Visit Official Website of ICQ
Sniffer programs on windows.
This program currently sniffs and decrypts messages/urls sent from the
server to an icq client. The purpose of this program is to demonstrate
and give starting code on how to "decrypt" ICQ data.
At present the sniffer decrypts ICQ server protocol v6 packets i.e. (Licq
for Linux and ICQ 2000a for Windows). ICQ 2000b uses protocol v7 and currently
only scarcely documented on the internet. But from what I have read it
is a totally new protocol similar to AOL messager. Apparently since AOL
bought Mirabilis they are shifting towards the AOL protocol.
Using the program
Download and unzip the source (tar zxvf icq_snifferv0.5.tar.gz). Run
make. Note this source has only been tested on a Linux system. You need
root access to the system.
An example usage of this program is if you are a LAN environment (home
network, college network, business network etc.) and you have root access
to a client machine, you can switch the ethernet card to promiscuous mode
(/sbin/ifconfig eth0 to enable promisc mode and /sbin/ifconfig -eth0 to
disable promisc mode) and run the program (icq_sniffer). The program will
print out all the messages/urls sent from the ICQ server to all ICQ clients
on the network.
Heres a diagramatic representation of a possible usage:
As shown in the diagram User B and User C are on the same LAN and share
the same hub. If User A sends an ICQ message to User B through the server,
User C will be able to view it.
Possible extensions of the program
- Extend to decrypting messages sent TO the server.
- Extend to decrypting passwords sent TO the server.
- Extend to decrypting other server data (e.g. ICQ passwords).
- Sniff the unique login code sent in each session and spoof a disconnect
forcing a client to disconnect.
Related Sniffer & Network Monitoring Software:
- Capture HTTP packets, monitor Internet web traffic, and show URL visited
by LAN users.
- Monitor password from HTTP, email (SMTP/POP3), FTP, TELNET on LAN.
- Capture network packets and provide view for full TCP conversations and
Sniffer & Monitor
- Capture MSN messenger chat and conversations on your network.