Yahoo! Messenger version 6 (I'm not interested in version 5) stores
the password of the last user logged in, in the registry. But it is in
an encrypted form.
The registry key is: "HKEY_CURRENT_USER\Software\Yahoo\Pager", Name:
"EOptions String".
I need a function that, given inputs EncodedPassword and UserName,
returns the correct DecodedPassword.
It could be in any programming language, as long as the logic or
algorithm is clear.
For testing, I made a Yahoo username: "test1598" with password: "secret".
The encoded password is: "Qey0JgreGczYO6BV4hxrVxTodCg5J71L8Y7mnUDZ9Q--".
As far as I know, it is encoded form of the password, using username
as the key, but I could be wrong.
Thank you.
--------------------------------------------------------------------------------
Clarification of Question by daisuki-ga on 19 Jan 2005 01:38 PST
I'm a developer of a currently-selling software product. Our customers
are mainly *legal* investigators from US. For Yahoo! Messenger version
5, we knew the process to decode it. But after several months
researching, we had no success in decoding encoded password of YM
version 6.
It is not used for illegal activities.
--------------------------------------------------------------------------------
Request for Question Clarification by cynthia-ga on 19 Jan 2005 08:11 PST
Would a password recovery application, that shows what is under the
asterics, be satisfactory?
~~Cynthia
--------------------------------------------------------------------------------
Clarification of Question by daisuki-ga on 20 Jan 2005 03:38 PST
No, I need to decode the password programatically. Usually not all
data is recoverable on the computer that is investigated. Even a
partial password, if it's recoverable, would be useful. That's why I
need to decode the password directly.
--------------------------------------------------------------------------------
Clarification of Question by daisuki-ga on 26 Jan 2005 20:15 PST
Some more hints from my trying:
1. It is encoded in base-64 (6 bits for each character), and the
characters used in the base-64 is
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789._"
In the end of encoded string, sometimes it's embedded with "-"
characters (seems to fill the zeros if the total number of bits is not
multiples of 6.
2. The longer the password, the longer the encoded password will be.
3. You can try to know how YM encode the password, by putting arbitary
user name and password on the login dialog. As long as you checked the
"Save Password" checkbox, the password will be saved even if the
password is not valid.
