|
Checking other user's buddy lists for your Yahoo! IDs
Torseq Technologies (which consists of only myself and my associate) have recently discovered something "useful" that the Big Blue Ball community and legit 3rd party Yahoo! developers could benefit from. A way to scan any user's buddy list for any of your Yahoo! IDs presence is now not only possible but easily achieved.
Last year I found a way to do this but not nearly as convenient as this method of doing it is. What is NOT used in the following example is a guide to scanning other user's lists for other user's IDs, that would be a privacy breach and that isn't what this is about (from my testing this doesn't even seem possible with this given method).
What this IS about is a way to identify whether or not any of your IDs are on other user's buddy lists. The target user can be any user, just as long as the user ID does exist. The target user is also required to be on YMSG protocol at the time you choose to scan them. Nothing more is required. Even if the target user is "cloaking", where their alias is inactive, or even if they're invisible this scan will NOT fail.
How to scan other user's buddy lists for the existence of your Yahoo! IDs:
The first requirement is sending out a P2P packet of type 0x00 0x4F. The P2P scan packet found in the Buddy Spy program will work to fully meet this requirement.
The next requirement is signing into YMSG with the ID that you will be using to check other user's buddy lists with. You will need to be signed into the ID that you suspect will be on the target's list. If you have mutliple aliases attached to your main account scanning with each of these will all have different outcomes depending on whether or not the target in question has those names on his/her list. You CAN, if you like, scan one of the user's aliases and this will report back to you whether or not you're on their list. You don't need to know the target's main ID, any of their aliases (if they've got any created) will do.
How it works:
If the target ID's list has you or any of your names that you're scanning from on their buddy list you will receive a unique response that will identify that you're present on there.
The typical 'chatter' response ('chatter' meaning they don't have you on their buddy list from the name you're scanning from) when the user is NOT on YMSG will look like this:
Header portion we're concerned with = 0x00 0x4F 0x00 0x00 0x00 0x02
Payload = 5 Your ID 4 Target ID 4 Your ID 1 Your ID 4 Your ID 12 Anything Random Here 610213749PEERTOPEER100934140 1
The packet type 0x00 0x4F is echoed back to you where the 16th status field byte in the header from the reply is 0x02 indicating that the user is not on YMSG protocol.
This will be the same response you'll get when a person that has you on their list is not on YMSG protocol at the time you scanned them.
What WILL be different is the online YMSG responses that you will get. Here is the response you will get when scanning a user that doesn't have you on their list (from the name you're scanning from at least):
Header portion we're concerned with = 0x00 0x4F 0xFF 0xFF 0xFF 0xFF
Payload = 16 Target's ID 
Again the packet type 0x00 0x4F is sent back to us only this time with the status bytes equal to all 0xFF's.
When a user that DOES have you on their list is scanned from the name that exists on there, you will see a YMSG online response equal to this:
Header portion we're concerned with = 0x00 0x4F 0x00 0x00 0x00 0x0B
Payload = 5 Your ID 4 Target's ID 11 Random Number 
The return is of course the packet type, 0x00 0x4F, only this time with the last status byte equal to 0x0B indicating that the user has the name you've scanned them from on their list. The entire return packet's payload is also completely different than the online response you'd normally get from scanning your average chatter.
Legitimate uses for such a discovery:
The ability to scan any user's buddy list for your names provided that they're signed into YMSG protocol. This will come in handy for knowing who has you on their lists and which names of yours they've got on there (if you use many). This is also a perfect companion to "Deny-A-Buddy" for the reason described above.
*Important Notes: If scanning people's lists that have your 'scanning name' on there they'll be able to actually detect your P2P buddy list scan packet. This is also true of Buddy Spy but ONLY if you were P2P scanning from a name that is on the target's buddy list (nobody does this usually). Detecting when your own buddies are P2P scanning you is also possible but again only if they're scanning you from the exact name(s) that you have on your list which is almost never done, P2P scanning is usually performed from a 'bot' name or a name that isn't typically used much.
A program that we've been working on since last year will have buddy P2P scanning detection available, along with the ability to scan any user on any protocol (except for YMSG/HTTP). Scanning user's lists for your names has also been incorporated with the ability to deny-a-buddy them if you don't approve of them having you on their list. These last two features of our program, which is due out soon, are easily the most trivial features that it has to offer to our customers. A free version of this program will also be made available after the commercial version is released as a beta 1.
Last edited by Torseq Tech. : 02-26-2006 at 07:03 PM.
|
