Art of Decrypting Digsby Password

Digsby is popular multiprotocol IM client that lets you chat with all your friends on AIM, MSN, Yahoo, ICQ, Google Talk, and Jabber with one simple to manage buddy list. It also has social networking feature that lets you keep connected with your friends through popular social network sites such as Facebook, Twitter, LinkedIn, Myspace etc. All these features together with ease of use made it one of the popular IM client around the world in short duration of time.

.

Update (21th Oct 2010) : Published the First ever Digsby Password Decryption Research Article, “Exposing the Password Secrets of Digsby”

Update (21st Oct 2010) : Released new dedicated Password Recovery Tool for Digsby,  DigsbyPasswordDecryptor

Update (15th Oct 2010) : Released IMPasswordDecryptor 1.5 with the support for ‘DigsbyIM’ Password Recovery.

.

Digsby stores only main account password locally and all other IM account passwords (such as Yahoo, Gmail, AIM) are stored in the servers. The main account password is stored in the ‘logininfo.yaml’ file at following location,

[Windows XP]
C:\Documents and Settings\<user_name>\Local Settings\Application Data\Digsby

[Windows Vista & Windows 7]
C:\Users\<user_name>\AppData\Local\Digsby

It is always challenging to reverse and discover how a certain application encrypts the password as most apps uses their own unique methods and different algorithms.  I was onto the same challenge, when I set to decrypt the Digsby password as I already knew it uses some kind of encryption algorithm with derived key.

It took me around 16 hours of reversing spanned across several days and nights to get to the final password. As usual drive was very interesting and pleasure of cracking it down successfully was immense.

Newer version of Digsby uses better key generation mechanism than the previous one which used just static string as the key for encryption algorithm.Here are the interesting stuffs on how Digsby encrypts the password and how to decrypt it.

.

Overall it was very interesting experience reversing the algorithm and getting the right on the target. This will come as part of our new tool, IMPasswordDecryptor which will help you to instantly recover passwords stored by popular IM clients.

Watch out this space for release announcements or follow our twitter.

.

Here is first ever disclosure on Password Decryption of “Digsby IM” + Code Samples = “Exposing the Password Secrets of Digsby”

.

For our other interesting exposure refer to research article, ‘Password Secrets of Popular Windows Applications’

Similar posts
  • SecurityXploded Mentorship Programme ... I am writing this blog to share my SecurityXploded Student Mentorship Programme experience with the future students of this programme. My mentorship programme started last year in August when I was in 2nd year of MS at IIIT-Allahabad. I knew about SecurityXploded community since I used to follow their blogs, training programmes and security tools [...]
  • Code Injection and API Hooking Techni... Hooking covers a range of techniques used for many purposes like debugging, monitoring, intercepting messages, extending functionality etc. Hooking is also used by a lot of rootkits to camouflage themselves on the system. Rootkits use various hooking techniques when they have to hide a process, hide a network port, redirect file writes to some different [...]
  • Announcement – SecurityXploded ... From the past two years we are working actively on couple of projects to support the security community. As you all may already know that we have successfully completed our reversing and malware analysis training programme and we are very glad that it was very helpful for everyone. In my opinion the success of any [...]
  • Advanced Malware Analysis Training Se... Here is the quick update on this month’s Local Security meet (SX/Null/G4H/owasp) and our advanced malware training session on (Part 2) Dissecting the HeartBeat  RAT Functionalities   This is part of our FREE ‘Advanced Malware Analysis Training’ series started from Dec 2012.       In this extended session, I explained “Decrypting various Communications Of HeartBeat [...]
  • Advanced Malware Analysis Training Se...   Here is the quick update on this month’s Local Security meet (SX/Null/G4H/owasp) and our advanced malware training session on (Part 1) Reversing & Decrypting Communications of HeartBeat RAT This is part of our FREE ‘Advanced Malware Analysis Training’ series started from Dec 2012.       In this extended session, I explained “Decrypting The [...]

3 Comments

1 Ping/Trackback

  1. […] the previous post  ‘Art of Decrypting Digsby Password’ ,   I have exposed on decrypting the Digsby password. Today I am going to write about internal […]

  2. August 24, 2010    

    Hash cracker is a web-service that allows you to encrypt your passwords
    or crack your hashed passwords with MD5, SHA1 or NTLM algorithms.
    You can also encode or decode texts with Base64 system.

    http://www.hash-cracker.com

    Video tutorial:

    http://www.youtube.com/watch?v=JVxdQPdGXec

  3. varun varun
    September 1, 2010    

    decryption process is very good….still there is a problem that is i do i know about sequencing of “Product Id, Install Date and Digs by user name”and how do i get all the things…n still i don’t have RC4 source code

  1. Security Blog by Nagareshwar » Blog Archive » Art of Decrypting Paltalk Password on June 14, 2010 at 12:06 pm

Leave a Reply

Our Company

Follow us on Facebook


Join Mailing List

Get direct access to our expert trainers or mingle with like minded security folks in our mailing list