Tags

, , , , , ,

This weekend Pritam sir and I sat again to nail the problem of hacking chat messages from Openfire server. As expected, we started afresh (our failing memories :D). Here are the takeaways:

  • Our pidgin client (version 2.10) could not connect (error: Not authorized). Add your buddy carefully. Username/ password, domain (IP address of hosting Openfire server) and in advanced setting, enter connect server (IP address of hosting Openfire server) and port 5222/5223 (Check Openfire admin console for confirmation)
  • If still you see the above problem, restart the server.

$ ./bin/openfire stop
$ ./bin/openfire start

  • It is straightforward and easy to create a plugin to play around with Openfire. Our experiment is centred around motd and contentFIlter plugins.
  • We found Interface PacketInterceptor (used in contentFilter) and we plan to exploit it for our devellish purpose.

To Do

  1. Enabling debug messages in Openfire
  2. Learning life cycle of PacketInterceptor

If you wish to refer Part-I: XMPP, Openfire and Pidgin: A weekend buffet.

Advertisements