binload with third-party software?

[formerglory]

With Wireshark, should SSL be turned off in Binload? All I get is jibberish when SSL is on. I see the nntp parts, just can't find the user/pass.

[zot]

With Wireshark, should SSL be turned off in Binload? All I get is jibberish when SSL is on.

I hope you understand that SSL is a type of encryption, which basically ... turns everything into jibberish.

[formerglory]

I hope you understand that SSL is a type of encryption, which basically ... turns everything into jibberish.

Indeed, I do. I had a brain fart, and figured everything out after all . Problem solved!

[Jammie2k7]

Cant get the user/pass from wireshark anyone help?

[anon]

Run the Binload client, make sure SSL is disabled, then start a download and stop it a few seconds afterwards while the packet sniffer of your choice (mine was SmartSniff) captures all traffic on port 119.

I was able to do it in two minutes, and have been using the account on SABnzbd for a few days without any problems.

[enerdude]

Cant get the user/pass from wireshark anyone help?

I used a network protocol analyzer from colasoft and it was pretty straightforward for me. You can download it @ http://www.colasoft.com/download/pro...capsa_free.php

Below is roughly the steps I followed

1. Open the program and click the "capture" tab ; make sure the network adapter that internet traffic flow through is selected at top left of screen.
2. Under analysis profile just select Full analysis
3. Press the "Play" button at bottom right of screen to start capture packets
4. Start Binload and start downloading something
5. In node explorer on left hand side of screen you will see "Full analysis". Under Full analysis expand the view as follow: protocol explorer --> ethernet --> IP --> TCP
6. Under TCP you will find the NNTP protocol. Highlight NNTP
7. In middle window on screen you will see tabs across the screen (summary, diagnosis....upto report). Click on "packet"
8. You now have a view of all the newsgroup packets. To find login details, start search by pressing ctrl-F. It will pop-up a window called "Find in packets"
9. To find username, search for authinfo user In the bottom window it should find the text and the username should start with "bl". Copy the whole username upto in front of the dots (..)
10. To find password, search for authinfo pass In the bottom window copy everything after ""authinfo pass" [excluding space] upto in front of the dots (..)

Enjoy....

P.S. News sever ip address is news1.eu.binload.com or 85.12.7.190 on port 119 or 80 [80 is useful if port 119 is blocked / throttled by your ISP for some reason)
SSL you can use port 443 or 563

Edit: I have analyzed the binload program with a "man in the middle" attack using fiddler and have analyzed the traffic it sends after logging in.
It does a https POST to https://search.binload.com/login.php with following data:

<login><username>username [email] goes here</username><password>passoword SHA1 encrypted goes here</password><appversion>v1.0.4</appversion></login>

The server respond then with something like this:

<user>
<valid>true</valid>
<validUntil>2012-01-01 00:00:00</validUntil>
<url>news1.eu.binload.com</url>
<username>newsserver username goes here [same as can be found by protocol sniffer]</username>
<password>newsserver password goes here [same as can be found by protocol sniffer]</password>
<searchURL>https://search.binload.com/searchnzb.php</searchURL>
<downloadURL>https://search.binload.com/downloadnzb.php</downloadURL>
<nfoURL>https://search.binload.com/getnfo.php</nfoURL>
<browseURL>https://browse.binload.com/index.php</browseURL>
<helpURL>https://help.binload.com/index.php</helpURL>
<communityURL>http://forum.binload.com/</communityURL>
</user>

If you guys want I can write a little program that will let you login with your email / pass and will then show your news server login details without you having to sniff it

[Jammie2k7]

Done what you said but everytime i search for authinfo user it says cannot find!

[enerdude]

Done what you said but everytime i search for authinfo user it says cannot find!

You must be missing something...

Are you interested in a program that will get the info for you automatically? Give me a day and I will code one

[zot]

I was able to do it in two minutes, and have been using the account on SABnzbd for a few days without any problems.

Judging by the blitz of questions, it would seem that these "two minute" packet analyzers give a lot of people headaches trying to figure them out. They are, after all, designed more for technical people rather than the "point-and-click" unwashed masses.

In the days when people were trying to packet-capture the logins to free dialup ISPs like Juno and Netzero (so they would not be forced to run the buggy software all the time) there were dedicated one-click ("idiot-proof") applications like Rasspy and DialGuard that would intercept these logins -- without having to a run full-on network analyzer, which are far more complicated and feature-packed than the average person would ever need or want (or even know how to interpret).

If you guys want I can write a little program that will let you login with your email / pass and will then show your news server login details without you having to sniff it

enerdude - Do you think it would it require much work to put together a 'keygen-like' app that would extract the login details out of the packet stream? Such a tool would certainly be appreciated by many (though if successful, could spell the early demise of the free Binload era -- just as Rasspy did for Netzero).

[anon]

Such a tool would certainly be appreciated by many (though if successful, could spell the early demise of the free Binload era -- just as Rasspy did for Netzero).

My thoughts also. If anyone can easily extract the login data that'd be cool, but it may cause Binload to close or cease offering free services.