Tonight, I thought I'd have a quick look at Tiscali's netphone. For dial in, you get an 0871 number, so I thought I'd dial in and watch what happens with wireshark.
It looks like the protocol they use is proprietary. All traffic appears to take place over HTTP port 80 (though one of the packet fragments does mention UDP port 5050 - though wireshark didn't capture any UDP traffic). One worrying thing is that I noticed my password was sent in plain text. The server side seems (at least partially) written in Java - a tell tale JSESSIONID, use of Apache 2 (UNIX) with mod_jk and the apparent use of software from wiseapp.org (which only has one listed project, xmentos "A lightweight XML binding/persistence framework for Java (JDK5.0 or later). Works whith annotations, does not require any configuration/mapping file, runs with standard W3C DOM and JAXP"). The client looks like a regular windows app, though there is a DLL called mosquito.dll, which is interesting as "MOSQUITO" is often found in messages from the client to the server,
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment