/index.php?title=Free_software&action=edit&redlink=1) +[instant messaging](https://wiki.imfreedom.org/index.php?title=Instant_messaging&action=edit&redlink=1) +[Eclipse](https://wiki.imfreedom.org/index.php?title=Eclipse_IDE&action=edit&redlink=1) +[Rich Client Platform](https://wiki.imfreedom.org/index.php?title=Rich_Client_Platform&action=edit&redlink=1). +It uses the [Jabber](https://wiki.imfreedom.org/index.php?title=Jabber&action=edit&redlink=1) +protocol for communication with an extended presence packet to transmit +information about games a user is currently playing. +Although **GOIM** runs on all platforms supported by +[Java](https://wiki.imfreedom.org/index.php?title=Java_(programming_language)&action=edit&redlink=1) +and [Eclipse](https://wiki.imfreedom.org/index.php?title=Eclipse_IDE&action=edit&redlink=1), +platform dependent features are limited to +[Microsoft Windows](https://wiki.imfreedom.org/index.php?title=Microsoft_Windows&action=edit&redlink=1). +These include the detection when the user joins a Game Server as well as the +**GOIM InGame Messenger** which only supports DirectX 8 games. +**GOIM InGame Messenger** The GOIM InGame Messenger allows users to chat within +DirectX 8 games. Although currently not part of the main release it can be +obtained through the built-in update site. +**XFireGateway** As part of GOIM a jabber gateway to the Xfire protocol was +created, which allows every jabber client to communicate to xfire users. It +also implements **GOIM** presence extensions allowing transmitting of joined +game servers in both directions. +* [GOIM Official Site](http://goim.sphene.net/) +* [XFireGateway](http://xfirelib.sphene.net/wiki/show/XFireGateway) +* [GOIM InGame Messenger](http://goim.us/wiki/show/InGameMessenger) --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/googletalk.md Sat Apr 09 07:23:53 2022 -0500
+Google Talk is an instant messaging service that provides both text and voice +communication. The instant messaging service is colloquially known as "gtalk" +or "gchat" to its users. Because the Google Talk servers communicate with +clients using an open protocol, Extensible Messaging and Presence Protocol +XMPP, the service can also be accessed using any other client that supports +XMPP. Such clients are available for a number of operating systems not +supported by the Google Talk client. +Google Talk makes use of libjingle, which is Google's implementation of Jingle. +Clients which implement support for Jingle are incompatible with libjingle as +they are different enough. +Google Talk supports the following features : +The scenario is as follows : +<romeo@montague.lit> (sender) wants to send a file somefile.tar.gz of size (in +bytes) 24410321 to <juliet@capulet.lit> (receiver). +The procedure is as follows: +**1. Sender sends an "initiate" message to the receiver for initiating a +<iq from="romeo@montague.lit" to="juliet@capulet.lit" type="set" id="purple937c6e2e"> + <session xmlns="http://www.google.com/session" + initiator="romeo@montague.lit"> + <description xmlns="http://www.google.com/session/share"> + <name>somefile.tar.gz</name> + <url name="source-path">/temporary/x9w0a15d8gll334681a9tps7j838f104/</url> + <url name="preview-path">/temporary/p4e2a64s2ugd204688x7prk8s601m238/</url> + <transport xmlns="http://www.google.com/transport/p2p" /> +The receipt of the "initiate" message is acknowledged by the sender by a result +<iq to="romeo@montague.lit" id="purple937c6e2e" type="result" from="juliet@capulet.lit"/> +**2. The receiver replies with a "transport-accept" message if the "initiate" +message contains the required(and correct!) transport.** +<iq to="romeo@montague.lit" type="set" id="58" from="juliet@capulet.lit"> + <session xmlns="http://www.google.com/session" + type="transport-accept" + initiator="romeo@montague.lit"> + <transport xmlns="http://www.google.com/transport/p2p" /> +The receipt of the "initiate" message is acknowledged by a result IQ. +<iq type='result' to='juliet@capulet.lit' id='58' from="romeo@montague.lit"/> +**3. When the receiver accepts the file transfer, an "accept" message is sent +<iq to="romeo@montague.lit" type="set" id="59" from="juliet@capulet.lit"> + <session xmlns="http://www.google.com/session" + initiator="romeo@montague.lit"> + <description xmlns="http://www.google.com/session/share"> +The sender acknowledges the "accept" message with: +<iq type='result' to='juliet@capulet.lit' id='59' from="romeo@montague.lit"/> +**4. The receiver now sends an "info" message containing information about the +channel which will consequently allow the file bytes to flow.** +<iq to="romeo@montague.lit" type="set" id="60" from="juliet@capulet.lit"> + <session xmlns="http://www.google.com/session" + initiator="romeo@montague.lit"> + <channel xmlns="http://www.google.com/session/share" name="private-1" /> +Sender sends an IQ of type "result" for acknowledgement: +<iq type='result' to='juliet@capulet.lit' id='60' from"romeo@montague.lit"/> +**5. Now, candidates are exchanged, which will serve as the candidates for the +Each "transport-info" message contains the information about a single +**5a. The sender sends it's candidates:** +<iq type="set" id="purple937c6e2f" to="juliet@capulet.lit" from="romeo@montague.lit"> + <session xmlns="http://www.google.com/session" + initiator="romeo@montague.lit" + <transport xmlns="http://www.google.com/transport/p2p"> + <candidate address="192.168.160.101" + username="ccgg8psCDi8ALHPN" +The receiver acknowledges this with an IQ: +<iq type='result' from='juliet@capulet.lit' id='purple937c6e2f' to="romeo@montague.lit"/> +**5b. The receiver sends it's candidates:** +<iq to="romeo@montague.lit" type="set" id="61" from="juliet@capulet.lit"> + <session xmlns="http://www.google.com/session" + initiator="romeo@montague.lit"> + <transport xmlns="http://www.google.com/transport/p2p"> + <candidate name="private-1" + address="192.168.160.50" + username="sVfmPJvuPBdh+ail" + password="+9SLmzhJo6nqxYgE" +The sender acknowledges the "transport-info" with an IQ: +<iq type='result' to='juliet@capulet.lit' id='61' from="romeo@montague.lit"/> +**6. Finalizing a candidate pair for the file transfer, the receiver sends an +HTTP GET request in the following format:** +GET /temporary/x9w0a15d8gll334681a9tps7j838f104/somefile.tar.gz HTTP/1.1 +Host: romeo@montaglue.lit:0 +The URL following "GET" in the above request is the same as the "source-path" +URL that was sent as a part of the "initiate" message (Step #1). +**7. The sender replies with an HTTP response, in this format :** +Content-Length: 24410321 +Content-Type: application/octet-stream +The Content-Length field is changed from 0 to the size of the file under +**8. The actual transfer of file bytes is underway.** +The sender is writing bytes to the open stream while the receiver reads all the +bytes. As soon as the receiver has received the number of bytes mentioned in +the HTTP response, it considers the file transfer to be complete and sends an +"info" message containing "complete". +<iq to="romeo@montague.lit" type="set" id="68" from="juliet@capulet.lit"> + <session xmlns="http://www.google.com/session" + initiator="romeo@montague.lit"> + <complete xmlns="http://www.google.com/session/share" /> +Sender acknowledges "info" message with IQ : +<iq type='result' to='juliet@capulet.lit' id='68' from="romeo@montague.lit"/> +**9. The file transfer is complete.** +The receiver now sends a "terminate" message to the sender, showing it's +intention of tearing down the session. +<iq to="romeo@montague.lit" type="set" id="69" from="juliet@capulet.lit"> + <session xmlns="http://www.google.com/session" + initiator="romeo@montague.lit" /> +The sender acknowledges this with an IQ: +<iq type='result' to='juliet@capulet.lit' id='69' from="romeo@montague.lit"/> +**This completes the whole process of file transfer.** --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/gsc.md Sat Apr 09 07:23:53 2022 -0500
+This page is a placeholder, for documentation of the GSC protocol used by +This is a placeholder for the documentation of the GSC protocol +* [http://getgsc.com/](http://getgsc.com/) - GSC Official site --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/icq.md Sat Apr 09 07:23:53 2022 -0500
+ICQ is the first instant messaging and presence in the world, coming from +Mirabilis. Bought by AOL. Now owned by Mail.ru. Now used mainly in eastern +Europe. Privacy note: Russian government may have rights to access the logs +[under the law](http://www.newscientist.com/blogs/shortsharpscience/2010/07/russian-spooks-could-claim-web.html). +Connecting to ICQ with clientlogin requires a "devID" or "devKey". They can be +obtained [here](http://www.icq.com/legal/icq_developer_network_agreement.html). +Official clients use the following keys: +ICQ for Windows | 7.2 (or earlier) to 7.5 | gu19PNBblQjCdbMU +ICQ for Java | 3.0.0 | ic10GdI_eL50oMQ_ +ICQ for Mac/Linux (Adobe AIR) | ?? | ic1-IIcaJnnNV5xA +ICQ for Windows Mobile | ?? | mi12f8a_qCj1okmC +ICQ for Android | 1.0.1 | ao1mAegmj4_7xQOy +Web ICQ | ?? | ic1Fvhd7u8Msuxui +## Additional Information +* [http://icq.com/](http://icq.com/) +* [Wikipedia page](http://en.wikipedia.org/wiki/ICQ) --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/imessage.md Sat Apr 09 07:23:53 2022 -0500
+[http://en.wikipedia.org/wiki/IMessage](http://en.wikipedia.org/wiki/IMessage) +Information on this page is based on my examination of the Messages Beta +application for Mac OS X. The "client" works with three processes: iChat, +imagent and applepushserviced. iChat (which is now Messages) shows the UI, but +does not handle anything protocol specific, that's what imagent does (so the +user stays logged in if iChat isn't running). However, for iMessage, imagent +doesn't do make the connection itself, it uses applepushserviced. This is a +system level daemon that maintains an persistent connection to +courier.push.apple.com, probably for all push notifications. +This part looks very similar to the activation of +[iPhones](http://theiphonewiki.com/wiki/index.php?title=Activation_Token). +The connection of applepushserviced is encrypted with TLS using a client side +certificate. To retrieve such a certificate, it posts to: +`https://albert.apple.com/WebObjects/ALUnbrick.woa/wa/deviceActivation?device=MacOS` +(NOTE: this has a content type of "application/x-www-form-urlencoded", contrary +to most other requests, it is shown unencoded here): +activation-info=<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> + <key>ActivationInfoComplete</key> + <key>ActivationInfoXML</key> + (again a plist, see next block) + <key>FairPlayCertChain</key> + (a certificate issued by "Apple FairPlay Certification Authority", where does this come from?) + <key>FairPlaySignature</key> + (about 3 lines, probably related to the previous certificate) +The ActivationInfoXML field contains (base64 encoded): +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> + <key>ActivationRandomness</key> + <string>(hexadecimal string)</string> + <key>ActivationState</key> + <string>Unactivated</string> + <key>BuildVersion</key> + <key>DeviceCertRequest</key> + (encoded: -----BEGIN CERTIFICATE REQUEST-----...-----END CERTIFICATE REQUEST-----) + <string>iMac10,1</string> + <key>ProductVersion</key> + <string>10.7.3</string> + <key>SerialNumber</key> + <key>UniqueDeviceID</key> + <string>(hexadecimal string</string> +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<Document disableHistory="true" xmlns="http://www.apple.com/itms/"> + <key>device-activation</key> + <key>activation-record</key> + <key>AccountTokenCertificate</key> + (encoded: -----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----) + <key>DeviceCertificate</key> + (encoded: -----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----) + <key>AccountTokenSignature</key> + (a signature created with the first certificate? of the token?) + <key>AccountToken</key> + (encoded: {\n\t"ActivationRandomness" = "(same as sent)";\n\t"UniqueDeviceID" = "(same as sent)";\n}) + <key>ack-received</key> + <key>show-settings</key> +(after this, a number of lines of XML follow, appearing to describe an iTMS +The applepushserviced first does a DNS TXT query for "push.apple.com" [ +nslookup -query=txt push.apple.com] . This will return "count=50" or some +number XX. The daemon then creates a name using a number between 1..XX and +creates DNS name X-courier.push.apple.com. This DNS name is then handle by +Akamai DNS to return an ipaddress in the 17.X netblock that belongs to Apple. +Then, applepushserviced connects to a host on port 5223. These present a +certificate for courier.push.apple.com, and only accept connections which +present a client side certificate (retrieved in the previous step). +Contrary to what port 5223 might imply, it uses a binary protocol which bears +no resemblance to XMPP. Messages are of the form: +To enable debugging: sudo defaults write +/Library/Preferences/com.apple.applepushserviced APSWriteLogs -bool TRUE sudo +defaults write /Library/Preferences/com.apple.applepushserviced APSLogLevel +-int 7 sudo killall applepushserviced +For enhanced debug log msgs defaults write +/Library/Preferences/com.apple.applepushserviced EnableDetailedLogging true +I published a proxy for this push service, it prints all messages in a readable +format. I also wrote some docs about the protocol: +[meeee/pushproxy](https://github.com/meeee/pushproxy) --Meeee 17:00, 22 April +(1 byte type) (4 byte length) [(1 byte identifier? type?) (2 byte length) (length bytes data)]* +The handshake happens as follows: +Client (the connect message): +01 00 20: (32 byte key?) +Server (the connected message): +Client (the filter message): +01 00 20: (same 32 byte key) +It repeats, with a different key. This is the push token imagent uses: +02 00 14: (20 byte key?) +02 00 14: (other 20 byte key?) +0a seems to be used for actual messages. The format is: +04 00 04: 9d a1 c9 54 (identifier) +06 00 08: 12 73 9a 13 c9 65 a4 30 (unix time in ms?) +01 00 20: (32 bytes, the topic hash) +02 00 14: (20 bytes, the token) +03 00 53: (the payload, i.e., a binary plist) +This gets acknowledged by a message: +04 00 04: 9d a1 c9 54 (same as the 0a message had) +The 0c packet has the following syntax (probably used to identify a client?): +57 69 46 69 ("WiFi", probably used for iPhones?) +31 30 2e 37 2e 33 (10.7.3, system version) +31 31 44 35 30 (11D50, system build) +4d 61 63 42 6f 6f 6b 50 72 6f 38 2c 31 (MacBookPro8,1, computer model) +Which gets acknowledged by: +0a messages can contain binary plists, indicated by bplist00. A decoded + P = (gzip compressed data: <1f8b0800 00000000 XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXX>); + U = (appears to be a UID of the message: <XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX>); + i = (identifier of this message); + sP = "mailto:(email of the sender)"; + sT = (something DER encoded: <30530201 02170d31 32303231 38313232 3630335a 033fXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XX>); + t = (unknown? <XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX>); + tP = "mailto:(email of the receiver)"; + ua = "(identification of OS, version, build and machine)"; +Inflating the data in the P field gives again binary data. This could +encrypted, but the first byte always seems to be 02, followed by a two byte +length, followed by almost that much bytes, but not quite (?!), and then what +looks like a sequence of two DER encoded integers: +01 28 (looks like the length of the following bytes, but it's 2 to 4 bytes off?) +XX XX XX XX XX XX XX XX XX XX XX XX XX +XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX +XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX +XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX +XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX +XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX +XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX +XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX +XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX +XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX +XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX +XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX +XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX +XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX +XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX +XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX +XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX +XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX +XX XX XX XX XX XX XX XX XX XX XX +46 (length of the remainder) +30 44 (sequence, 44 bytes) +02 20 (integer, 20 bytes) +XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX +XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX +02 20 (integer, 20 bytes) +XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX +XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX +The sT field contains DER encoded data. It contains a sequence of an integer +(always 2), followed by a date (seems to be a recent time, but it doesn't +change, so it's not a timestamp of the message. maybe the time the client's +certificate was created?), and then a bitstring of around 64 bytes, which again +appears to be an DER encoded sequence of two integers (of around 30 bytes). +These plists are acknowledged by the server using messages containing bplists +Another form of acknowledgement is sent as (probably the delivery receipt): + U = (matches the U value of a previous plist <XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX>); +### Getting the auth token +https://service.ess.apple.com/WebObjects/VCProfileService.woa/wa/authenticateUser, +with a content type of "application/x-apple-plist": +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> + <string>sekret</string> + <string>steve@apple.com</string> +Server replies with something like: +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> + <key>status</key><integer>0</integer> + <string>(long, random string)</string> + <key>profile-id</key><string>D:(some number, unknown usage)</string> +### The default invitation context (how to look up contacts) +https://service.ess.apple.com/WebObjects/VCProfileService.woa/wa/getDefaultInvitationContext, +adding the following HTTP headers: +x-ds-client-id: t:(some long hexadecimal string, unknown use (identifies software version? or a computer?)) +x-vc-profile-id: D:(the profile-id as received in step 1) +x-vc-auth-token: (the auth token) +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> + <key>status</key><integer>0</integer> + <key>region-id</key><string>R:(two letter region code, examaple: NL)</string> + <key>base-phone-number</key><string>+310000000000</string> + <key>validated</key><true/> +### Check if the email needs validation +https://service.ess.apple.com/WebObjects/VCProfileService.woa/wa/validateEmail +(with the same extra headers): +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> + <key>email-address</key> + <string>steve@mac.com</string> + (appears to be a random string, around 45 bytes) +(During this, the client displays a dialog with "You can be reached for +messages at:", and a list with the used email, and the option to add more email +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> + <key>status</key><integer>5051</integer> +(My best guess of why it has a non-zero status is that 0 indicates the +validation of a user's email has started, and 5051 means "no validation +### Send a CSR and get a certificate +https://service.ess.apple.com/WebObjects/VCProfileService.woa/wa/idsProvisionEmails +WITHOUT the extra headers, only: +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> + <key>authentication-data</key> + <string>(the auth token again)</string> + (a certificate signing request, PEM encoded) + <string>mailto:steve@mac.com</string> + <string>Messenger</string> + <string>D:(the profile id)</string> +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> + <key>status</key><integer>0</integer> + <key>uri</key><string>mailto:steve@mac.com</string> + <key>status</key><integer>0</integer> + (a PEM encoded certificate) +Then the client posts to +https://service2.ess.apple.com/WebObjects/TDIdentityService.woa/wa/initializeValidation, +with only the extra header: +x-push-token: (the push token created in the earlier step) +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> + <key>session-info-request</key> + (7 lines of random appearing data. looks like something PEM encoded, but I haven't been able to decode it as a CSR or certificate.) +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> + <key>status</key><integer>0</integer> + <key>ttl</key><integer>300</integer> + <key>session-info</key>(yet another long string of random data) +Then the client posts to +https://service2.ess.apple.com/WebObjects/TDIdentityService.woa/wa/register, +without the extra headers, but with: +x-pr-cert: (the certificate the client received in the previous step) +x-pr-nonce: (the nonce used for generating the signature) +x-pr-sig: (the signature of the data? url?) +x-push-cert: (another cert in PEM format, don't know where it's from. issued by "Apple iPhone Device CA". has a "Mac OS Device Identity (Production)" section.) +x-push-token: (the push token created before) +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> + <key>capabilities</key> + <string>Messenger</string> + <key>public-message-identity-key</key> + <key>public-message-identity-version</key> + <key>hardware-version</key> + <string>(something which determines the Mac model, for example iMac10,1)</string> + <string>(system version, for example Mac OS X,10.7.3,11D1069)</string> + <key>software-version</key> + <string>(build number 11D1069)</string> + <key>validation-data</key> +Messages now shows the login as complete. Looking up users can be done as +A client does a GET request for +https://service1.ess.apple.com/WebObjects/TDIdentityService.woa/wa/query?uri= +followed by either an email as mailto%3Asteve@mac.com or a phone number as +tel%3A%2B30000000000. The only headers included are: +x-id-nonce: (the nonce used for signing) +x-id-cert: (the cert received from the server) +x-id-sig: (probably the contents? request? signed by the private key belonging to the certificate) +To which the server replies something like: +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> + <key>status</key><integer>0</integer> --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/impp.md Sat Apr 09 07:23:53 2022 -0500
+The "instant messaging and presence protocol" (IMPP) was created by Cerulean +Studios to be an open standard. +* [IMPP (official documentation)](https://www.trillian.im/impp/) (license --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/irc.md Sat Apr 09 07:23:53 2022 -0500
+The Internet Relay Chat (IRC) Protocol was first established in RFC 1459 though +the protocol is still being developed and is constantly changing. It is mainly +designed for group (many-to-many) communication in discussion forums called +channels, but also allows one-to-one communication via private message and data +transfers via Direct Client-to-Client. +* [IRC Documentation](http://www.irchelp.org/irchelp/rfc/) +* [Wikipedia](http://en.wikipedia.org/wiki/IRC) +* [www.networksorcery.com/enp/protocol/irc.htm](http://www.networksorcery.com/enp/protocol/irc.htm) --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/lcs.md Sat Apr 09 07:23:53 2022 -0500
+Microsoft's Live Communication Server is a proprietary enterprise IM and +presence system, derived from SIP/SIMPLE and incompatible with it. --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/lync.md Sat Apr 09 07:23:53 2022 -0500
+[Lync](http://lync.microsoft.com/en-gb/Overview/Pages/new-features.aspx) is an +instant messaging client developed by Microsoft. Replacing Windows Messenger, +Lync incorporates together collaboration features including instant messaging, +voice, and audio, video, and Web conferencing. Lync is specifically designed to +accommodate the spiking demands in collaboration among large enterprises. +## Additional Information +* [Microsoft_Lync](http://en.wikipedia.org/wiki/Microsoft_Lync) +* [Collaboration with Microsoft Lync](http://www.microsoft.com/business/en-sg/Solutions/Pages/Collaboration.aspx) --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/mig33.md Sat Apr 09 07:23:53 2022 -0500
+This page is a placeholder, for documentation of the mig33 protocol used by the mig33 IM network. +This is a placeholder for the documentation of the mig33 protocol +* [Official service provider](http://www.mig33.com/) +* [Early documentation of protocol](http://devinsmith.net/articles/mig33/index.html) --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/mmp.md Sat Apr 09 07:23:53 2022 -0500
+Message Posting Protocol (MPP) is used by +[Mail.ru Agent](http://agent.mail.ru/), a popular instant messaging program +used mainly in Russia. Besides basic IM functionality (presence, contact list, +sending text messages, file transfers, message history, etc) M-Agent also +provides online gaming, peer-to-peer voice calls, video calls, low-rate VoIP +calls, free SMS, automatic mail checking and other useful features. Mail.ru +Agent communicates with its server using proprietary (but documented) protocol +called MPP that works over TCP/IP. Mail.ru Agent uses portal e-mail address as +* [Official Documentation](http://agent.mail.ru/developers/licence.html) (Page + is in Russian) - Documentation may not be completable with GPL or other +## Additional Information +* [Wikipedia](http://en.wikipedia.org/wiki/Mail.ru_Agent) +* [Mail.ru Agent Homepage](http://agent.mail.ru/) +* [one Pidgin plugin](https://code.google.com/p/mrim-prpl/wiki/Main) +* [another Pidgin plugin](https://github.com/dreadatour/pidgin-mra) +* [Perl module](http://search.cpan.org/dist/Net-MRIM/) +* [XMPP transport](http://www.jabber.ru/mrim) --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/mxit.md Sat Apr 09 07:23:53 2022 -0500
+This page is a placeholder, for documentation of the MXit protocol used by the +This is a placeholder for the documentation of the MXit protocol +* [Wikipedia](http://en.wikipedia.org/wiki/MXit) +* [Protocol Documentation](http://wikihost.org/wikis/mxitwiki/wiki/start) +* [Additional Protocol Documentation](http://code.google.com/p/pymxit/) --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/nateon.md Sat Apr 09 07:23:53 2022 -0500
+This page is a draft describing briefly the NateOn protocol. +NateOn is a protocol used mainly in South Korea, where it is the most popular +messenger platform, just before MSN. According to wikipedia.org, NateOn +totalize about 7.54 million users. +It is a proprietary protocol and the only official client runs in Windows but +an [unofficial plugin exists for Pidgin](http://nateon.haz3.com/). Someone else +has a fork [here](https://github.com/difro/pidgin-nateon). +* [Forum (in Korean) with links to the windows and linux plugins for pidgin](http://nateon.haz3.com/) +* [Official site, Korean](http://nateonweb.nate.com/) +* [Wikipedia page](http://en.wikipedia.org/wiki/Nate) +* [Pidgin developer wiki page](http://developer.pidgin.im/wiki/NateOn) --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/okcupid.md Sat Apr 09 07:23:53 2022 -0500
+OkCupid is a free dating site with millions of users. It includes an instant +messaging system in its web interface. +There is an actively-maintained, open-source +[plugin](http://code.google.com/p/okcupid-pidgin/) for Pidgin and Adium. +* [OkCupid home page](http://www.okcupid.com/) +* [Wikipedia page](http://en.wikipedia.org/wiki/OkCupid) --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/psyc.md Sat Apr 09 07:23:53 2022 -0500
+[PSYC (Protocol for SYnchronous Conferencing)](http://www.psyc.eu/) is an open +source text based client used for sending messages to many people at one time, +similar to IRC. It was developed to incorporate social networking and data +* [Overview (official)](http://www.psyc.eu/tech.en.html) +* [MMP](http://www.psyc.eu/mmp.html) +## Additional Information +* [Wikipedia](http://en.wikipedia.org/wiki/PSYC) +* [PSYC Homepage](http://www.psyc.eu/intro.en.html) --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/qq.md Sat Apr 09 07:23:53 2022 -0500
+QQ is Tencent's IM/presence and social network system. It is widely used in +China, especially in mobile space. It has the biggest number of users in all IM +systems in the world. It the second IM system after ICQ (and AIM). +[Also big in South Africa apparently](http://adium.im/help/pgs/Accounts-QQ.html). +QQ used to be supported in libpurple, but it +[no longer is](http://developer.pidgin.im/ticket/13193). There is a +[Pidgin plugin](http://code.google.com/p/libqq-pidgin/) for QQ. +The QQ2010 protocol has been reverse engineered and documented +[here](http://code.google.com/p/libqq-pidgin/wiki/QQ2010Protocol). +## Additional Information +* [Official Site](http://qq.com) +* [Wikipedia page](http://en.wikipedia.org/wiki/Tencent_QQ) +* [QQ2010 Protocol](http://code.google.com/p/libqq-pidgin/wiki/QQ2010Protocol) +* [Pidgin plugin](http://code.google.com/p/libqq-pidgin/) --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/retroshare.md Sat Apr 09 07:23:53 2022 -0500
+[Retroshare](http://retroshare.sourceforge.net/index.html) is a instant +messaging network which communicates directly between users instead of through --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/rtp.md Sat Apr 09 07:23:53 2022 -0500
+The Real-time Transport Protocol (RTP) is a IETF standard protocol for +delivering audio and video content across the Internet. +The RTP protocol uses dynamic port ranges and is usually configured with port +* [IETF Documentation](http://www.ietf.org/rfc/rfc1889.txt) +* [Wikipedia](http://en.wikipedia.org/wiki/Real-time_Transport_Protocol) --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/sametime.md Sat Apr 09 07:23:53 2022 -0500
+[Sametime](http://www-306.ibm.com/software/lotus/sametime/) was developed by +IBM as a business instant messenger that integrates with Lotus Notes and third +party software such as Microsoft Office. Though it is a closed protocol it +offers support for communications standards and standard protocols, including +Session Initiation Protocol (SIP), SIMPLE, T.120, XMPP, and H.323. One of the +features is IBM Lotus Sametime Gateway, which adds support for communication +with users of AOL, Yahoo, Google Talk and various XMPP based Jabber +* [Meanwhile - Reverse engineered](http://meanwhile.sourceforge.net/wiki/Meanwhile) +## Additional Information +* [Wikipedia](http://en.wikipedia.org/wiki/IBM_Lotus_Sametime) +* [Sametime Homepage](http://www-306.ibm.com/software/lotus/sametime/) --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/silc.md Sat Apr 09 07:23:53 2022 -0500
+[Secure Internet Live Conferencing (SILC)](http://silcnet.org/) is a open +instant messaging protocol that stresses security and flexibility. +The SILC protocol can be divided in three main parts: +* SILC Key Exchange (SKE) protocol + * The SKE protocol is used to establish session key and other security + parameters for protecting the SILC Packet protocol. The SKE itself is + based on the Diffie-Hellman key exchange algorithm (a form of asymmetric + cryptography) and the exchange is protected with digital signatures. +* SILC Authentication protocol + * The SILC Authentication protocol is performed after successful SKE + protocol execution to authenticate a client and/or a server. The + authentication may be based on passphrase or on digital signatures, and + if successful gives access to the relevant SILC network. + * The SILC Packet protocol is intended to be a secure binary packet + protocol, assuring that the content of each packet (consisting of a + packet header and packet payload) is secured and authenticated. The + packets are secured using algorithms based on symmetric cryptography and + authenticated by using Message Authentication Code algorithm, HMAC. +SILC protocol additionally defines SILC Commands that are used to manage the +SILC provides channels (groups), nicknames, private messages, and other common +features. However, SILC nicknames, in contrast to many other protocols (e.g. +IRC), are not unique; a user is able to use any nickname, even if one is +already in use. The real identification in the protocol is performed by unique +Client ID. The SILC protocol uses this to overcome nickname collision, a +problem present in many other protocols. +All messages sent in a SILC network are binary, allowing them to contain any +type of data, including text, video, audio, and other multimedia data. +SILC channels (groups) are protected by using symmetric channel keys. It is +optionally possible to digitally sign all channel messages. It is also possible +to protect messages with a privately-generated channel key that has been +previously agreed upon by channel members. Private messages between users in a +SILC network are protected with session keys. It is, however, possible to +execute SKE protocol between two users and use the generated key to protect +private messages. Private messages may be optionally digitally signed. When +messages are secured with key material generated with the SKE protocol or +previously agreed upon key material (for example, passphrases) SILC provides +security even when the SILC server may be compromised. +* [SILC](http://silcnet.org/support/documentation/specs/) +## Additional Information +* [Wikipedia](http://en.wikipedia.org/wiki/SILC_(protocol)) +* [SILC Homepage](http://silcnet.org/) --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/simple.md Sat Apr 09 07:23:53 2022 -0500
+SIP for Instant Messaging and Presence Leveraging Extensions (SIMPLE) is based +off of SIP and is a developing open standard protocol for instant messaging. +Despite its name, SIMPLE is defined by about 30 documents or more than 1000 +pages (7 times more than HTTP 1.1, 15 times more than SMTP and IRC). Some of it +has been standardized by the IETF, other parts are still works in progress. +* [IETF Documentation](http://tools.ietf.org/wg/simple/) +* [SIP Protocol](http://www.ietf.org/rfc/rfc3261.txt) +## Additional Information +* [Wikipedia](http://en.wikipedia.org/wiki/SIMPLE) +* [SIP Wikipedia](http://en.wikipedia.org/wiki/Session_Initiation_Protocol) --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/skype.md Sat Apr 09 07:23:53 2022 -0500
+This page is a placeholder, for documentation of the Skype protocol used by +Some initial work has been done by Efim Bushmanov to reverse engineered the +skype protocol and can be found +[here](http://skype-open-source.blogspot.com/2011/06/skype-protocol-reverse-engineered.html). +Warning: depending on how the developer reverse engineered the protocol (such +as decompiling Skype's binaries) using the documentation may possibly violate +US copyright law and/or the DMCA. +All Skype desktop clients (i.e. Windows, Mac OS X, and Linux) have an +[API](http://developer.skype.com/accessories) which allows other programs +running on the computer to perform Skype actions and receive Skype +notifications on the logged-in Skype account by inter-process communication +with the Skype client. The downsides of this are that 1) you need to have the +Skype client GUI running for this to work, 2) only one account can be logged +into Skype at once (unless you somehow run multiple instances of the Skype +client), and 3) not all features are available in the API. +Skype also offers something called +[SkypeKit](http://developer.skype.com/public/skypekit), which is essentially +the above-mentioned API as a library so you don't have to run a separate Skype +program. With this, [Trillian 5.1 for Windows directly supports native Skype +chat and audio and video calls without running the Skype client](http://blog.trillian.im/?p=2366). +However, there are a lot of legal restrictions on the use of SkypeKit, e.g. you +cannot put it on a mobile device, and you cannot run it on a server. +* [Wikipedia](http://en.wikipedia.org/wiki/Skype) +* [Some basic descriptions of the Skype protocol](http://www1.cs.columbia.edu/~salman/skype/index.html) +* [a Pidgin plugin that relies on the Skype client](https://code.google.com/p/skype4pidgin/) +* [Skype log file analysis](http://www.docstoc.com/docs/51978646/Skype-Log-File-Analysis) --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/steamfriends.md Sat Apr 09 07:23:53 2022 -0500
+Steam Friends is an instant messaging protocol that is built into Steam, a game +content delivery system developed by Valve. This page details the protocol +specification for Steam Friends as was ascertained though reverse-engineering. +Steam Friends uses UDP on port 27017. Connections have been made to at least +* 68.142.64.164 (resolves to valve-68-142-64-164.cust.phx3.llnw.net) +The client is using WSASendTo to send messages to friends +On top of UDP, another layer is implemented to keep track of sequencing and +splitting of packets. This layers prepends every packet with the following + <td colspan="2">"VS01"</td> + <td colspan="2">source</td> + <td colspan="2">destination</td> + <td colspan="2">sequence #</td> + <td colspan="2"> last rcv.#</td> + <td colspan="2">split count</td> + <td colspan="2">seq. # of 1st packet</td> + <td colspan="2">data length</td> +**Note**: These values are little-endian, which is not network order. +**Steam Protocol Header Fields Description** +Field | Type | Length (bytes) | Description +----- | ---- | -------------- | ----------- +"VS01" | 4 chars | 4 | the 4 characters 'V', 'S', '0', '1' (0x56, 0x53, 0x30, 0x31) +packet len | integer | 2 | the length of the packet after this header +type & bits | byte & bit-field | 2 | the first byte is possibly some type identifier. It is always <8 +destination | integer | 4 | the destination ID of the packet +source | integer | 4 | the source ID of the packet +sequence # | integer | 4 | the packet's sequence number. server and client keep track of own numbers +last recv. # | integer | 4 | the sequence number of the last packet received +split count | integer | 4 | the number of packets the current message was split in to +seq. # of 1st packet | integer | 4 | the sequence number of the first packet for current message +data length | integer | 4 | the length of the data in this message (which will be greater than packet length if the message is split) +Client initiates the login by sending a type: 0x0001, seq: 1, src: 0x00000200, +dst: 0x00000000, split: 0, and no data to the server +00: 56 53 30 31 00 00 01 00 00 02 00 00 00 00 00 00 +10: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 +Server responds with type: 0x0002, seq: 1, ack: 1, src: 0x00000000, dst: +0x00000200, split: 0, with 8 bytes of data attached +00: 56 53 30 31 08 00 02 00 00 00 00 00 00 02 00 00 +10: 01 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 +20: 00 00 00 00 d6 3c 10 f0 a4 00 00 00 +Client responds with type: 0x0403, sequence: 1, last: 1, dst: 0x00000200, +split: 1, with 4 bytes of data attached. This 4 bytes corresponds to the first +4 bytes that the server sent (in LE) XORed with 0xA426DF2B +00: 56 53 30 31 04 00 03 04 00 02 00 00 00 00 00 00 +10: 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 +20: 04 00 00 00 fd e3 36 54 +Server responds with type: 0x0404, seq: 2, ack: 1, src: this becomes the dest +for all subsequent packets from client, split: 1 +00: 56 53 30 31 00 00 04 04 00 eb b9 14 00 02 00 00 +10: 02 00 00 00 01 00 00 00 01 00 00 00 02 00 00 00 +Server sends type: 0x0406, seq: 3, acq: 1, with the following 28 byte data +stream: "17 05 00 00 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 01 00 00 +00: 56 53 30 31 1c 00 06 04 00 eb b9 14 00 02 00 00 +10: 03 00 00 00 01 00 00 00 01 00 00 00 03 00 00 00 +20: 1c 00 00 00 17 05 00 00 ff ff ff ff ff ff ff ff +30: ff ff ff ff ff ff ff ff 01 00 00 00 01 00 00 00 +Client responds type: 0x0406, seq: 2, acq: 3, with the following data stream: +"18 05 00 00 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 01 00 00 00 80 00 +00 00 [128 byte RSA encrypted data block containing a 32 byte random session +key generated by the client, xx] [CRC32 of preceding 128 bytes, cc] 00 00 00 +00: 56 53 30 31 a4 00 06 04 00 02 00 00 00 34 7e fe +10: 03 00 00 00 03 00 00 00 01 00 00 00 03 00 00 00 +20: a4 00 00 00 18 05 00 00 ff ff ff ff ff ff ff ff +30: ff ff ff ff ff ff ff ff 01 00 00 00 80 00 00 00 +40: xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx +50: xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx +60: xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx +70: xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx +80: xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx +90: xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx +a0: xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx +b0: xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx +c0: cc cc cc cc 00 00 00 00 +Server responds with type: 0x0406 with the following 24 bytes of data: "19 05 +00 00 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 01 00 00 00" +00: 56 53 30 31 18 00 06 04 00 34 7e fe 00 02 00 00 +10: 04 00 00 00 03 00 00 00 01 00 00 00 04 00 00 00 +20: 18 00 00 00 19 05 00 00 ff ff ff ff ff ff ff ff +30: ff ff ff ff ff ff ff ff 01 00 00 00 +Server and Client now sends messages which are AES encrypted with Cipher-block +chaining (CBC). The key for the packets is transferred within the previous +message exchange. The IV used for the CBC is computed from the first 16 bytes +of each message. The decypted message appear to be compressed uses the zlib +libraries, however I've been unable to decompress them thus far. +The encryption method has yet to be determined. There was some discussion on +the pidgin mailing list that they might use the ICE (Information Concealment +Engine) for encryption. According to the Valve Developer pages, ICE is used to +encrypt script files used for games, so it does not seem completely +unreasonable that they could use it for their communication protocol, however, +it doesn't necessarily imply that they do use it for encryption of network +Dissecting the steamclient.dll, there doesn't seem to be anything obvious that +would identify the use of ICE. However, there are several references to the + * AlgorithmParametersBase + * CipherModeBase: GetNextIV() must be called on an encryption object +In addition, there is some thought that the 128 bytes transferred from the +client to the server (see above) might be a 1024-bit RSA public encryption key. +Noticing that the client begins sending data to the server before the server +has been able to send a key to the client, it is likely that the client has the +server's public key stored locally somewhere. However, this doesn't help with +figuring out the requests being sent by the client, unless we were to somehow +insert a fake public key for which we have the private key, then decrypt what +the client tries to send to the server. Once that's been done, the rest would +be fairly straightforward: Just send our own public key to the server, then +decrypt the responses we get back. +128 unique bytes marked with {} +30 81 9D 30 0D 06 09 2A 86 48 86 F7 0D 01 01 01 +05 00 03 81 8B 00 30 81 87 02 81 81 00{DF EC 1A +D6 2C 10 66 2C 17 35 3A 14 B0 7C 59 11 7F 9D D3 +D8 2B 7A E3 E0 15 CD 19 1E 46 E8 7B 87 74 A2 18 +46 31 A9 03 14 79 82 8E E9 45 A2 49 12 A9 23 68 +73 89 CF 69 A1 B1 61 46 BD C1 BE BF D6 01 1B D8 +81 D4 DC 90 FB FE 4F 52 73 66 CB 95 70 D7 C5 8E +BA 1C 7A 33 75 A1 62 34 46 BB 60 B7 80 68 FA 13 +A7 7A 8A 37 4B 9E C6 F4 5D 5F 3A 99 F9 9E C4 3A +E9 63 A2 BB 88 19 28 E0 E7 14 C0 42 89}02 01 11 +30 81 9D 30 0D 06 09 2A 86 48 86 F7 0D 01 01 01 +05 00 03 81 8B 00 30 81 87 02 81 81 00{AE D1 4B +C0 A3 36 8B A0 39 0B 43 DC ED 6A C8 F2 A3 E4 7E +09 8C 55 2E E7 E9 3C BB E5 5E 0F 18 74 54 8F F3 +BD 56 69 5B 13 09 AF C8 BE B3 A1 48 69 E9 83 49 +65 8D D2 93 21 2F B9 1E FA 74 3B 55 22 79 BF 85 +18 CB 6D 52 44 4E 05 92 89 6A A8 99 ED 44 AE E2 +66 46 42 0C FB 6E 4C 30 C6 6C 5C 16 FF BA 9C B9 +78 3F 17 4B CB C9 01 5D 3E 37 70 EC 67 5A 33 48 +F7 46 CE 58 AA EC D9 FF 4A 78 6C 83 4B}02 01 11 +* [Third-party Plugin](http://code.google.com/p/pidgin-opensteamworks/) + developed for Pidgin (GNU GPL v3, uses Steam Mobile API as of version 1.0, + users of this appear to the network as if on a mobile device) +* Valve [developer wiki page](http://developer.valvesoftware.com/wiki/Friends) +* [Wikipedia page](http://en.wikipedia.org/wiki/Steam_%28content_delivery%29) +* [Ticket](http://developer.pidgin.im/ticket/3987) requesting support for the + Steam protocol within libpurple +* [Ticket request](http://developer.pidgin.im/ticket/14514): Create + cross-platform Steam chat plugin with Steamkit2 +* December 2007 Pidgin mailing list + [thread](http://pidgin.im/pipermail/devel/2007-December/thread.html#4263) +* February 2008 Pidgin mailing list + [thread](http://pidgin.im/pipermail/devel/2008-February/thread.html#4876) +* Valve Developer Information about + [ICE](http://developer.valvesoftware.com/wiki/ICE) +* [Vapor](http://www.facepunch.com/threads/1057523-Vapor-Cross-Platform-Steam-Client) - + open-source Steam client for Linux/Windows +* [Open SteamWorks](https://bitbucket.org/VoiDeD/open-steamworks/overview) - + open-source, platform independent Steam client, written in Mono (MS NET) +* [SteamRE](https://bitbucket.org/VoiDeD/steamre/overview) - Successor of +* [libsteam](https://github.com/SergeB/libsteam) - C-Library which offers basic + steam protocol functions such as login +* [SteamDroid](https://github.com/FlyingPie/SteamDroid) - SteamFriends chat + client for android devices (source, written in java) +* Even more implementations: + * [ChewieBot_SteamRE](https://github.com/cessna/ChewieBot_SteamRE/tree/master/ChewieBot_SteamRE) + * [BitlSteam](https://github.com/vahokif/BitlSteam) + * [python-steam](https://github.com/meltingwax/python-steam) + * [Vaporized](https://github.com/hekar/Vaporized) + * [pocketSteam](https://github.com/azzymaster/pocketSteam) + * [SteamMobileLib](https://github.com/Doridian/SteamMobileLib) --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/tlen.pl.md Sat Apr 09 07:23:53 2022 -0500
+[Tlen.pl](http://en.wikipedia.org/wiki/Tlen.pl) protocol is documented at +[docs.malcom.pl/tlen/proto/](http://docs.malcom.pl/tlen/proto/) (in polish). +* [Pidgin plugin](http://nic.com.pl/~alek/pidgin-tlen/) --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/toc2.md Sat Apr 09 07:23:53 2022 -0500
