13 Apr
2002
13 Apr
'02
1:28 p.m.
Sometime Today, Vinay Pai assembled some asciibets to say:
Hmm.. if they're using libcrypto then I suppose it should be possible to trace it and break the protocol... basically catch the stuff before it gets hashed! Could you send me details of your analysis?
check linux-india-programmers list archives. It's all there.
Since Yahoo's been deliberately trying to kill clones, I'd assumed they'd used some kinda statically linked crypto functions... something fairly trivial to do.
they're using libcrypto.so - dynamically linked and calling MD5_*
--
If you fool around with something long enough, it will eventually break.