How do i get msn on windows 98?


#41

Are you sure? https://www.ssllabs.com/ssltest/analyze.html?d=m1.escargot.log1p.xyz&hideResults=on says it does and IE/Messenger refused to even connect to m1.escargot.log1p.xyz before that was changed. The cipher is also known as DES-CBC3-SHA if you’re using another method.

AFAIK the 9x issue is that even somewhat-strong ciphers are not supported, although I didn’t have any luck finding a source for which ones are and aren’t supported in such old Windows versions. I guess no one has cared enough (yet) about this to share that information :stuck_out_tongue:


#42

Well, I just spent a while trying to answer that, but unfortunately IE5 and IE6 are too crap to be capable of telling me how crap they are. I tried a bunch of online tests to get a list of supported ciphers, but both browsers are too incompatible to be able to access the test sites. I even tried some local tests, like https://demo.a-sit.at/ssl-check-clientsserver-2/, just in case it was a hosting issue, but nope, IE5/6 can’t work with that locally either. I might have another crack at it, somewhere down the line, but it’s defeated me for today I think.


#43

hehe, well the effort is much appreciated enhanox, thank you :stuck_out_tongue:


#44

No problem. If it’s of any use, I did at least find this, which may give some clues:

https://support.microsoft.com/en-us/help/245030/how-to-restrict-the-use-of-certain-cryptographic-algorithms-and-protoc

It’s for NT4 SP6, but presumably if NT4 supports those then so does Win98.

Edit: Actually, that’s inspired me to take a peek inside the registry on Win98 (with IE6 installed), wherein the following ciphers are listed (though they’re not very specific, and may not be super useful on their own, I dunno, this stuff is outside of my wheelhouse):

Win98SE + IE5.01 and Win98SE + IE6 (both have the same in the registry @ HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers)

DES 40/56
DES 56/56
NULL
RC2 128/128
RC2 40/128
RC2 56/128
RC4 128/128
RC4 40/128
RC4 56/128
RC4 64/128
Skipjack
TripleDES 168/168

Under “HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Hashes”, it lists:

MD5
SHA.


#45

Ah, yes. I tried the same thing with IE 5.5 on a Windows 98 virtual machine. Told me that “the domain wasn’t available,” which was nothing but a COMPLETE LIE!!


#46

So it lists 3DES (aka Triple DES), but not EBE, CBC, or RSA.

I think we may be in a pickle here.


#47

I dunno, the NT4 page I linked mentions “TLS_RSA_WITH_3DES_EDE_CBC_SHA”, so I assume that’s supported?


#48

I’ll go relaunch my virtual machine and see (of course I have IE5.5 but why not?).


#49

'Tis all me got.


#50

Windows XP seems to have the same (well, minus a few, it’s missing the DES 40/56). One difference is that instead of Fortezza in the KeyExchangeAlgorithms, it has Diffie-Hellman.


#51

Hopefully, Microsoft released patches to support the cipher and hashes needed to access Escargot’s HTTPS authentication. :sweat_smile:


#52

I just poked Escargot with a MSN Messenger 5 shaped stick with Ethereal (the old version of Wireshark, because Win98), and as long as TLS1.0 is enabled, it does connect with TLS_RSA_WITH_3DES_EDE_CBC_SHA. It then stops, because there’s an alert thrown in the TLS session, but I can’t see what it is right now because it’s inside the SSL stream.

If you do the same without TLS1.0 turned on, it just throws a Protocol Version alert and fails immediately after the Client Hello.


#53

Nice to hear that at least Win9X attempts to connects with the appropriate ciphers.

Also, Ethereal… You mean, THAT Ethereal? I would DIE to get that! Especially since with the Escargot YMSG frontend going well, versions of Yahoo! Messenger 5.0 and below (the ones that support protocols YMSG9 and below) somehow use 16-bit installers (while the application executables for the appropriate versions are 32-bit, which I find weird). Do you have any links or archives of any remaining versions, because the last time I checked on Google, I saw some… untrustworthy results. There was a result linking to CNET, but after the last time they tried to stuff their downloads with adware, I’m not too sure… :expressionless:


#54

http://www.oldversion.com/windows/wireshark-ethereal-0-10-14

That’s where I got my copy from, seems legit, and it works. I tried 0.99.0 before that, but it’s broken with a bug that was never fixed because it was the final Win98-compatible release. 0.10.14 is fine though.

Kinda funny really, until I had to pick up a copy to test this I forgot it was even called that way back when :stuck_out_tongue:

Edit: Now my problem is that Fiddler doesn’t work on Win98, so I can’t look inside the SSL stream to find out what that encrypted alert is. Anyone got any ideas?


#55

Definitely don’t use Fiddler4 (the number at the end of “Fiddler” signifies the .NET framework version it is compatible with, and we all know .NET 4 isn’t gonna work with Win9X). I’d see about Fiddler2, but I can’t quite remember the system requirements for .NET Framework 2.x. I’ll go look into that later. But if I find out that .NET Framework 2.x isn’t compatible with Win9X, I’ll try to search for some other Win9X HTTPS packet sniffer alternatives (if there are any lol).

On a side note, thanks for the Ethereal copy. ^_^


#56

.net Framework 2.0 does work on Win98 (I have it installed in this VM because that’s what Escargot Troubleshooter and Escargot Autopatcher require), but the application itself seems to require WinXP or higher. Thanks for the tip about Fiddler4 vs Fiddler2 though, perhaps it’ll run on KernelEx?

Also, no problem, good luck with Ethereal :slight_smile:


#57

If Fiddler2 doesn’t use too many Windows XP-exclusive libraries and features, then it will probably work on Win9X with KernelEx (I haven’t touched that software like at all). Just a guess, though. :sweat_smile:


#58

I just gave it a shot anyway, just to see if it’d work, and it does - for future reference, version 2.3.4.5 “runs” in Win98, although it’s a bit of a minefield, even just clicking on the About button in the Help menu causes the program to die because of a required NT function. But it does at least seem to be able to see traffic and let you view that, so that’s potentially helpful.

However, I just realised (upon trying it) that it’s meant for higher level HTTP traffic, and it’s probably not going to be able to show me what that SSL protocol packet is…


#59

Well, that sucks. At least you tried. :slight_smile:

Also…

lol really? :laughing:


#60

Just to check since you’ve gotten this far, are the root CAs updated yet or have you installed them manually? That is, the Let’s Encrypt chain, DST Root CA X3, etc.