XMPP, Pidgin and Openfire: Capturing a message packet

This weekend Pritam sir and I sat again to nail the problem of hacking chat messages from Openfire server. As expected, we started afresh (our failing memories :D). Here are the takeaways:

  • Our pidgin client (version 2.10) could not connect (error: Not authorized). Add your buddy carefully. Username/ password, domain (IP address of hosting Openfire server) and in advanced setting, enter connect server (IP address of hosting Openfire server) and port 5222/5223 (Check Openfire admin console for confirmation)
  • If still you see the above problem, restart the server.

$ ./bin/openfire stop
$ ./bin/openfire start

  • It is straightforward and easy to create a plugin to play around with Openfire. Our experiment is centred around motd and contentFIlter plugins.
  • We found Interface PacketInterceptor (used in contentFilter) and we plan to exploit it for our devellish purpose.

To Do

  1. Enabling debug messages in Openfire
  2. Learning life cycle of PacketInterceptor

If you wish to refer Part-I: XMPP, Openfire and Pidgin: A weekend buffet.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: