Sify does it yet again....

  • Thread starter Thread starter Tushar
  • Start date Start date
  • Replies Replies 81
  • Views Views 14,003
Originally posted by Tushar@Nov 25 2005, 10:40 PM
I can provide packet dumps if thats what you want, the POST's made to the Sify Server, the responses received in xml format et al.
[snapback]33216[/snapback]
Click to expand...
[/quote]

Yeah but nobody has answered by real question yet. Is there an Open Source Sify client for Windows which works with the LATEST version of their servers. My guess is that they may be changing the authentication protocol a bit...

And yes, I would be greatful if you can provide me with packet dumps of the entire login, log off session and also a bit during the session. Sify must have some sort of keep alive mechanism...
 
An open source client is there for linux only, the sify.c one posted earlier. But it's around a year old and depends on protocols of that time. That protocol and authentication mechanism was detailed here. I don't think there have been significant changes from that time but I agree, some subtle changes have been there. But no open source clients implementing them fully exist to my knowledge.
 
OK Sify has indeed changed the login system, guess what they are indeed reading every damn post of ours. In some topic previously I had mentioned that Sify POST's the username and password to their servers without hashing/encrypting them, meaning anyone on the network can capture your packets and get to know your username/password.Well thats patched in BBClient v3.0, it now sends a hashed/encrypted value to the server. Me and my big mouth 😛......This is basically the reason why EasySify will cease to work.Attached herein is a dump of the Login Session using BBClient 3.0 first and then using EasySify 2.0PS : I have edited/removed parameters identifying my account, so quit figgiting 😛.
 
As you can see, the client will now POST a hashed/encrypted valuecons=hfg5hbd67fb61b5a1e547fghdjiub412a3069d0921452970b5b2da85c29202006b2e74aa35dd0fe8a879d2a26f45hfg5dtg4e5846651f2bbe81f195c65e629c07691b06e8b8c2582183a44fd801c1b95dfd3b9e4f0baa4c53893a0e8824aff3554bb2b7a954284a0de10d91bcffa722bd44bab117f8cf4instead of the username and password to the server.To know what hashing/encrypting technique they are using the client will have to be disassembled again, so I see a really remote possibility of another alternate client popping up anytime soon.
 
dude, do you know what kind of hash it is? Since you have removed the login parameters only you can decipher what kind of hash it is... But it seems to me that it is an md5 sum hash. Since, the login process is through a php script, it seems to be the most likely hash that they are prolly going to use...BTW Who is the author of Easy Sify?
 

Heh about time Sify fixed it. Presence of plain-text passwords has been known forever and mentioned on this forum now and then but Sify didn't touch it till now. I guess it was just a matter of when because plain-text passwords are idiotic anyway 😛
 
very nice, inetbum. But it still doesnt help me. What kind of encryption is sify using?
 
that is a 952 bit value... can't figure it out.. hashes are normally 128 (MD5), 256, 384, 512 (SHA2), 160 (SHA1)... have never heard of a 952 or 476 bit hash.. how have they combined username and password anyway?And this is still of no use.Why?Cos any alternative client maker can just ask u to run ur bband 3.0 client once, find the cons string (like done above, tho that wud need u to have ethereal ) and then send the same string. Unless they are now using some form of asymmetric encryption, or secure authentication (SSL, kereberos) these new techniques of theirs will do no good... so Tushar, can u login again, take another TCPdump and check whether the hash is the same this time too? If the hash is the same, it will be difficult to figure out what is happening without doing some serious reverse engineering
 
Originally posted by max@Nov 27 2005, 11:42 AM
dude, do you know what kind of hash it is? Since you have removed the login parameters only you can decipher what kind of hash it is... But it seems to me that it is an md5 sum hash. Since, the login process is through a php script, it seems to be the most likely hash that they are prolly going to use...

BTW Who is the author of Easy Sify?
[snapback]33353[/snapback]
Click to expand...
[/quote]
md5() function in php generates a 32 character string. The general practice is to append a secret key at both ends of the password and md5 it and use the 32 character string for authentication, BUT what this client is doing is far from that.

Its probably hashing each of the fields separately, and then concatenating the strings. Predicting the algorithm is not a piece of cake.

I'm in a hurry right now so cant check the TCPDumps again. Will check later and let you'll know.

Heh about time Sify fixed it. Presence of plain-text passwords has been known forever and mentioned on this forum now and then but Sify didn't touch it till now. I guess it was just a matter of when because plain-text passwords are idiotic anyway[/b]
Click to expand...
Making plain text POSTS when theres no other alternative but JS using forms in browsers is yet understandable, but when you can make use of much advanced techniques for hashing/encrypting POST data in Client-Server connections and no apparent use of it is made is idiotic. Thats what Sify's been doing. Ofcourse you can yet hijack packets if its just a symmetric hash, but the point is your password isnt revealed.

Disassembling the client is the only way (according to me) of getting any close to finding their algo.
 
i hav no idea what u guys are talking..... :wacko: they hav still not updated the client here
 
The cons key DOES CHANGE on every login, my guess for changing value would ofcourse be the session ID.

So the server generates the hash, by combining the session ID along with the ip/port/mac/username etc and so does the client, then they match the hashes to make sure they are the same. When that occurs the login is successful.

I have no idea what hashing technique or algo they are using...
 
I bet that they are using SSL or Kerberos... after all, these two are easily available.. it would be too much work for Sify to actually have to program this stuff themselves. But now that it is established that they use a dynamic algo, we are pretty much dead unless someone reverse engineers the client and figures out the assembly code.
 
Client got updated.. 🙁
Its very annoying to login every time using this client...
..alredy started missing Easysify.

Originally posted by kingkrool@Nov 28 2005, 10:39 PM
we are pretty much dead unless someone reverse engineers the client and figures out the assembly code.
[snapback]33490[/snapback]
Click to expand...
[/quote]


The question is...who is that special "someone"?
 
not me! : PPeople who are yet on 2.8 enjoy while it lasts, they are updating phase by phase, so once it reaches your local network v2.8 will be completely blocked. Its just a matter of time...
 

Similar threads

F
Jiofiber randomly stops working on devices
Replies
5
Views
940
Xposed
Creepy-Ad-404
How to actually reach customer care for bad routing issues.
Replies
7
Views
794
Creepy-Ad-404
P
Horrible Experience with One Broadband
Replies
6
Views
2,635
TheNuttyNet
unnecessary
Vi (Vodafone Idea) International Roaming
Replies
3
Views
1,264
pothi
Top