+The TOC2 protocol is an updated version of the TOC protocol, or "Talk to OSCAR" +protocol. Its existence was never documented by AOL and it is only used in a +few AOL Instant Messenger clients. Some clients are beginning to offer plugins +for TOC2 in light of AOL's recent shutdown of their TOC servers. Like its +predecessor, TOC2 is an ASCII protocol and lacks some features of OSCAR, but +unlike TOC, TOC2 is known to support buddy icons and receiving file transfers +* [Zimnox](http://zimnox.com/?page=toc2) +* [TerraIM](http://terraim.svn.sourceforge.net/viewvc/*checkout*/terraim/trunk/terraim_source/src/toc/TOC2.txt) +## Additional Information +* [Wikipedia](http://en.wikipedia.org/wiki/TOC2_protocol) --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/wangwang.md Sat Apr 09 07:23:53 2022 -0500
+[download WangWang](http://im.alisoft.com/download/index.html?traceLog=alisoft) +Second largest IM in China --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/xfire.md Sat Apr 09 07:23:53 2022 -0500
+xfire IM server = cs.xfire.com +open connection to cs.xfire.com +send OC1 to cs.xfire.com +send Packet 18 to cs.xfire.com +send AUTH1 to cs.xfire.com +salt = 40 byte SHA1 thing +When we have a password null and username null we receive this hash in the config: +5853ab14df6d90744943734beee321f09b5eaf41 +this hash comes from this: +the hash in the config is this: +sha1(username password UltimateArena) +we send the password with this: +sha1(sha1(username password UltimateArena) salt) +Every packet has a packet header. Its constructed in the following way. +X1, X2 = packet length = X1 + X2*256 +00 = unknown, perhaps the same thing as packet length for packet ID +ZZ = number of attributes that are in that packet. +## Authentification(Client side) +This Packet opens the connection to the server. +It only contains a String: +00000000 55 41 30 31 UA01 +We send Basic information about our client. +1. the version of each skin +packet_length 00 type(18) 00 numberOfAtts //skins and versions of skins are 1 +attribute_length 'skin' 04 01 numberOfSkins 00 lengthOfNextSkin 00 nameOfSkin LengthOfNextSkin 00 nameOfSkin (..andSoOn..) +attribute_length 'version' 04 02 numberOfSkins 00 (forEachSkin){ 01 00 00 00 } 12 00 03 00 01 +attribute_length 'version' 02 versionNumber 00 00 00 +00000004 33 00 12 00 02 04 73 6b 69 6e 04 01 02 00 08 00 3.....sk in...... +00000014 53 74 61 6e 64 61 72 64 05 00 58 66 69 72 65 07 Standard ..Xfire. +00000024 76 65 72 73 69 6f 6e 04 02 02 00 01 00 00 00 01 version. ........ +00000034 00 00 00 12 00 03 00 01 07 76 65 72 73 69 6f 6e ........ .version +We send our username and password, which is encrypted, to the server +Password = sha1(sha1(username + password + "UltimateArena") + salt) +packet_length 00 type(01) 00 numberOfAtts +attribute_length 'name' usernameLength_length usernameLength 00 username +attribute_length 'password' passwdLength_length passwdLength 00 cryptedPassword +00000049 49 00 01 00 02 04 6e 61 6d 65 01 08 00 61 73 72 I.....na me...asr +00000059 61 6e 69 65 6c 08 70 61 73 73 77 6f 72 64 01 28 aniel.pa ssword.( +00000069 00 38 30 30 31 34 31 65 36 35 30 31 36 32 30 66 .800141e 6501620f +00000079 61 39 30 34 65 31 61 66 62 66 61 36 31 66 30 63 a904e1af bfa61f0c +00000089 34 65 31 33 35 38 64 66 65 4e1358df e +packet_length 00 type(4) 00 numberOfAtts +attribute_length 'gameid' 02 gameid +00000443 11 00 04 00 01 06 67 61 6d 65 69 64 02 00 00 00 ......ga meid.... +packet_length 00 type(6) 00 numberOfAtts +attribute_length 'name' number_of_names name_length 00 name +attribute_length 'msg' number_of_msgs msg_length 00 msg +0000020A 33 00 06 00 02 04 6e 61 6d 65 01 06 00 6b 65 61 3.....na me...kea +0000021A 6d 6f 73 03 6d 73 67 01 19 00 43 75 73 74 6f 6d mos.msg. ..Custom +0000022A 20 69 6e 76 69 74 61 74 69 6f 6e 20 6d 65 73 73 invitat ion mess +packet_length 00 packet_type(07) 00 numberOfAtts +attribute_length 'name' 01 name_length 00 name +00000000 15 00 07 00 01 04 6e 61 6d 65 01 08 00 61 73 72 ......na me...asr +00000010 61 6e 69 65 6c aniel +1. the userid to be removed +packet_length 00 type(09) 00 numberOfAtts +attribute_length 'userid' 02 userid +000001CB 11 00 09 00 01 06 75 73 65 72 69 64 02 ab 3c 02 ......us erid..<. +(nextSegmentLength 00 0b 00 numberOfAtts-1) +attribute_length 'type' 02 01 00 00 00 +attribute_length 'status' 05 01 +attribute_length 't' statusLength_length statusLength 00 status +(nextSegmentLength 00 0b 00 numberOfAtts 1) +attribute_length 'type' 02 00 00 00 00 +00000000 35 00 0b 00 02 04 74 79 70 65 02 01 00 00 00 06 5.....ty pe...... +00000010 73 74 61 74 75 73 05 01 01 74 01 18 00 62 75 61 status.. .t...bua +00000020 68 61 68 61 2c 20 73 65 67 66 61 75 6c 74 20 68 haha, se gfault h +00000030 65 61 76 65 6e eaven +00000035 0f 00 0b 00 02 04 74 79 70 65 02 00 00 00 00 ......ty pe..... +Aks for more information about a buddy +packet_length 00 type(12) 00 numberOfAtts +attribute_length 'name' number_of_names name_length 00 name +attribute_length 'fname' number_of_fnames fname_length 00 fname //first name +attribute_length 'lname' number_of_lnames lname_length 00 lname //last name +attribute_length 'email' number_of_emails email_length 00 email +000001DC 2e 00 0c 00 04 04 6e 61 6d 65 01 06 00 6b 65 61 ......na me...kea +000001EC 6d 6f 73 05 66 6e 61 6d 65 01 00 00 05 6c 6e 61 mos.fnam e....lna +000001FC 6d 65 01 00 00 05 65 6d 61 69 6c 01 00 00 me....em ail... +packet_length 00 type(12) 00 numberOfAtts +attribute_length 'nick' nickLength_length nickLength 00 nick +000003B2 1b 00 0e 00 01 04 6e 69 63 6b 01 0e 00 43 68 61 ......ni ck...Cha +000003C2 6e 67 69 6e 67 20 6e 69 63 6b 73 nging ni cks +We send some information about us to the server +packet_length 00 packet_type(16) 00 numberOfAtts +attribute_length 'lang' langLength_length langLength 00 'de' +attribute_length 'skin' skinLength_length skinLength 00 SkinName +attribute_length 'theme' themeLength_length themeLength 00 theme +attribute_length 'partner' 01 00 00 +000000B5 37 00 10 00 04 04 6c 61 6e 67 01 02 00 75 73 04 7.....la ng...us. +000000C5 73 6b 69 6e 01 04 00 53 43 43 54 05 74 68 65 6d skin...S CCT.them +000000D5 65 01 08 00 52 75 62 79 20 52 65 64 07 70 61 72 e...Ruby Red.par +000000E5 74 6e 65 72 01 00 00 tner... +## Authentification(Serverside) +With this packet the server asks for authentification. We answer with packet +1. the version of each skin +packet_length 00 type(80) 00 numberOfAtts +attribute_length 'salt' saltLength_length saltLength 00 salt +00000000 35 00 80 00 01 04 73 61 6c 74 01 28 00 66 62 36 5.....sa lt.(.fb6 +00000010 62 39 34 64 38 31 38 39 65 64 31 36 32 39 35 31 b94d8189 ed162951 +00000020 32 35 34 66 34 64 32 38 39 38 30 31 34 63 66 37 254f4d28 98014cf7 +00000030 66 65 65 63 64 feecd +This error tells us that we dont have a valid username and password +1. the reason for the connection refusing +packet_length 00 packet_type(129) 00 numberOfAtts +attribute_length 'reason' 02 00 00 00 00 +00000035 11 00 81 00 01 06 72 65 61 73 6f 6e ......re ason.... +We get this package as soon as we are logged +length_Of_packet 00 packet_type(130) 00 numberOfAtts +attribute_length 'userid' 02 userid 00 +attribute_length 'sid' 03 sid(length = 16) +attribute_length 'nick' nickLength_length nickLength 00 nick(can be 00 if no nick is set) +attribute_length 'status' 02 03 00 00 00 +attribute_length 'dlset' 01 00 00 +attribute_length 'p2pset' 01 00 00 +attribute_length 'clntset' 01 00 00 +attribute_length 'minrect' 02 01 00 00 00 +attribute_length 'maxrect' 02 84 03 00 00 +attribute_length 'ctry' 02 83 02 00 00 +attribute_length 'n1' 02 3C B2 58 D0 +attribute_length 'n2' 02 3D B2 58 D0 +attribute_length 'n3' 02 3E B2 58 D0 +attribute_length 'pip' 02 9C A5 80 5F +attribute_length 'salt' 01 saltLength 00 salt +attribute_length 'reason' 01 reasonLength 00 reason +00000035 43 00 82 00 05 06 75 73 65 72 69 64 02 82 9c 09 C.....us erid.... +00000045 00 03 73 69 64 03 e3 f5 63 c0 8a 9c f8 1b 55 79 ..sid... c.....Uy +00000055 dd f8 d8 11 e3 14 04 6e 69 63 6b 01 00 00 06 73 .......n ick....s +00000065 74 61 74 75 73 02 03 00 00 00 05 64 6c 73 65 74 tatus... ...dlset +00000035 49 00 82 00 05 06 75 73 65 72 69 64 02 ab 3c 02 I.....us erid..<. +00000045 00 03 73 69 64 03 1f 31 a4 91 e2 2a 7b 19 e0 00 ..sid..1 ...*{... +00000055 4d 9e 7a 58 e8 6b 04 6e 69 63 6b 01 06 00 4b 65 M.zX.k.n ick...Ke +00000065 61 6d 6f 73 06 73 74 61 74 75 73 02 03 00 00 00 amos.sta tus..... +00000075 05 64 6c 73 65 74 01 00 00 .dlset.. . +Contact List, usernames and their nicks +all usernames and their nicks +(nextSegmentLength type(131) 00 numberOfAtts) +attribute_length 'friends' 04 01 numberOfFriends 00 userLength 00 userName userLength 00 userName +attribute_length 'nick' 04 01 numberOfFriends 00 nickLength 00 nick nickLength 00 nick +attribute_length 'userid' 04 02 numberOfFriends 00 userID userID +00000035 49 00 83 00 05 06 75 73 65 72 69 64 02 ab 3c 02 I.....us erid..<. +00000045 00 03 73 69 64 03 1f 31 a4 91 e2 2a 7b 19 e0 00 ..sid..1 ...*{... +00000055 4d 9e 7a 58 e8 6b 04 6e 69 63 6b 01 06 00 4b 65 M.zX.k.n ick...Ke +00000065 61 6d 6f 73 06 73 74 61 74 75 73 02 03 00 00 00 amos.sta tus..... +00000075 05 64 6c 73 65 74 01 00 00 .dlset.. . +Contact List, buddys online +(nextSegmentLength 00 type(132) 00 numberOfAtts) +attribute_length 'userid' 04 02 01 00 ab 3c 02 00 +attribute_length 'sid' 04 03 01 00 sid(16bytes) +000000D2 XX XX XX XX XX XX XX XX XX XX XX XX 2c 00 84 00 XXXXXXXX XXXX,... +000000E2 02 06 75 73 65 72 69 64 04 02 01 00 ab 3c 02 00 ..userid .....<.. +000000F2 03 73 69 64 04 03 01 00 8a ab d5 34 62 16 27 d7 .sid.... ...4b.'. +00000102 0a ee 01 de dd 5b fd 95 .....[.. +000003C8 00 84 00 02 06 75 73 65 72 69 64 04 02 07 00 d6 .....use rid..... +000003D8 33 01 00 ab 3c 02 00 82 9c 09 00 09 30 0a 00 53 3...<... ....0..S +000003E8 06 0c 00 09 01 0d 00 8c b2 12 00 03 73 69 64 04 ........ ....sid. +000003F8 03 07 00 22 ea 0f a1 fc 03 9e bf 5a 01 a5 8e 32 ...".... ...Z...2 +00000408 8d 9e 8c 08 c7 32 b9 61 00 70 0e 3c ad 46 79 c7 .....2.a .p.<.Fy. +00000418 a3 d9 ad 92 27 41 6c 35 be aa f6 76 ea b0 cd e5 ....'Al5 ...v.... +00000428 5e 27 79 27 58 68 cf 55 f7 de e9 b8 95 ca 1c 38 ^'y'Xh.U .......8 +00000438 a2 3a 6b 73 c7 d9 6e d6 91 01 e9 c1 ec 50 bf fc .:ks..n. .....P.. +00000448 09 58 4a aa 5f b2 5b 0c 75 a1 de f6 79 44 f3 e6 .XJ._.[. u...yD.. +00000458 e4 fb 61 23 b7 5d 8d 20 98 cb 0b 28 4f 9b 81 f5 ..a#.]. ...(O... +0000003E 2c 00 84 00 02 06 75 73 65 72 69 64 04 02 01 00 ,.....us erid.... +0000004E 82 9c 09 00 03 73 69 64 04 03 01 00 00 00 00 00 .....sid ........ +0000005E 00 00 00 00 00 00 00 00 00 00 00 00 ........ .... +auth rejected, version too old +1. the reason for the connection refusing +packet_length 00 packet_type(86) 00 numberOfAtts +attribute_length 'version' 04 02 01 00 wantedVersionNumber 00 00 00 +attribute_length 'file' 04 01 01 00 urlLength 00 url +attribute_length 'command' 04 02 01 00 01 00 00 00 +attribute_length 'fileid' 04 02 01 00 00 00 00 00 +00000035 5a 00 86 00 04 07 76 65 72 73 69 6f 6e 04 02 01 Z.....ve rsion... +00000045 00 23 00 00 00 04 66 69 6c 65 04 01 01 00 1b 00 .#....fi le...... +00000055 68 74 74 70 3a 2f 2f 36 34 2e 35 36 2e 31 39 39 http://6 4.56.199 +00000065 2e 31 33 30 2f 33 35 2e 65 78 65 07 63 6f 6d 6d .130/35. exe.comm +00000075 61 6e 64 04 02 01 00 01 00 00 00 06 66 69 6c 65 and..... ....file +00000085 69 64 04 02 01 00 00 00 00 00 id...... .. +Infos about the game a buddy is playing +(nextSegmentLength 00 87 00 numberOfAtts) +attribute_length 'sid' 04 03 number_of_sids 00 sid(16 bytes) +attribute_length 'gameid' 04 02 number_of_games 00 gameid +attribute_length 'gip' 04 02 number_of_ips 00 ip +attribute_length 'gport' 04 02 number_of_ports 00 port(how coded?) +2a 00 87 00 04 03 73 69 *.....si +00000112 64 04 03 00 00 06 67 61 6d 65 69 64 04 02 00 00 d.....ga meid.... +00000122 03 67 69 70 04 02 00 00 05 67 70 6f 72 74 04 02 .gip.... .gport.. +0000002C 46 00 87 00 04 03 73 69 64 04 03 01 00 25 07 cd F.....si d....