AOL 6.0 protocol changes...

Thomas Hruska thruska at
Sun Sep 9 15:02:32 EDT 2007

John Bailey wrote:
> Hash: SHA1
> Jeff Connelly wrote:
>>> 2. What is "krbtgt"?  Is that another screen name?  It appears in there a few
>>> times.  Maybe the actual conversation data itself is encrypted, but the
>>> framing data surrounding the conversation isn't?
>> krbtgt = Kerberos Ticket-Granting Ticket?
>> says "When a user first authenticates to Kerberos, he talks to the
>> Authentication Service on the KDC to get a Ticket Granting Ticket.
>> This ticket is encrypted with the user's password."
>> The terminology seems to fit the acronyms seen here - perhaps AIM6
>> uses Kerberos for authentication in some way.
> This is indeed a sign of Kerberos-based authentication, as is the
> hostname.  I would bet that AOL is using Kerberos 5 here instead
> of the older Kerberos 4 which appears to be used for our Zephyr support.
> John

I concur that there is some form of Kerberos involved.  Based on the 
responses I've seen so far to this, I decided to take a look at RFC4120. 
  There are a lot of similarities in terminology.  AND, at first glance, 
I'd say the data that we've seen so far is the raw ASN.1 encoded syntax.

I'm only about 1/4 of the way through the RFC though (mostly glancing). 
  But now that I know what to look for, I can spend some more time 
breaking down the data and probably tinker with the Kerberos library to 
nail down what APIs to call (and what data to send) to get the right 
data sent to the server.

Now that I have a better sense of direction, I will disappear again for 
a bit...  Thanks for the help everyone.

Thomas Hruska
CubicleSoft President
Ph: 517-803-4197

*NEW* MyTaskFocus 1.1
Get on task.  Stay on task.

More information about the Devel mailing list