Advanced Instant Messengers Password Recovery (AIMPR) is a program to recover login and password information (stored locally) for most popular instant messengers: ICQ, ICQLite, AOL IM, Yahoo! Messenger, MSN Messenger, Google Talk, Excite Messenger, Odigo, Trillian, AT&T IM Anywhere, T-Online Messenger, Match Messenger, Praize IM, ScreenFIRE, ACD Express Comunicator, Imici Messenger, Prodigy IM, PowWow Messenger, Jabber IM, Kellster IM, PalTalk, Indiatimes messenger, Miranda, Tiscali, Ya.com Messenger, Rediff Bol, Sifty Buzz, Devil, Tencent QQ, &RQ, Ipswitch Instant Messenger, Eighth Wonder Catax, Simple Instant Messenger, Vista IM, GAIM, Global-IM, Psi Jabber client, Messenger2, Picasa Hello, iWon, Blowsearch, MessageMate, Meca Messenger, Qnext, Bubbler (Five Across), Easy Message. Passwords are recovered instanly, multilingual passwords are supported.
Please note that AIMPR can recover YOUR lost or forgotten password only, extracting/decrypting it from your own system (if such information is there, of course). So it cannot be used to crack somebody else' passwords.
Requirements :
· Windows 95, Windows 98, Windows ME, Windows NT 4.0, Windows 2000, Windows XP or Windows Server 2003
· any one of supported instant messengers
Just press the Select Messenger... button on the toolbar, and select (from the list) the messenger you want to get login and password information for. Then, the program may prompt you to select the file name to get information from, or it will get everything directly from your system. Here are the details (and what particular versions of supported instant messengers AIMPR has been tested with; actually, it should work with other ones as well, but that have to be verified):
ICQ
For versions up to 2002, the ICQ database (the one you have to select) looks like XXXXXX.DAT, where XXXXXX is the ICQ UIN (only digits); for example, if UIN is 1234567, then the file should be 1234567.DAT. Please note that for ICQ 98a, that's mandatory for proper AIMPR operation, i.e. if the file will have another name, the password will not be recovered. Also, you should have (also for this particular version, i.e. ICQ 98a) the file named XXXXXX.IDX, located in the same folder where the DAT file is. Versions tested: all from 98a to ICQPro 2003b build 3916, including ICQLite.
For ICQ version 2003 (and ICQLite 4.x), password is no longer stored in the database file, but written (in encrypted form) in Windows Registry. So there is a separate menu item in AIMPR for this version.
Please note that in modern ICQ versions, there is a new option (during installation): "This computer is used by:", and available selections are "Only myself" and "Varous users". More information is available in ICQ documentation: Public & Private Modes; as stated there, if ICQ is installed in Public Mode, then passwords are not saved at all, and so AIMPR will not be able to recover them (giving an appropriate error message).
AOL Instant Messenger
All information is extracted from Windows Registry. Versions tested:
1.75.574
3.0.1466
4.1.2010
4.3.2229
4.3.2229
4.6.0073
4.7.2480
Important: starting from version 4.8 of AOL Instant Messenger, the password is not stored locally anymore, so it cannot be recovered by AIMPR – the program will show Unsupported version message. If that case, use AOL online form located at http://www.aol.com/aim/password.adp to get your password back.
Yahoo! Messenger
All information is extracted from Windows Registry. Versions tested:
Build 716 (MyYahoo module 314)
Build 736 (MyYahoo module 333)
Build 3,0,0,764 (MyYahoo module 2,0,0,344)
Build 3,5,0,844 (MyYahoo module 2,0,0,352)
Build 4,0,0,943 (MyYahoo module 2,0,0,355) (Beta)
Build 4,1,0,992 (MyYahoo module 2,0,0,360
Build 4,1,0,997 (MyYahoo module 2,0,0,360)
Build 4,1,0,998 (MyYahoo module 2,0,0,360)
Build 5,0,0,1018 (MyYahoo module 3,0,0,411) (Beta)
Build 5,0,0,1052 (MyYahoo module 3,0,0,427)
Build 5,0,0,1054 (MyYahoo module 3,0,0,429)
Build 5,0,0,1059 (MyYahoo module 3,0,0,431)
Build 5,0,0,1229 (MyYahoo module 3,0,0,447)
Build 5.5.0.1250 (MyYahoo Module 5.5.0.454)
Build 5,5,0,1254 (MyYahoo module 5,5,0,456)
Build 5,6
Build 6,0
Build 7,0
Note: Yahooligans! Messenger is also supported (tested on version 3,0,0,777), because it is built on the same kernel as Yahoo! Messenger.