%.. +0000003C 17 75 5b 93 58 06 7f 71 80 e2 56 bc 3c 06 67 61 .u[.X..q ..V.<.ga +0000004C 6d 65 69 64 04 02 01 00 40 11 00 00 03 67 69 70 meid.... @....gip +0000005C 04 02 01 00 00 00 00 00 05 67 70 6f 72 74 04 02 ........ .gport.. +0000006C 01 00 00 00 00 00 ...... +7e 00 87 00 04 03 73 69 64 04 03 03 .<.a~... ..sid... +0000036C 00 26 b4 4c 0e 0a 5f 2c e1 2c bd 77 73 a0 25 69 .&.L.._, .,.ws.%i +0000037C 13 ed 0a 6b 01 3c 7f 1f 6e 41 ee dc 40 50 c1 89 ...k.<.. nA..@P.. +0000038C ba 13 96 fa 86 18 22 3a 1c 90 14 be 6a a0 a7 8b ......": ....j... +0000039C fd 06 67 61 6d 65 69 64 04 02 03 00 f9 10 00 00 ..gameid ........ +000003AC 56 10 00 00 78 10 00 00 03 67 69 70 04 02 03 00 V...x... .gip.... +000003BC 00 00 00 00 e6 d4 ef d5 00 00 00 00 05 67 70 6f ........ .....gpo +000003CC 72 74 04 02 03 00 00 00 00 00 cf 3c 00 00 00 00 rt...... ...<.... +0000020D 24 00 8e 00 02 03 73 69 64 03 bc c3 6d 2e 96 74 $.....si d...m..t +0000021D 75 84 3b 8f cc 78 47 f6 a5 c8 04 74 79 70 65 02 u.;..xG. ...type. +0000022D 00 00 00 00 .... +00000231 46 00 87 00 04 03 73 69 64 04 03 01 00 bc c3 6d F.....si d......m +00000241 2e 96 74 75 84 3b 8f cc 78 47 f6 a5 c8 06 67 61 ..tu.;.. xG....ga +00000251 6d 65 69 64 04 02 01 00 56 10 00 00 03 67 69 70 meid.... V....gip +00000261 04 02 01 00 00 00 00 00 05 67 70 6f 72 74 04 02 ........ .gport.. +00000271 01 00 00 00 00 00 ...... +000002BD 46 00 87 00 04 03 73 69 64 04 03 01 00 bc c3 6d F.....si d......m +000002CD 2e 96 74 75 84 3b 8f cc 78 47 f6 a5 c8 06 67 61 ..tu.;.. xG....ga +000002DD 6d 65 69 64 04 02 01 00 56 10 00 00 03 67 69 70 meid.... V....gip +000002ED 04 02 01 00 22 08 26 cf 05 67 70 6f 72 74 04 02 ....".&. .gport.. +000002FD 01 00 fc 6c 00 00 ...l.. +00000303 46 00 87 00 04 03 73 69 64 04 03 01 00 bc c3 6d F.....si d......m +00000313 2e 96 74 75 84 3b 8f cc 78 47 f6 a5 c8 06 67 61 ..tu.;.. xG....ga +00000323 6d 65 69 64 04 02 01 00 56 10 00 00 03 67 69 70 meid.... V....gip +00000333 04 02 01 00 6d e7 70 d4 05 67 70 6f 72 74 04 02 ....m.p. .gport.. +00000343 01 00 cf 3c 00 00 ...<.. +1. the reason for the connection refusing +packet_length 00 packet_type(137) 00 numberOfAtts +attribute_length 'name' number_of_names name_length 00 name +(attribute_length 'reason' 02 00 00 00 00)//error +(attribute_length 'result' 02 00 00 00 00)//success +00000000 1d 00 89 00 02 04 6e 61 6d 65 01 04 00 73 73 64 ......na me...ssd +00000010 66 06 72 65 73 75 6c 74 02 00 00 00 00 f.result ..... +00000000 23 00 89 00 02 04 6e 61 6d 65 01 0a 00 6b 65 6e #.....na me...ken +00000010 73 68 69 6e 33 33 33 06 72 65 73 75 6c 74 02 00 shin333. result.. +Invitiation to be added to the contact list +1. the reason for the connection refusing +packet_length 00 packet_type(138) 00 numberOfAtts +attribute_length 'name' 04 01 01 00 name_length 00 name +attribute_length 'nick' 04 01 01 00 nick_length 00 +attribute_length 'msg' 04 01 01 00 message_length 00 message +48 00 8a 00 03 04 6e 61 6d H .....nam +00000112 65 04 01 01 00 08 00 62 6c 69 74 7a 31 31 31 04 e......b litz111. +00000122 6e 69 63 6b 04 01 01 00 00 00 03 6d 73 67 04 01 nick.... ...msg.. +00000132 01 00 1b 00 41 64 64 20 6d 65 20 74 6f 20 79 6f ....Add me to yo +00000142 75 72 20 46 72 69 65 6e 64 73 20 6c 69 73 74 ur Frien ds list +packet_length type(139) number_of_atts +00000000 11 00 8b 00 01 06 75 73 65 72 69 64 02 ab 3c 02 ......us erid..<. +Online(away) status information +(nextSegmentLength 00 8e 00 numberOfAtts) +attribute_length 'sid' 03 sid(16bytes) +attribute_length 'type' 02 01 00 00 00 +attribute_length 'status' 05 01 +attribute_length 't' statusLength_length statusLength 00 status +00000132 4a 00 8e 00 03 03 73 69 64 03 8a ab d5 34 J..... sid....4 +00000142 62 16 27 d7 0a ee 01 de dd 5b fd 95 04 74 79 70 b.'..... .[...typ +00000152 65 02 01 00 00 00 06 73 74 61 74 75 73 05 01 01 e......s tatus... +00000162 74 01 18 00 28 41 46 4b 29 20 41 77 61 79 20 46 t...(AFK ) Away F +00000172 72 6f 6d 20 4b 65 79 62 6f 61 72 64 rom Keyb oard +This one comes if a user is back online +0000023D 38 00 8e 00 03 03 73 69 64 03 be d8 a8 53 b1 36 8.....si d....S.6 +0000024D 3b e0 c0 e2 3e 6a c6 04 fa 29 04 74 79 70 65 02 ;...>j.. .).type. +0000025D 01 00 00 00 06 73 74 61 74 75 73 05 01 01 74 01 .....sta tus...t. +0000026D 06 00 4f 6e 6c 69 6e 65 ..Online +This one comes if a user is back online +0000004A 24 00 8e 00 02 03 73 69 64 03 0f a6 ae eb d3 b1 $.....si d....... +0000005A 32 99 c3 8a 07 02 92 a8 09 5d 04 74 79 70 65 02 2....... .].type. +0000006A 00 00 00 00 .... +This error tells us that somebody logged in as us from somewhere else +1. the reason for the connection aborting +packet_length 00 packet_type(145) 00 numberOfAtts +attribute_length 'reason' 02 01 00 00 00 +0000022D 11 00 91 00 01 06 72 65 61 73 6f 6e 02 01 00 00 ......re ason.... +Some game information? No username or so... +(nextSegmentLength type(131) 00 numberOfAtts) +attribute_length 'gameid' +attribute_length 'gport' +000000A8 00 94 00 04 03 6d 61 78 02 1e 00 00 00 06 67 61 .....max ......ga +000000B8 6d 65 69 64 04 02 01 00 09 10 00 00 03 67 69 70 meid.... .....gip +000000C8 04 02 01 00 4e db 13 43 05 67 70 6f 72 74 04 02 ....N..C .gport.. +000000D8 01 00 e7 38 00 00 ...8.. +Packet is 654(28e) bytes long +00000138 XX 8e 02 83 00 03 07 66 72 69 65 6e 64 73 04 01 0......f riends.. +00000148 1e 00 0a 00 6a 65 73 75 73 66 72 65 61 6b 05 00 ....jesu sfreak.. +00000158 67 6c 6f 62 65 09 00 6d 61 74 63 68 62 6f 6f 6b globe..m atchbook +00000168 06 00 6b 65 61 6d 6f 73 08 00 64 33 66 31 61 6e ..keamos ..d3f1an +00000178 63 33 09 00 70 6c 6f 6b 6b 72 31 32 33 0c 00 65 c3..plok kr123..e +00000188 65 74 75 72 77 65 65 64 69 65 73 09 00 62 69 67 eturweed ies..big +00000198 73 63 68 69 6d 73 08 00 61 73 72 61 6e 69 65 6c schims.. asraniel +000001A8 06 00 6b 6f 6f 6c 69 6f 06 00 63 68 61 6f 73 6b ..koolio ..chaosk +000001B8 08 00 70 6f 69 6e 74 33 31 34 05 00 6f 72 69 61 ..point3 14..oria +000001C8 68 0e 00 61 6c 62 69 6e 6f 63 68 69 6e 61 6d 61 h..albin ochinama +000001D8 6e 0b 00 75 6e 68 6f 6c 79 6d 61 6b 65 72 09 00 n..unhol ymaker.. +000001E8 64 61 64 64 79 6e 6f 6f 6f 0c 00 64 6f 72 6b 79 daddynoo o..dorky +000001F8 74 69 66 66 61 6e 79 09 00 6c 61 7a 65 72 6d 61 tiffany. .lazerma +00000208 6e 65 06 00 62 65 65 66 67 74 0c 00 69 61 6d 74 ne..beef gt..iamt +00000218 68 65 6b 69 6c 6c 65 72 08 00 62 6c 69 74 7a 31 hekiller ..blitz1 +00000228 31 31 07 00 6d 61 64 67 75 6e 61 0a 00 66 6c 69 11..madg una..fli +00000238 70 73 74 79 6c 65 65 07 00 65 63 6f 6d 69 6b 65 pstylee. .ecomike +00000248 0f 00 66 6f 73 68 65 65 7a 79 6d 79 6e 65 65 7a ..foshee zymyneez +00000258 79 09 00 69 61 6d 6d 6f 75 73 65 79 07 00 61 70 y..iammo usey..ap +00000268 68 65 74 74 6f 0c 00 69 6c 6c 73 6b 69 6c 6c 73 hetto..i llskills +00000278 37 31 39 07 00 64 73 79 70 68 65 72 0d 00 70 68 719..dsy pher..ph +00000288 6f 65 6e 69 78 69 6e 71 75 69 73 04 6e 69 63 6b oenixinq uis.nick +00000298 04 01 1e 00 0a 00 4a 65 73 75 73 46 72 65 61 6b ......Je susFreak +000002A8 00 00 09 00 4d 61 74 63 68 62 6f 6f 6b 06 00 4b ....Matc hbook..K +000002B8 65 61 6d 6f 73 08 00 44 65 66 69 61 6e 63 65 00 eamos..D efiance. +000002C8 00 04 00 6c 6f 4f 6c 09 00 42 69 67 53 63 68 69 ...loOl. .BigSchi +000002D8 6d 73 00 00 06 00 4b 6f 6f 6c 69 6f 0c 00 43 68 ms....Ko olio..Ch +000002E8 61 6f 73 20 4b 69 6c 6c 65 72 00 00 00 00 00 00 aos Kill er...... +000002F8 06 00 55 6e 68 6f 6c 79 00 00 00 00 09 00 4c 61 ..Unholy ......La +00000308 7a 65 72 4d 61 6e 65 00 00 00 00 00 00 00 00 00 zerMane. ........ +00000318 00 05 00 44 72 55 6e 4b 09 00 66 61 20 73 68 65 ...DrUnK ..fa she +00000328 65 7a 79 05 00 6d 6f 55 73 65 00 00 00 00 0a 00 ezy..moU se...... +00000338 44 61 72 6b 53 79 70 68 65 72 00 00 06 75 73 65 DarkSyph er...use +00000348 72 69 64 04 02 1e 00 fc 31 01 00 79 32 01 00 d6 rid..... 1..y2... +00000358 33 01 00 ab 3c 02 00 a2 93 02 00 e3 3c 04 00 42 3...<... ....<..B +00000368 f9 04 00 7c af 05 00 82 9c 09 00 05 24 0a 00 09 ...|.... ....$... +00000378 30 0a 00 41 a1 0a 00 0c a4 0a 00 ec ae 0a 00 dd 0..A.... ........ +00000388 ce 0a 00 c6 a1 0b 00 13 fa 0b 00 53 06 0c 00 ca ........ ...S.... +00000398 1c 0c 00 62 67 0c 00 09 01 0d 00 2f 8f 0d 00 7c ...bg... .../...| +000003A8 31 0e 00 f3 a5 0e 00 e9 fa 10 00 c3 2c 11 00 d7 1....... ....,... +000003B8 7d 11 00 32 8d 11 00 8c b2 12 00 6b 16 15 00 XX }..2.... ...k.... +This is a LONG packet, which means, the length at the beginning is not the +total length of the packet. +nextSegmentLength 00 8d 00 numberOfAtts +attribute_length 'prefs' 05 00 +(nextSegmentLength 00 83 00 numberOfAtts) +attribute_length 'friends' 04 01 02 00 userLength 00 userName userLength 00 userName +attribute_length 'nick' 04 01 02 00 nickLength 00 nick nickLength 00 nick +attribute_length 'userid' 04 02 02 00 userID userID +(nextSegmentLength 00 84 00 numberOfAtts) +attribute_length 'userid' 04 02 01 00 ab 3c 02 00 +attribute_length 'sid' 04 03 01 00 sid(16bytes) +(nextSegmentLength 00 87 00 numberOfAtts) +attribute_length 'sid' 04 03 00 00 +attribute_length 'gameid' 04 02 00 00 +attribute_length 'gip' 04 02 00 00 +attribute_length 'gport' 04 02 00 00 +(nextSegmentLength 00 8e 00 numberOfAtts) +attribute_length 'sid' sid(17bytes) +attribute_length 'type' 02 01 00 00 00 +attribute_length 'status' 05 01 01 74 statusLength_length statusLength 00 status +(nextSegmentLength 00 93 00 numberOfAtts) +attribute_length 'sid' 04 03 01 00 sid(17bytes) +attribute_length 'vid' 04 02 01 00 20 00 00 00 +attribute_length 'vip' 04 02 01 00 5e 6a 13 43 +attribute_length 'vport' 04 02 01 00 3f 22 00 00 +(nextSegmentLength 00 87 00 numberOfAtts) +(nextSegmentLength 00 94 00 numberOfAtts) +(nextSegmentLength 00 90 01 numberOfAtts) //aha! +00000082 0d 00 8d 00 01 05 70 72 65 66 73 05 00 4f 00 83 ......pr efs..O.. +00000092 00 03 07 66 72 69 65 6e 64 73 04 01 02 00 06 00 ...frien ds...... +000000A2 6b 65 61 6d 6f 73 0e 00 74 65 73 74 66 72 69 65 keamos.. testfrie +000000B2 6e 64 32 38 38 36 04 6e 69 63 6b 04 01 02 00 06 nd2886.n ick..... +000000C2 00 4b 65 61 6d 6f 73 00 00 06 75 73 65 72 69 64 .Keamos. ..userid +000000D2 04 02 02 00 ab 3c 02 00 ad 3a 06 00 2c 00 84 00 .....<.. .:..,... +000000E2 02 06 75 73 65 72 69 64 04 02 01 00 ab 3c 02 00 ..userid .....<.. +000000F2 03 73 69 64 04 03 01 00 8a ab d5 34 62 16 27 d7 .sid.... ...4b.'. +00000102 0a ee 01 de dd 5b fd 95 2a 00 87 00 04 03 73 69 .....[.. *.....si +00000112 64 04 03 00 00 06 67 61 6d 65 69 64 04 02 00 00 d.....ga meid.... +00000122 03 67 69 70 04 02 00 00 05 67 70 6f 72 74 04 02 .gip.... .gport.. +00000132 00 00 4a 00 8e 00 03 03 73 69 64 03 8a ab d5 34 ..J..... sid....4 +00000142 62 16 27 d7 0a ee 01 de dd 5b fd 95 04 74 79 70 b.'..... .[...typ +00000152 65 02 01 00 00 00 06 73 74 61 74 75 73 05 01 01 e......s tatus... +00000162 74 01 18 00 28 41 46 4b 29 20 41 77 61 79 20 46 t...(AFK ) Away F +00000172 72 6f 6d 20 4b 65 79 62 6f 61 72 64 43 00 93 00 rom Keyb oardC... +00000182 04 03 73 69 64 04 03 01 00 8a ab d5 34 62 16 27 ..sid... ....4b.' +00000192 d7 0a ee 01 de dd 5b fd 95 03 76 69 64 04 02 01 ......[. ..vid... +000001A2 00 20 00 00 00 03 76 69 70 04 02 01 00 5e 6a 13 . ....vi p....^j. +000001B2 43 05 76 70 6f 72 74 04 02 01 00 3f 22 00 00 46 C.vport. ...?"..F +000001C2 00 87 00 04 03 73 69 64 04 03 01 00 60 20 5b 52 .....sid ....` [R +000001D2 c2 f0 81 51 a3 cf dc 85 2b 8c 20 b8 06 67 61 6d ...Q.... . ..gam +000001E2 65 69 64 04 02 01 00 d7 10 00 00 03 67 69 70 04 eid..... ....gip. +000001F2 02 01 00 1e 23 ed 40 05 67 70 6f 72 74 04 02 01 ....#.