MSN Chat Authentication
I have been attempting to get MSN Chat to function (pictures and general discussion at https://wink.messengergeek.com/t/msn-chat-experimentation/1086), as it's part of the functionality of some versions of MSN Messenger. Following is a communication log of my test server, which enables connection to a chat room and sending messages. It isn't very complete, but it's a start. The protocol used is IRCX (which is a proprietary modification of IRC) with GateKeeper authentication. Each line ends with CRLF just as in MSNP.
>> is client to server
<< is server to clientInitial connection by client to "gateway" server:
Connection and authentication:
>> IRCVERS IRC7 MSN-OCX!8.00.0210.2201
>> AUTH GateKeeper I :GKSSP\0?\0\0\0\0\0\0
<< AUTH GateKeeper S :GKSSP\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
>> AUTH GateKeeper S :GKSSP\0\0\0\0\0\0\0\0\0?DI4?<????5l?L#oM?U?Ob@
<< AUTH GateKeeper * D6976AC3D30A4249B16807102BBA1896@GateKeeper 0
Setting nickname and Message of the Day:
>> NICK nick
<< :TK2CHATCHATA02 001 nick :Welcome to the MSN Chat Service Network
<< :TK2CHATCHATA02 002 nick :Your host is TK2CHATCHATA02 - running version 9.02.0402.1601
<< :TK2CHATCHATA02 003 nick :This server was created Feb 16 2004 at 10:47:33 PDT
<< :TK2CHATCHATA02 004 nick :TK2CHATCHATA02 9.02.0402.1601 -adghmpswx
<< :TK2CHATCHATA02 375 nick :- TK2CHATCHATA02 Message of the Day -
<< :TK2CHATCHATA02 372 nick :-
<< :TK2CHATCHATA02 372 nick :- ** Welcome to the MSN.com Chat Service Network **
<< :TK2CHATCHATA02 372 nick :-
<< :TK2CHATCHATA02 376 nick :End of /MOTD command
Trying to create a chat room, an UL (unlisted) room called "room", with chat topic "topic", in German region/German language, unknown other params:
>> CREATE UL %#room %topic - DE-DE 1 73318750 0
<< :TK2CHATCHATA02 705 nick :Channel with same name existsSecond connection to "gateway" server, as it reconnects after finding that the channel already exists to try to join the channel instead of creating it:
Auth again:
>> IRCVERS IRC7 MSN-OCX!8.00.0210.2201
>> AUTH GateKeeper I :GKSSP\0?\0\0\0\0\0\0
<< AUTH GateKeeper S :GKSSP\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
>> AUTH GateKeeper S :GKSSP\0\0\0\0\0\0\0\0\0?DI4?<????5l?L#oM?U?Ob@
<< AUTH GateKeeper * D6976AC3D30A4249B16807102BBA1896@GateKeeper 0
Nickname and MOTD again:
>> NICK nick
<< :TK2CHATCHATA02 001 nick :Welcome to the MSN Chat Service Network
<< :TK2CHATCHATA02 002 nick :Your host is TK2CHATCHATA02 - running version 9.02.0402.1601
<< :TK2CHATCHATA02 003 nick :This server was created Feb 16 2004 at 10:47:33 PDT
<< :TK2CHATCHATA02 004 nick :TK2CHATCHATA02 9.02.0402.1601 -adghmpswx
<< :TK2CHATCHATA02 375 nick :- TK2CHATCHATA02 Message of the Day -
<< :TK2CHATCHATA02 372 nick :-
<< :TK2CHATCHATA02 372 nick :- ** Welcome to the MSN.com Chat Service Network **
<< :TK2CHATCHATA02 372 nick :-
<< :TK2CHATCHATA02 376 nick :End of /MOTD command
This time the chat client knows the room exists, so asks where it is:
>> FINDS %#room
Server responds saying that it's at 192.168.1.124 port 6667 (traditional IRC port - this could all be on the same server, but I split it up for debugging):
<< :TK2CHATCHATA02 613 nick :192.168.1.124 6667Now the client knows the room exists and where it is, so tries to connect to the correct server:
Auth again...
>> IRCVERS IRC7 MSN-OCX!8.00.0210.2201 US-DE
<< :TK2CHATCHATA02 800 * 1 0 GateKeeper,NTLM 512 *
>> AUTH GateKeeper I :GKSSP\0?\0\0\0\0\0\0
<< AUTH GateKeeper S :GKSSP\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
>> AUTH GateKeeper S :GKSSP\0\0\0\0\0\0\0\0\0?DI4?<????5l?L#oM?U?Ob@
<< AUTH GateKeeper * D6976AC3D30A4249B16807102BBA1896@GateKeeper 0
Nickname and MOTD again...
>> NICK >nick
<< :TK2CHATCHATA02 001 nick :Welcome to the MSN Chat Service Network
<< :TK2CHATCHATA02 002 nick :Your host is TK2CHATCHATA02 - running version 9.02.0402.1601
<< :TK2CHATCHATA02 003 nick :This server was created Feb 16 2004 at 10:47:33 PDT
<< :TK2CHATCHATA02 004 nick :TK2CHATCHATA02 9.02.0402.1601 -adghmpswx
<< :TK2CHATCHATA02 375 nick :- TK2CHATCHATA02 Message of the Day -
<< :TK2CHATCHATA02 372 nick :-
<< :TK2CHATCHATA02 372 nick :- ** Welcome to the MSN.com Chat Service Network **
<< :TK2CHATCHATA02 372 nick :-
<< :TK2CHATCHATA02 376 nick :End of /MOTD command
Client asks to join
>> JOIN %#room 73318750
Server acknowledges request to join the room and sends info about it:
<< JOIN %#room
Room message of the day would go here:
<< :TK2CHATCHATA02 422 nick :MOTD File is missing
Unknown MSN profile thing:
<< :TK2CHATCHATA02 818 nick nick MSNPROFILE :100:
Join room, get room topic and info of all the people chatting in it:
<< :nick!D72A2714BBF69B13@GateKeeperPassport JOIN . :%#room
<< :TK2CHATCHATA02 332 nick %#room :%Welcome\bto\bthe\btest\broom
The flags attached to the nicknames here mean things, but I'm not sure what:
<< :TK2CHATCHATA02 353 nick = #room :H,U,MY,@nick G,U,FY,.User G,U,FY,.Person H,U,MY,.Chatter
<< 366: #room End of /NAMES list
<< MODE #room +o Person
<< MODE %#room
User tries to say "hi?":
>> PRIVMSG %#room :S Tahoma;0 hi?
Another user called "Chatter" says "hi! welcome!" back to the user:
:Chatter!D6976AC3D30A4249B16807091CCB0785@GateKeeper PRIVMSG %#room :S Arial;0 hi! welcome!This is all I've tried to make it do, I believe many of the other commands will be quite similar to standard IRC commands (but I think there are less of them here).
Unfortunately it's a little difficult to represent the non-printable characters properly (and it seems gitlab has omitted them), as they obviously aren't printable, the above logs as a result are inaccurate and are missing some bytes. Every instance of \0 is actually the ASCII string "\0" (backslash and zero), not a null character as you would expect. To make this a little more obvious, I'll try to show the important bits as actual bytes here:
This is the initial AUTH, like the USR command in MSNP, it has an I and some following Ss. The bytes here for the initial (I) from the client, after :GKSSP (beginning with "\0", represented as \5c \30) are as follows:
AUTH GateKeeper I :GKSSP\0?\0\0\0\0\0\0\5c \30 \fa \06 \03 \5c \30 \5c \30 \5c \30 \01 \5c \30 \5c \30 \5c \30 (followed by \0d \0a which aren't shown)Then the server replies with an S, again the bytes given begin with the \0 after :GKSSP
AUTH GateKeeper S :GKSSP\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\5c \30 \5c \30 \5c \30 \03 \5c \30 \5c \30 \5c \30 \02 \5c \30 \5c \30 \5c \30 \5c \30 \5c \30 \5c \30 \5c \30 \5c \30 \5c \30 \5c \30 \5c \30 (again followed by \0d and \0a)Finally the S reply from the client to the server:
AUTH GateKeeper S :GKSSP\0\0\0\0\0\0\0\0\0?DI4?<????5l?L#oM?U?Ob@\5c \30 \5c \30 \5c \30 \03 \5c \30 \5c \30 \5c \30 \03 \5c \30 \5c \30 \5c \30 \b7 \18 \c4 \90 \49 \34 \06 \b6 \3c \eb \04 \b5 \15 \13 \11 \e1 \f9 \35 \6c \86 \4c \23 \6f \4d \b8 \55 \10 \81 \4f \62 \40 \1b (and again \0d \0a)Now the messages, using the reply from Chatter as an example, beginning after the "%room :" (I have left the font name and message section as text for readability, this text is enclosed in quotes)
:Chatter!D6976AC3D30A4249B16807091CCB0785@GateKeeper PRIVMSG %#room :S Arial;0 hi! welcome!\01 \53 \20 \01 \01 "Arial;0 hi! welcome!" \01 (and finishing with the usual \0d \0a)