MSN Messenger Service
All information is extracted from Windows Registry. Versions tested:
1.0.0893
2.0.0085
2.1.1047
3.0.0286
3.5.0077
3.6.0025
3.6.0026
3.6.0039
4.5.0121
4.6.0076
4.6.0077
4.6.0082
5.0.0537
6.0.0268
6.1.0155
6.2
7.0 (beta)
7.5
The program also supports Windows Messenger 4.x for Windows XP (tested on versions 4.0.0155 and 4.7.0041).
Google Talk
All information is extracted from Windows Registry. Version tested: 1.0.0.66.
Odigo
All information is stored in *.odu files. Versions tested: 3.0 beta (Build 537), 3.6 and 4.0.
Trillian
All information is stored in aim.ini, msn.ini and yahoo.ini files. Versions tested: 0.6351, 0.721, 1.0 Pro, 2.0, 2.012, 2.013, 3.0, 3.1.
Excite Messenger
All information is extracted from Windows Registry. Versions tested: 2.0.0.23, 2.1.1.65, 3.0.
Excite Private Messenger
All information is extracted from Windows Registry. Version tested: 1.0.2.2.
AT&T IM Anywhere
All information is extracted from Windows Registry. Versions tested: beta v1.6.7, 3.1 and 3.2.
T-Online Messenger
All information is extracted from Windows Registry. Versions tested: 4.0 (01.07.2001), 4.5 build 1832, 5.0, 5.5.
Match Messenger
All information is extracted from Windows Registry. Versions tested: 1.05 and 2.0.
Praize IM
All information is extracted from Windows Registry. Versions tested: 2.0, 2.1, 2.5, 3.0 (build 673), 3.1, 4.0, 4.1, 4.5.
ScreenFIRE
All information is extracted from Windows Registry. Version tested: 3.2 build 06202000.
ACD Express Communicator
All information is extracted from Windows Registry. Version tested: 2.02 (Build 20010430).
Imici Messenger
All information is stored in accounts_bf.cfg file. Version tested: 3.0.2-5 and 3.4.5.
Prodigy IM
All information is stored in *.odu files. Version tested: 3.1 beta (build 576 and build 5771).
PowWow Messenger
All information is stored in *.ini files in Windows folder. Version tested: 4.22 (Build 2092901).
Jabber IM
All information is stored in config.xml file in Jabber folder. Versions tested: 1.10.0.6, 2.0.2.0, 3.0.0.171.
Kellster IM
All information is extracted from Windows Registry. Versions tested: B0.9.36 and 1.00.08.
PalTalk
All information is extracted from Windows Registry. Version tested: 4.0 build 389, 5.0, 5.0 PV71 Build 496, 5.0 final build 524, 5.0 final build 553, 7.0, 8.0.
Indiatimes messenger
All information is extracted from Windows Registry. Versions tested: 2.0, 3.0, 4.0, 5.0, 6.0. Note: password encryption (in the messenger itself) has a bug in the implementation, so some non-English passwords are stored (and so recovered) incorrectly!
Miranda
All information is stored in *.dat files (as for ICQ, as far as it is just an ICQ replacement) in program folder. Versions tested: 0.1.2.1, 0.2.1, 0.3, 0.3.2, 0.3.3, 0.4.0.1. Note: password encryption (in the messenger itself) has a bug in the implementation, so some non-English passwords are stored (and so recovered) incorrectly!
Tiscali
All information is stored in *.ini files in some subfolders of the program folder. Versions tested: v.2.0.8 build 18, 2.1.1.1 and 2.2.
Ya.com Messenger
All information is extracted from Windows Registry. Version tested: 2.0.
Rediff Bol
All information is extracted from Windows Registry. Versions tested: 2.0.2, 7.0.
Sify Buzz
All information is extracted from Windows Registry. Versions tested: 1.00 and 1.2.
Devil
All information is stored in *.dat files in Users subfolder of the program folder. Versions tested: 1.06.013.
Tencent QQ
All information is stored in oicq2000.cfg files in Dat subfolder of the program folder. Version tested: 200b build 0710b.