@. gport... +00000202 00 20 71 00 00 2b 00 94 00 04 03 6d 61 78 02 1e . q.. .. ...max.. +00000212 00 00 00 06 67 61 6d 65 69 64 04 02 00 00 03 67 ....game id.....g +00000222 69 70 04 02 00 00 05 67 70 6f 72 74 04 02 00 00 ip.....g port.... +00000232 1f 00 90 01 01 03 64 69 64 06 d1 3d 67 48 7b 21 ......di d..=gH{! +00000242 0c 8d 56 cc 72 90 7a 4a ab f1 9d 2e 2c 4b 1b ..V.r.zJ ....,K. +00000082 1f 00 90 01 01 03 64 69 64 06 d1 25 35 b0 95 9c ......di d..%5... +00000092 35 41 d5 4e c0 3c 69 5d d4 bb c8 b0 b7 9f 4f 0d 5A.N.<i] ......O. +000000A2 00 8d 00 01 05 70 72 65 66 73 05 00 4f 00 83 00 .....pre fs..O... +000000B2 03 07 66 72 69 65 6e 64 73 04 01 02 00 06 00 6b ..friend s......k +000000C2 65 61 6d 6f 73 0e 00 74 65 73 74 66 72 69 65 6e eamos..t estfrien +000000D2 64 32 38 38 36 04 6e 69 63 6b 04 01 02 00 06 00 d2886.ni ck...... +000000E2 4b 65 61 6d 6f 73 00 00 06 75 73 65 72 69 64 04 Keamos.. .userid. +000000F2 02 02 00 ab 3c 02 00 ad 3a 06 00 2c 00 84 00 02 ....<... :..,.... +00000102 06 75 73 65 72 69 64 04 02 01 00 ab 3c 02 00 03 .userid. ....<... +00000112 73 69 64 04 03 01 00 8c 73 95 43 8d 08 3c 53 49 sid..... s.C..<SI +00000122 30 a9 76 b8 56 38 2f 2a 00 87 00 04 03 73 69 64 0.v.V8/* .....sid +00000132 04 03 00 00 06 67 61 6d 65 69 64 04 02 00 00 03 .....gam eid..... +00000142 67 69 70 04 02 00 00 05 67 70 6f 72 74 04 02 00 gip..... gport... +00000152 00 46 00 87 00 04 03 73 69 64 04 03 01 00 6d a0 .F.....s id....m. +00000162 d1 11 0f 5b e1 e4 28 c0 fd 6e 79 f5 bf 79 06 67 ...[..(. .ny..y.g +00000172 61 6d 65 69 64 04 02 01 00 78 10 00 00 03 67 69 ameid... .x....gi +00000182 70 04 02 01 00 51 e1 81 0c 05 67 70 6f 72 74 04 p....Q.. ..gport. +00000192 02 01 00 8c 0e 00 00 2b 00 94 00 04 03 6d 61 78 ....... .....max +000001A2 02 1e 00 00 00 06 67 61 6d 65 69 64 04 02 00 00 ......ga meid.... +000001B2 03 67 69 70 04 02 00 00 05 67 70 6f 72 74 04 02 .gip.... .gport.. +00000078 1f 00 90 01 01 03 64 69 64 06 d1 20 6b 88 d7 69 ......di d.. k..i +00000088 90 15 7f 50 94 7c f3 2e c9 e0 66 15 6a 85 96 2b ...P.|.. ..f.j.. +00000098 00 94 00 04 03 6d 61 78 02 1e 00 00 00 06 67 61 .....max ......ga +000000A8 6d 65 69 64 04 02 00 00 03 67 69 70 04 02 00 00 meid.... .gip.... +000000B8 05 67 70 6f 72 74 04 02 00 00 0d 00 8d 00 01 05 .gport.. ........ +000000C8 70 72 65 66 73 05 00 3b 00 83 00 03 07 66 72 69 prefs..; .....fri +000000D8 65 6e 64 73 04 01 01 00 0e 00 74 65 73 74 66 72 ends.... ..testfr +000000E8 69 65 6e 64 32 38 38 36 04 6e 69 63 6b 04 01 01 iend2886 .nick... +000000F8 00 00 00 06 75 73 65 72 69 64 04 02 01 00 ad 3a ....user id.....: +00000108 06 00 2a 00 87 00 04 03 73 69 64 04 03 00 00 06 ..*..... sid..... +00000118 67 61 6d 65 69 64 04 02 00 00 03 67 69 70 04 02 gameid.. ...gip.. +00000128 00 00 05 67 70 6f 72 74 04 02 00 00 96 01 87 00 ...gport ........ +00000138 04 03 73 69 64 04 03 0d 00 2a 44 e6 1d 08 5c 99 ..sid... .*D...\. +00000148 50 5b 3b 99 8e 73 0d d1 08 70 85 41 28 6e 68 0c P[;..s.. .p.A(nh. +00000158 38 07 f3 50 d6 5c 9f 4b 86 d4 be cc 21 d1 6e 6b 8..P.\.K ....!.nk +00000168 e3 eb c5 8e bb 00 d0 43 53 eb f7 c5 05 6a 78 95 .......C S....jx. +00000178 3c d6 82 3c 57 9c 29 f2 eb 5c cd 2b bd a0 d5 6f <..<W.). .\. ...o +00000188 d3 b3 35 e0 0a 30 26 f0 ad f6 bb f8 97 42 3d 53 ..5..0&. .....B=S +00000198 5f ce 92 70 ee 72 4f 96 f1 45 48 08 4f 2a 54 67 _..p.rO. .EH.O*Tg +000001A8 d8 25 bd ad 3f e1 34 40 3c 33 27 cb a7 86 0c 26 .%..?.4@ <3'....& +000001B8 54 6d c3 d1 bf 0e 18 c6 ed 23 cb 52 cc 8d e1 94 Tm...... .#.R.... +000001C8 b3 22 5e 3e 08 79 44 c1 a2 dc a8 a1 f1 4c cc 97 ."^>.yD. .....L.. +000001D8 b8 5e 3a 5f 38 28 dd cb f4 77 50 b4 06 4a 70 4c .^:_8(.. .wP..JpL +000001E8 20 1a a2 ec 3c 9a d2 76 63 ee 9b 3c 05 c5 8f 57 ...<..v c..<...W +000001F8 1e 51 f9 aa e6 7c 00 96 03 c4 1a 44 6c 6b d7 d3 .Q...|.. ...Dlk.. +00000208 ac 2a c4 f7 89 38 01 b4 bf 06 67 61 6d 65 69 64 .*...8.. ..gameid +00000218 04 02 0d 00 ae 10 00 00 77 10 00 00 e3 10 00 00 ........ w....... +00000228 86 10 00 00 09 10 00 00 44 10 00 00 0f 10 00 00 ........ D....... +00000238 45 10 00 00 18 10 00 00 05 00 00 00 05 00 00 00 E....... ........ +00000248 bd 10 00 00 05 00 00 00 03 67 69 70 04 02 0d 00 ........ .gip.... +00000258 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ +00000268 09 e7 70 d4 14 ec f2 c3 00 00 00 00 18 34 8e 53 ..p..... .....4.S +00000278 f3 bb 0f 51 10 e9 1c c1 03 92 62 53 30 6a f8 d5 ...Q.... ..bS0j.. +00000288 51 ab 02 51 05 67 70 6f 72 74 04 02 0d 00 00 00 Q..Q.gpo rt...... +00000298 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e7 38 ........ .......8 +000002A8 00 00 87 69 00 00 00 00 00 00 87 69 00 00 20 71 ...i.... ...i.. q +000002B8 00 00 8a 69 00 00 87 69 00 00 a0 0f 00 00 a5 69 ...i...i .......i +We got a chat message. We have to send a Ack for this IM +1. sid between the sender and me +length 00 type(133) 00 numberOfAtts //all after and with peermsg is 1 att +attribute_length 'sid' 03 SID //sid_length = 16 +attribute_length 'peermsg' 05 numberOfAtts +attribute_length 'msgtype' 02 00 00 00 00 +attribute_length 'imindex' 02 numberOfMessage(xx 00 00 00) +attribute_length 'im' messageLength_length messageLength 00 messageText +000000D9 58 00 85 00 02 03 73 69 64 03 ee 9b 3c 05 c5 8f X.....si d.î.<.Å. +000000E9 57 1e 51 f9 aa e6 7c 00 96 03 07 70 65 65 72 6d W.Qùªæ|. ...peerm +000000F9 73 67 05 03 07 6d 73 67 74 79 70 65 02 00 00 00 sg...msg type.... +00000109 00 07 69 6d 69 6e 64 65 78 02 02 00 00 00 02 69 ..iminde x......i +00000119 6d 01 14 00 6f 6b 20 6f 6b 20 28 69 6d 20 66 72 m...ok o k (im fr +00000129 65 6e 63 68 29 20 6e 70 ench) np +We have to ack the IM we got, so that the chatpartner know we got it. +1. sid between the sender and me +3e 00 type(02) 00 numberOfAtts //all after and with peermsg is 1 att +attribute_length 'sid' 03 SID +attribute_length 'peermsg' 05 numberOfAtts +attribute_length 'msgtype' 02 01 00 00 00 +attribute_length 'imindex' 02 numberOfMessage(xx 00 00 00) +0000011C 3e 00 02 00 02 03 73 69 64 03 ee 9b 3c 05 c5 8f >.....si d.î.<.Å. +0000012C 57 1e 51 f9 aa e6 7c 00 96 03 07 70 65 65 72 6d W.Qùªæ|. ...peerm +0000013C 73 67 05 02 07 6d 73 67 74 79 70 65 02 01 00 00 sg...msg type.... +0000014C 00 07 69 6d 69 6e 64 65 78 02 02 00 00 00 ..iminde x..... +We have Send a IM. We will receive a Ack for our IM +1. sid between the destination and me +length 00 type(02) 00 numberOfAtts //all after and with peermsg is 1 att +attribute_length 'sid' 03 SID +attribute_length 'peermsg' 05 numberOfAtts +attribute_length 'msgtype' 02 00 00 00 00 +attribute_length 'imindex' 02 numberOfMessage(xx 00 00 00) +attribute_length 'im' messageLength_length messageLength 00 messageText +00000198 57 00 02 00 02 03 73 69 64 03 ee 9b 3c 05 c5 8f W.....si d.î.<.Å. +000001A8 57 1e 51 f9 aa e6 7c 00 96 03 07 70 65 65 72 6d W.Qùªæ|. ...peerm +000001B8 73 67 05 03 07 6d 73 67 74 79 70 65 02 00 00 00 sg...msg type.... +000001C8 00 07 69 6d 69 6e 64 65 78 02 04 00 00 00 02 69 ..iminde x......i +000001D8 6d 01 13 00 69 20 61 6c 73 6f 20 73 70 65 61 6b m...i al so speak +000001E8 20 66 72 65 6e 63 68 french +### Ack for our IM (133) +We got a ack for the IM we sent +1. sid between the destination and me +3e 00 type(133) 00 numberOfAtts //all after and with peermsg is 1 att +attribute_length 'sid' 03 SID +attribute_length 'peermsg' 05 numberOfAtts +attribute_length 'msgtype' 02 01 00 00 00 +attribute_length 'imindex' 02 numberOfMessage(xx 00 00 00) +00000177 3e 00 85 00 02 03 73 69 64 03 ee 9b 3c 05 c5 8f >.....si d.î.<.Å. +00000187 57 1e 51 f9 aa e6 7c 00 96 03 07 70 65 65 72 6d W.Qùªæ|. ...peerm +00000197 73 67 05 02 07 6d 73 67 74 79 70 65 02 01 00 00 sg...msg type.... +000001A7 00 07 69 6d 69 6e 64 65 78 02 04 00 00 00 ..iminde x..... +### Chat authentification (133) +Our chat partner want some infos about us, and gives us a salt.. dont know for +what. We have to respond +length 00 type(133) 00 numberOfAtts //all after and with peermsg is 1 att +attribute_length 'sid' 03 SID +attribute_length 'peermsg' 05 numberOfAtts +attribute_length 'msgtype' 02 02 00 00 00 +attribute_length 'ip' 02 ipInHex +attribute_length 'port' 02 25 04 00 00 +attribute_length 'localip' 02 ipInHex +attribute_length 'localport' 02 25 04 00 00 06 +attribute_length 'status' 02 01 00 00 00 +attribute_length 'salt' saltLength_length saltLength 00 salt(40bytes) +0000003E 9b 00 85 00 02 03 73 69 64 03 ee 9b 3c 05 c5 8f ......si d...<... +0000004E 57 1e 51 f9 aa e6 7c 00 96 03 07 70 65 65 72 6d W.Q...|. ...peerm +0000005E 73 67 05 07 07 6d 73 67 74 79 70 65 02 02 00 00 sg...msg type.... +0000006E 00 02 69 70 02 18 74 70 53 04 70 6f 72 74 02 25 ..ip..tp S.port.% +0000007E 04 00 00 07 6c 6f 63 61 6c 69 70 02 18 74 70 53 ....loca lip..tpS +0000008E 09 6c 6f 63 61 6c 70 6f 72 74 02 25 04 00 00 06 .localpo rt.%.... +0000009E 73 74 61 74 75 73 02 01 00 00 00 04 73 61 6c 74 status.. ....salt +000000AE 01 28 00 65 62 65 66 66 66 38 33 36 39 62 63 32 .(.ebeff f8369bc2 +000000BE 65 37 39 30 38 35 62 38 36 34 35 34 32 36 66 64 e79085b8 645426fd +000000CE 36 34 33 30 30 62 66 66 37 34 32 64300bff 742 +### Chat authentification response(133) +We send our chat partner some infos and his hash. +length 00 type(2) 00 numberOfAtts //all after and with peermsg is 1 att +attribute_length 'sid' 03 SID //sid of the other +attribute_length 'peermsg' 05 numberOfAtts +attribute_length 'msgtype' 02 02 00 00 00 +attribute_length 'ip' 02 ipInHex +attribute_length 'port' 02 25 04 00 00 +attribute_length 'localip' 02 ipInHex +attribute_length 'localport' 02 25 04 00 00 06 +attribute_length 'status' 02 01 00 00 00 +attribute_length 'salt' saltLength_length saltLength 00 salt(40bytes) +00000081 9b 00 02 00 02 03 73 69 64 03 ee 9b 3c 05 c5 8f ......si d...<... +00000091 57 1e 51 f9 aa e6 7c 00 96 03 07 70 65 65 72 6d W.Q...|. ...peerm +000000A1 73 67 05 07 07 6d 73 67 74 79 70 65 02 02 00 00 sg...msg type.... +000000B1 00 02 69 70 02 b0 18 a7 3e 04 70 6f 72 74 02 f3 ..ip.... >.port.. +000000C1 6a 00 00 07 6c 6f 63 61 6c 69 70 02 21 01 a8 c0 j...loca lip.!... +000000D1 09 6c 6f 63 61 6c 70 6f 72 74 02 96 06 00 00 06 .localpo rt...... +000000E1 73 74 61 74 75 73 02 01 00 00 00 04 73 61 6c 74 status.. ....salt +000000F1 01 28 00 65 62 65 66 66 66 38 33 36 39 62 63 32 .(.ebeff f8369bc2 +00000101 65 37 39 30 38 35 62 38 36 34 35 34 32 36 66 64 e79085b8 645426fd +00000111 36 34 33 30 30 62 66 66 37 34 32 64300bff 742 +packet_length 00 type(143) 00 numberOfAtts +attribute_length 'name' number_of_names name_length 00 name +attribute_length 'fname' number_of_fnames fname_length 00 fname //first name +attribute_length 'lname' number_of_lnames lname_length 00 lname //last name +00000736 3b 00 8f 00 03 04 6e 61 6d 65 04 01 01 00 06 00 ;.....na me...... +00000746 6b 65 61 6d 6f 73 05 66 6e 61 6d 65 04 01 01 00 keamos.f name.... +00000756 07 00 4d 69 63 68 61 65 6c 05 6c 6e 61 6d 65 04 ..Michae l.lname. +00000766 01 01 00 06 00 43 61 6c 64 65 72 .....Cal der +* [Wikipedia article](http://en.wikipedia.org/wiki/Xfire) +* [Gfire](http://gfireproject.org/) Xfire protocol Plugin for Pidgin + * [Gfire source code](https://github.com/gfireproject/gfire/blob/master/src/gf_network.c#L195-483) Gfire's packet parsing method +* [XFireGateway](http://xfirelib.sphene.net/wiki/show/XFireGateway.html) which + also implements [GOIM](../goim.md) extensions to the Jabber protocol. +* [OpenFire](http://code.google.com/p/openfire/) Java API and suite of tools + for accessing the XFire instant messaging network --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/xmpp.md Sat Apr 09 07:23:53 2022 -0500
+eXtensible Messaging and Presence Protocol ([XMPP](http://www.xmpp.org/)) +(formerly known as [Jabber](http://www.jabber.org/)) is an open, XML-inspired +protocol for near real time, extensible instant messaging (IM) and presence +information (a.k.a. buddy lists). The protocol is built to be extensible and +other features such as Voice over IP and file transfer signaling have been +* [XMPP Protocol](http://www.xmpp.org/protocols/) +* [XMPP Extensions](http://www.xmpp.org/extensions/) +## Additional Information +* [Wikipedia](http://en.wikipedia.org/wiki/Extensible_Messaging_and_Presence_Protocol) +* [XMPP About](http://www.xmpp.org/about/) --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/yahoo.md Sat Apr 09 07:23:53 2022 -0500
+The Yahoo! Messenger Protocol is the protocol created by the Yahoo! corporation +for use in its instant messaging clients. The protocol is proprietary and +centralized in nature with some functionality being peer-to-peer in the newest +revisions of the protocol and clients. In general, the protocol is called YMSG. +Note that all YMSG packets will contain "YMSG" near the beginning of their +Yahoo JAPAN also runs a second network using the same protocol. The protocol +used is identical, however the servers are different and it is not possible for +a user on the Yahoo JAPAN network to chat with a user on the "normal" Yahoo +network (or vice versa). The Yahoo JAPAN network also appears not to be able to +use all the features the other network can, for example Windows Live Messenger +The Yahoo protocol has the following features: +Cross-network interoperability with the Windows Live Messenger (MSN) network. +This is explained below. +The Yahoo protocol connects to its servers over the following ports: +* Chat port (Pager server): 5050 (TCP) +* File transfer port: 80 (TCP) +* Peer-to-peer chat: 5101 (TCP) +* Voice chat: 5000-5010 (UDP) or 5000-5001 (TCP) +* Pager server request: 80 (TCP: HTTP) +* Login server: 443 (TCP: HTTPS) +* Login server: login.yahoo.com +* Pager server request server: vcs1.msg.yahoo.com +* Pager server request server for Yahoo JAPAN: cs1.msg.vip.ogk.yahoo.co.jp +* Pager server hostname pool: scsa.msg.yahoo.com +* File transfer server: filetransfer.msg.yahoo.com +* File transfer server Japan: filetransfer.msg.yahoo.co.jp +Add information about the packet structure here. +Starting with Yahoo Messenger 9.0, clients use YMSG protocol version 16. The +login procedure for protocol version 16 employs an HTTP request, a YMSG packet, +two HTTPS requests, then a return to YMSG. The login process consists of +multiple steps as follows: +### 1. Request a pager server address +Send an HTTP GET request for location "/capacity" to the server +vcs1.msg.yahoo.com (or cs1.msg.vip.ogk.yahoo.co.jp for Yahoo JAPAN). The whole +URL is http://vcs1.msg.yahoo.com/capacity +(or http://cs1.msg.vip.ogk.yahoo.co.jp/capacity for Yahoo JAPAN). +The server responds with a message containing two lines: +CS_IP_ADDRESS=aaa.bbb.ccc.ddd +The address aaa.bbb.ccc.ddd will be a real IP address usable for standard YMSG +connections. It is currently in correct IPv4 format; that is, no leading zeroes +are used. This is the Pager server the client should connect to. +The `COLO_CAPACITY` line's purpose is currently unknown, but it is believed +that if the server returns `COLO_CAPACITY=0` that official clients will not +attempt to connect to a pager server. +### 2. Send YMSG packet to Pager server +Send a packet for service 57 (authentication) to the pager server. This packet +must contain a single key-value pair. The key is 1 and the value is the Yahoo +ID you are trying to connect with. +The server will reply with a packet for service 57 that contains 3 key-value +* Key 1, Value Yahoo ID connecting +* Key 13, Value 2. This key indicates the particular authentication mechanism + to use. Past values are 0 and 1, but these are no longer supported. +* Key 94, Value is a string. This string is the challenge string used during + the first HTTPS request. +### 3. Send username, password, and challenge string to login server +Send an HTTPS GET request for location +"/config/pwtoken_get?src=ymsgr&login=<username>&passwd=<password>&chal=<challengestring>" +to the server login.yahoo.com (or login.yahoo.co.jp for Yahoo JAPAN accounts). +https://login.yahoo.com/config/pwtoken_get?src=ymsgr&login=<username>&passwd=<password>&chal=<challengestring> +https://login.yahoo.co.jp/config/pwtoken_get?src=ymsgr&login=<username>&passwd=<password>&chal=<challengestring> +Substitute the Yahoo ID for <username>, but strip @yahoo.com from any ID sent +(other domains, such as sbcglobal.net or rocketmail.com, seem to be OK). +Substitute the password for <password> and the challenge string from the +previous step for <challengestring>. Note that the challenge string is not +strictly required to proceed. If you choose not to use the challenge string for +this request, you can wait to perform steps 1 and 2 until you've completed step +4 and are ready to start step 5. +The server will respond, but the response will vary depending on whether +information supplied is correct or not. +The first line of the response's body will be an ASCII representation of an +integer. This response code's values and meanings are: +0 | Information supplied is correct. +100 | Missing required field (username or password) +1013 | Username contains @yahoo.com or similar but should not; strip this information. +1212 | The username or password is incorrect. +1213 | The account is locked because of too many failed login attempts +1214 | Security lock requiring the use of a CAPTCHA. +1218 | The account has been deactivated by Yahoo +1235 | The username does not exist. +1236 | The account is locked due to too many login attempts (this error code means only the number of attempted logins, including both failed and successful login attempts). +If the response was 0, there will be additional lines in the response: +* The second line of the response will start with "ymsgr=". This value is the +* The third line of the response will start with "partnerid=". The purpose of + this value is unknown, but seems to be somehow tied to a given username and +### 4. Send token to login server +Send an HTTPS GET request for location +"/config/pwtoken_login?src=ymsgr&token=<token>" to the same login server used +in the last step. The whole url is +https://login.yahoo.com/config/pwtoken_login?src=ymsgr&token=<token> (or +https://login.yahoo.co.jp/config/pwtoken_login?src=ymsgr&token=<token> for +Yahoo JAPAN). Substitute <token> with the token from the previous step. +Again, the server's response contains necessary information. +The HTTP headers contain a B Cookie in the format "Set-Cookie: B=<cookie>". +This is not strictly needed to log in, but some clients (including the official +client) use it. If you choose to use it, ignore the characters "B=", but take +the remainder of the text up to (but not including) the first semicolon. +The first line of the response's body will again be an ASCII representation of +an integer. 0 means the information supplied to the server was correct, and 100 +means there's a problem. If the first line is 0, additional lines will be +* Line 2 will start with "crumb=". This is the crumb needed to calculate a hash +* Line 3 will start with "Y=". This is the Y cookie and is needed later. +* Line 4 will start with "T=". This is the T cookie and is needed later. +* Line 5 will start with "cookievalidfor=". This is the life of the cookies in + seconds. Usually this value is 86400 (1 day). +### 5. Calculate a hash to send to the Pager server +You now need to send a string to the Pager server. This string is calculated +using the crumb and challenge string, hashed with MD5, and encoded with Yahoo's +* Concatenate the crumb and the challenge string. This is "crypt" +* perform and MD5 hash of crypt. This is "hash" +* Encode hash with Yahoo's Base64 variant. Some clients, like libpurple, + implement their own y64 encoding function, but you can do this instead: + * Base64-encode hash. This is "response" + * Replace all instances of `+` in response with `.` + * Replace all instances of `/` in response with `_` + * Replace all instances of `=` in response with `-` +### 6. Send the response to the Pager server +Send a YMSG packet for service Authentication Response (0x54) with the +following key-value pairs: +307 | "response" calculated in previous step +244 | Client build ID. More on this below. +135 | Client version. More on this below. +1. All three places using the Yahoo ID must use the same ID string that was + used to obtain the token and crumb. If a domain had to be stripped to obtain + the token and crumb, that stripped version of the username must be used here +1. The B cookie isn't strictly needed for login, but will make clients less + distinguishable from the official client. +1. The key 244 and final key 2 values are numbers, but are treated as ASCII + characters instead of as integers. +1. The meaning of key 98's value is an assumption. The US official client puts + "us" in this value; the JAPAN official client puts "jp". This value is not + strictly needed for login, but will make clients less distinguishable from +The official clients have two different version numbers. One is the version +number a user sees in the "About Yahoo! Messenger" box. The other is completely +hidden from the user and used only during the login process. We'll call these +versions the version and build ID, respectively. Each version has precisely one +build ID associated with it. Known pairs are listed: +Client version and build ID pairs +Client Version | Build ID | Network | Supported +-------------- | -------- | ------- | --------- +9.0.0.2162 | 4194239 | Normal | Yes +9.0.0.1727 | 4186047 | Japan | Yes +* [Wikipedia Article](http://en.wikipedia.org/wiki/Yahoo!_Messenger) +* [Some basic descriptions of the Yahoo protocol](http://www.venkydude.com/articles/yahoo.htm) +* [Yahoo Messenger Protocol v 9](http://libyahoo2.sourceforge.net/ymsg-9.txt) --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/protocols/zephyr.md Sat Apr 09 07:23:53 2022 -0500
+Zephyr is an open protocol developed by MIT as part of Project Athena. Although +it is no longer being developed, it is still used by several universities. It +uses Kerberos 4 and 5 for authentication. +* [Zephyr Project](ftp://athena-dist.mit.edu/ftp/pub/ATHENA/zephyr/) - project source code +* [Protocol Documentation](ftp://athena-dist.mit.edu/ftp/pub/ATHENA/zephyr/OLD/makedepend.tar.Z) - tar file +## Additional Information +* [Wikipedia](http://en.wikipedia.org/wiki/Zephyr_(software)) +* [Zephyr](http://itinfo.mit.edu/product.php?vid=635&platform=Linux) +* [MacZephyr](http://web.mit.edu/macdev/Development/Applications/MacZephyrX/Documentation/) +* [WinZephyr](http://web.mit.edu/swrt/releases/winzephyr/) --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/specifications/messagestyles.md Sat Apr 09 07:23:53 2022 -0500
+**Message styles** define how to display instant messages in a client UI using +HTML, CSS, and Javascript. They are used by Adium, which first created them, +Kopete, and Banter. Additionally, a plugin for Pidgin is in development. +Discussion about message styles occurs on the +[messagestyles@imfreedom.org](http://imfreedom.org/cgi-bin/mailman/listinfo/messagestyles) +* ["Creating Message Styles"](http://trac.adium.im/wiki/CreatingMessageStyles) + A page from the Adium wiki about how to create new message styles. This is a + very useful resource for implementing them. +* ["A (sort of) Quick Introduction to making your own .AdiumMessageStyle"](http://naib.dnsalias.org:8000/~markfickett/adium/tutorial/AdiumMessageStylemirrored.html) --- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/mkdocs.yml Sat Apr 09 07:23:53 2022 -0500
+site_name: IMFreedom Knowledge Base
