I saw a program advertisement that being said, it make it possible to read Plus!'s encrypted log files without any need of a password? I just wonder if it is possible or not?

Well, if something could read it, then it wouldnt be encrypted would it .

Link us to this program please .. but as Sam said, if it could be read without a password then there's no point to having a password

sure, you can open the log in pretty much any text editor without the password!

reading the log without the password on the other hand, is virtually impossible.

w00t! 600 posts!

http://www.msxlabs.org/forum/messenger-plus/6582-...oglari-okuyun.html

From the link you can access the forum page which this program is being advertised. However it sounds strange to me also. I saw it on that forum and people who tried it seem disappointed. All of them say that it doesn't work   You had better try it too. Or even don't try.

well if the program tries to hack the password brute force it "can" read encrypted logfiles...
note: it can if the password is really short or it has like 1000 years to crack it...

The assumption is that the encryption is secure and that is not possible.

That said, the source code of Patchou's implementation is unpublished and hasn't been extensively reviewed by others, unlike Open Source cryptographic software.  Implementation mistakes in cryptography are easy to make (e.g. predictable sources of entropy) and can greatly weaken an otherwise strong algorithm.   If present and correctly exploited, small oversights often reduce the time required for a successful brute force attack from hundreds of years it should take in theory, to hours or minutes in practice.

If any such weakness (or intentional backdoor) exists in the log encryption, it is presently unknown.

I wasn't able to find any claims that this software even tries to decrypt MsgPlus chat logs. In fact, it seems to have nothing to do with MsgPlus at all.

"View Yahoo and MSN chat logs without logging in to Yahoo or MSN."

http://www.fakewebcam.com/demoMYMA.asp
http://www.softpedia.com/get/Security/Decrypting-...coder-Viewer.shtml

You are definitely right. I will report that post on that forum and make admins delete that post. Sorry for taking your time with such a silly thing.

Adeptus: you are right about you say for encryption in general. That's also why I didn't create the aloruthm myself. I'm using the latest stuff available in XP and above which is AES. If somebody can crack this down, I can assure you your Messenger Plus! logs will be the least of your problems .

I noticed when the log has been decrypted it is stored as a file on the hard drive (then made hidden it seems). Couldn't it be possible to just recover that deleted file using various programs?

Could there be another way of storing the unencrypted file so it cannot be recovered?

quote:

---

Originally posted by linx05
I noticed when the log has been decrypted it is stored as a file on the hard drive (then made hidden it seems). Couldn't it be possible to just recover that deleted file using various programs?

---

quote:

---

Originally posted by linx05
Could there be another way of storing the unencrypted file so it cannot be recovered?

---

Memory files cannot be used reliably with IE and in any case, you have to remember that the log file accesses pictures in the Imaghes sub-directory so if the file is not physically there, a lot of limitations occur.

Many fail-safe mechanism in the log viewer have already been implemented, including deleting files even if the Log Viewer crashes and filling the temporary decrypted log file with garbage before deleting it (to prevent recovering with undelete tools).

quote:

---

Originally posted by Patchou
Many fail-safe mechanism in the log viewer have already been implemented, including deleting files even if the Log Viewer crashes and filling the temporary decrypted log file with garbage before deleting it (to prevent recovering with undelete tools).

---

Ok, My first post here, been reading for a while but I'm not quite sure if the kind of thing I'm requesting is allowed.

Basically, for reasons which belong to myself, I need to read a .ple file for which I do not have the password. I've been searching and searching. I've found a decryptor - but you need the password.

I've managed to obtain the MSN password using a program, but it's not the same as the one used to protect the .ple file.

Is it possible or is there a program, that can obtain the password?

The Messenger Plus is "Messenger Plus! Live"

EDIT: Please forgive me if this is the wrong place for this kind of thing. My sould is tormented right now. If you know of anyway to do this and don't want to risk your account, pm me.

quote:

---

Originally posted by ohyouknowme
Ok, My first post here, been reading for a while but I'm not quite sure if the kind of thing I'm requesting is allowed.

Basically, for reasons which belong to myself, I need to read a .ple file for which I do not have the password. I've been searching and searching. I've found a decryptor - but you need the password.

I've managed to obtain the MSN password using a program, but it's not the same as the one used to protect the .ple file.

Is it possible or is there a program, that can obtain the password?

The Messenger Plus is "Messenger Plus! Live"

EDIT: Please forgive me if this is the wrong place for this kind of thing. My sould is tormented right now. If you know of anyway to do this and don't want to risk your account, pm me.

---

Yeah that's what I figured.

So how does Messenger Plus! know the password if it's not saved?

The first couple of bytes are always the same in every file, Plus! decrypts the file with the password given and checks if the first couple of bytes are correct.

So is it something akin to an md5 validation?

Or more like a wireless network passord - you put in a real word, it generates a code, a code which (in theory) is needed to connect to the network?

no, if you look at the log file decrypted it always has the same couple of bytes.

like: MP4L

Plus! also encrypts this.

If you decrypt the file with the correct password this word is readable, when it's the wrong password it's not readable, so it knows it was the wrong password.

EDIT: Read Tool to encrypt or decrypt log files for more info about the encryption.

Yeah I've been having a read. Seems I'm stuck anyway.

I'm going to be confronting the problem directly tonight.

Assuming the log files are still being used by whoever it is whose privacy you are trying to invade and you have access to the computer they use, you could install some sort of a keylogger and obtain the password that way.

I will caution you, however, that this is not the way to solve problems in relationships (be they romantic, friends or parent/child).  If you feel someone isn't open with you and doesn't trust you now, they will certainly trust you less after they learn what you have done.

I thought about that (but as you can see, I put that I'm going to confront it tonight) but I know that the situation of the password being put in isn't going to occur very often. So it'd take a very long time.

I've decided against it anyway, I'm going to get the person to open the logs and read them to me. I already know what's in them, because I managed to get some different logs (sneaky!) and read those.

Thanks for the replies though.

it has been a while since anyone replied to this post and I still don't have a clue how to decrypt my logfiles. They are almost 5 years old. I did make up the password myself at that time but my memory has failed me.
I don't know anything about threads and bladibla, i just want to read my old logs!

who can help me?????

quote:

---

Originally posted by jajajanneke
it has been a while since anyone replied to this post and I still don't have a clue how to decrypt my logfiles. They are almost 5 years old. I did make up the password myself at that time but my memory has failed me. I don't know anything about threads and bladibla, i just want to read my old logs!

---