Please note that starting from version 2000c build 0630c, password is no loner saved locally, and so cannot be recovered at all.
The program also supports QQ (Africa Edition) – it is a clone of Tencent QQ, but based on the old engine, where the password has been still stored and so can be recovered. Version tested: 1.37.
&RQ
All information is stored in andrq.ini files in UIN subfolders (where UIN is the ICQ Unique Identification Number) of the program folder. You will have to locate these files yourself (and provide the full path to AIMPR), because &RQ does not have an installation program and so it is not known where its program folder is. Verions tested: 0.9.3.9, 0.9.4.6, 0.9.4.11 and 0.9.4.16.
Ipswitch Instant Messenger
All information is extracted from Windows Registry. Versions tested: 1.00, 1.01, 1.0.3.20 Built 2003.08.29, 1.0.4.30 Built 2003.12.15 (both server and client), 2.0, 2.01, 2.03.
Eighth Wonder Catax
All information is stored in catax.4.1.cfg file in program folder. Version tested: 4.12.
Simple Instant Messenger
All information is stored in icq.conf file, located in UIN subfolder under Application Data folder (the location of Application Data folder itself depends on the operating system. Versions tested: 0.8.1, 0.8.3, 0.9.1, 0.9.3.
Vista IM
All information is stored in files under Application Data folder. Version tested: 2.0.0.4049.
GAIM
All information is stored in .gaimrc file in the folder defined by USERPROFILE, HOME or HOMEPATH envonment variables. Versions tested: 0.67, 0.74, 0.76, 1.0.0, 1.1.1, 1.2.1, 1.3.1.
Global-IM
All information is stored in "settings.xml" file under Application Data folder. Versions tested: 1.0.23, 2.0.2, 2.0.5, 2.5.0.13.
Psi Jabber client
All information is stored in config.xml files in subfolders of the program folder. Versions tested: 0.9.1, 0.9.2, 0.9.3.
Messenger2
Profile passwords are stored in profile.xml file that is located in the program folder (typically C:\Program Files\Messenger2). Passwords to ICQ, MSN Messenger and Yahoo Messenger accounts for every profile are stored in acconts.xml file, that is located in \profiles\[profile_name] subfolder under the program folder (for Windows 9x) or \Documents and Settings\[profile_name]\Messenger2 folder (for Windows 2000 and XP). Versions tested: 1.3, 1.4, 1.5.
Picasa Hello
All information is extracted from Windows Registry. Versions tested: 1.0 (builds 549 and 651).
iWon
All information is extracted from Windows Registry. Version tested: 1.0.2.3.
Blowsearch
This messenger is based on Global-IM; passwords are stored in data.xml file under Application Data folder. Version tested: 2.1.0.
MessageMate
This messenger is based on Global-IM; passwords are stored in data.xml file under Application Data folder. Version tested: 2.0.6.
Meca Messenger
All information is extracted from Windows Registry. Version tested: 4.4.1.83.
Qnext
All information is stored in config.xml file. Version tested: 2.1.0.46.
Bubbler (Five Across)
All information is stored in *.prefs files. Version tested: 1.4.3 (build 246).
Easy Message
All information is stored in *.emp files. Version tested: 2.3.663.
· For some messengers (AOL Instant Messenger, MSN Messenger, Yahoo! Messenger and Excite Messenger and a few others) all account information (login and password) is stored in Windows Registry, and being accessed by AIMPR using standard Windows API. That means that if you've re-installed (not upgraded) Windows, all your settings will be lost. Right now, AIMPR cannot extract it from binary Registry files -- probably, it will be implemented in the next versions.
For messengers listed above, AIMPR should be used from the same user account (in the operating system) as instant messenger itself. For example, if you were running MSN Messenger logged as 'User1', you should run AIMPR also as 'User1', but not as any other user such as 'User2' or even 'Administrator'.
The program does not support (though usually detect) AOL Instant Messenger version 4.8 or later (including all 5.x versions), and Tencent QQ v2000 build 0630c or later. For those versions, passwords are not stored locally at all (only their hash values), and so they cannot be recovered in a reasonable time.
Home page URL : http://www.elcomsoft.com/aimpr.html
Advanced Instant Messengers Password Recovery (AIMPR)
Labels:
Recovery Utilities
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment