Native Mac Support for MSN Messenger

I've poked around in some of the Mac versions' files, and although I've found various references to the things that need to be changed, just like on the Windows versions, editing them doesn't seem to make any difference.

Some of the files I've found that look like prime targets for editing: (The .app filenames might differ, these just happen to be what I named them to identify them - I think they're probably just Microsoft Messenger.app on a fresh install)

5.1.1:

Microsoft Messenger 5.1.1.app/Contents/MacOS/Microsoft Messenger
Microsoft Messenger 5.1.1.app/SharedSupport/Microsoft Messenger Daemon.app/Contents/Microsoft Messenger Daemon

(Will add more later, but I think they're all quite similar.)

Not all doom and gloom however, I haven't had zero progress, because Messenger for Mac 3.0.0 only needs the MSNP server, so I was able to twiddle my hosts file to point it at Escargot - and it works...

If you want to test this, add the following line to /etc/hosts

35.185.201.91 messenger.hotmail.com

I don't yet know how late a version of OSX that'll run on, because I've only got Tiger to test PowerPC clients on. At a push it might work on Snow Leopard if you manually install Rosetta, but I can't verify that.

So, small victories. I'll continue poking around to see if I can figure out where it's pulling these versions are pulling their domain names from.

changed the description

I have a document with a lot of information regarding Messenger for Mac: Messenger51_NetAdminGuide__2_.pdf

The interesting thing is the fact that it can connect to Microsoft Live Communications Server 2005

@tristanleboss Thanks for that, I've not yet looked into any of the non-MSN stuff, but I noticed a bunch of the Windows Messenger clients have multiple other connection types too. Beyond my knowledge at the moment, but might be interesting for future investigation.

Still haven't worked out where these versions are storing their server URLs, but 1.0r065 works too - once again had to edit my hosts file. Running on MacOS 9.2.2.

Dumb question, but how are you looking for the strings? grep -ri always works for me on windows when there is something to be found, but it's possible on the Mac version they're stored as UTF-16.

I'm using Hex Fiend on MacOS and HxD on Windows. I've also scanned through them manually when I've not found the strings I'm looking for, just to make sure it hasn't missed them. I don't quite understand, they're not stored in any obvious format (if they're in the executables) as far as I can tell, not byte-flipped or UTF-16 unless I've totally missed them. They must be stored somewhere though, so I'm a bit baffled at the moment.

If you send me it, I'll take a look.

No problem, I should upload those versions for people to play with anyway, I thought the Windows versions were probably higher priority for uploading but the Mac ones aren't very big anyway, and I don't have many of them. Will provide binaries shortly.

Sure, can you send the already installed files though? It'll save me some time

Yeah, that's what I was going to do, having to pick through installers on a Mac is no fun :)

All the versions I have between 1.x and 6.x:

MSN_1.0r065.zip 2.x.zip 3.x.zip MSN_4.0.1.zip MSN_5.1.1.zip MSN_6.0.3.zip

The earlier ones seem to be a single executable, the later ones are .app folders with a bunch of things inside them. As I mentioned before, Microsoft Messenger and Microsoft Messenger Daemon seem to contain the strings relating to the connection URLs, though I've tried changing all the ones I can find without success. The older versions seem not to contain those strings at all.

Edit: I'll upload the proper installers on Archive.org at some point, so I can link them on the forum.

I can't even find IP strings, so maybe they put them in as binary.

Yeah, it's quite confusing, they must be in there somewhere, encoded somehow I guess, I'm a bit stuck at this point. They probably have to be domains though, because altering the host file works.

Oh, right.

07 47 (1863 hex) appears in several locations. Can you edit each one to a different number, then run it again and see which port it tries to connect to? Then once we know which of them is the port number, the url is probably going to be near it. Repeat for each version and look for what's common...

(specifically, 1.0.0, 2.0.0, 2.1.0, 2.5.1, 3.0.0 since they're most similar)

Also, here's the dump:

1.0.0 (index of 0747, preceeding 8 bytes, 0747, next 8 bytes)
       986 07318200073e8200 0747 820007518200075f
    259518 16c4480010682c1d 0747 418216b8408016b4
    641989 8100107fa3eb7848 0747 c9600000007fa3eb
    713858 b371600000003b80 0747 386101664bf8faf9
    724774 1b787c9c23783ba0 0747 38610b6c4bf788bd
    936166 00144bf5e4013880 0747 38a000004bfcb6ed
    936334 00144bf5e3593880 0747 38a000004bfcb645
    988014 8485600000003bc0 0747 3861003c809b00a4
   1059018 6f29600000003b60 0747 3861003c4bf3b6b1
2.0.0
      3429 c10b521d02048280 0747 ff47ff47ff47ff47
    245838 1978480012e42c1b 0747 4182196c4080001c
    702274 943483e28c1c3b60 0747 3861033c4bf7e741
    897662 001c387d00003880 0747 38a000004bfcae61
    897718 001c387d00003880 0747 38a000004bfcae29
    931873 830000818c000848 0747 cd80410014480000
    931921 830000818c000848 0747 9d8041001457a006
    932029 830000818c000848 0747 3180410014800101
    946218 00644bf42e653ba0 0747 38610054809b009e
   1011782 00fc4bf32e493b40 0747 386100f8389b00bc
   1611352 3a8c062248388202 0747 b8489848a048b848
   1612101 3dd4062249c88202 0747 b847c047c847d049
   1612511 4054062249088202 0747 b848d048d848f048
2.1.0
      3581 c105122382048280 0747 ff47ff47ff47ff47
    710882 94b483e28c803b60 0747 3861033c4bf7ca7d
    843802 001c387d00003880 0747 38a000004bfda1b9
    843858 001c387d00003880 0747 38a000004bfda181
    892318 00644bf505cd3ba0 0747 38610054809b009e
    933017 79000a388100d048 0747 35804100147c7707
    948621 9f0000818c001848 0747 31804100147fe3fb
    959110 00fc4bf400e53b40 0747 386100f8389b00bc
   1457617 0000840800000000 0747 2480000084080000
   1457629 0000840800000000 0747 a880000048000000
   1457641 0000480000000000 0747 f8800000a0180000
   1520318 8000074898008000 0747 f80080000747f000
   1520324 80000747f8008000 0747 f00080000747a800
   1520330 80000747f0008000 0747 a800800007472400
   1520336 80000747a8008000 0747 240080000746a000
   1625729 2fe0062247c08202 0747 4048204828484048
   1626480 3328062249508202 0747 4047484750475849
   1626890 35a8062248908202 0747 4048584860487848
2.5.1
    327018 00ec480a816d3b40 0747 3861003c389b00bc
    352882 8e0883e28ae83b80 0747 38610318480a1c59
    362018 00404809f8b53ba0 0747 38610038809b009e
    369826 001c7fa3eb783880 0747 38a000004bff0629
    369882 001c7fa3eb783880 0747 38a000004bff05f1
    575057 82000c3880ffff48 0747 31806100387fc4f3
    990485 80000038a0000048 0747 b5387f0068480748
    990825 000018387f004848 0747 1180010000803f00
    992829 8200343860011848 0747 0d7c7e1b79418200
   1008481 8200107fc3f37848 0747 95804100147fe007
   1008569 0000004182000c48 0747 3d80410014388000
   1512581 0001280001938800 0747 60800000b4100000
3.0.0
     90713 8000027f85e37848 0747 3960000000386000
    511826 dda9600000003b40 0747 3861003c389b00bc
    531506 923c83e28e403b80 0747 38610318480890b9
    545270 5b05600000003ba0 0747 38610038809b009e
    556158 00947fa3eb783880 0747 38a000004bfee2dd
    556334 00947fa3eb783880 0747 38a000004bfee22d
   1208609 1a0734387f005c48 0747 f160000000800100
   1208669 00001c387f004448 0747 b560000000800100
   1216749 82009c7fa3eb7848 0747 f580410014480747
   1216757 0747f58041001448 0747 75804100147c6007
   1234309 a6ab78819f000848 0747 cd804100142c0300
   1732197 0000740001929e00 0747 20800000c4000000
   1732209 0000c40000000000 0747 f08000005c100000
   1803343 8000074850008000 0747 f00080000766d000

added discussion label

@valtron I use this tool to extract strings from binary files under Windows:

http://split-code.com/strings2.html

@enhanox Do you have a copy of MSN Messenger 3 and below for testing purposes? I am unable to find it.

Nice, can you explain how you got it working? I searched "MSN Messenger 1.0r065", then I found this page!

6.0.3 is the lower version that works in Intel 32bit without Rosetta, but uses MSNP13/14 and SSLv2. I was able to replace strings using Hex Fiend, but SSL will fail because Escargot server doesn't accept SSLv2:

Using an HTTP proxy will circumvent this issue allowing Messenger talk with Escargot servers, but unable to login (maybe because it's using MSNP14):

I hope this information is useful!

Update: MSNMS requests

> VER 8 MSNP14 MSNP13 CVR0
< VER 8 MSNP14
> CVR 9 0x0409 mac 10.9.4 i386 macmsgs 6.0.3 macmsgs xxxxxx@xxxx.xx
< CVR 9 6.0.3 6.0.3 6.0.3 https://escargot.log1p.xyz https://escargot.log1p.xyz
> USR 10 TWN I xxxxxx@xxxx.xx
< USR 10 TWN S ct=1,rver=1,wp=FS_40SEC_0_COMPACT,lc=1,id=1

(And then closes connection)

Nice work! And I've been trying to maneuver MSN Messenger for Mac 1.0 on SheepShaver whilst struggling with getting it to connect to a network interface.

Maybe @valtron could find out how to get SSLv2 up and running on his server, and if its a thing that can be implemented in either the Python code or the certs themselves, then people could test MSN for Mac 3.x+ with the Escargot dev server themselves.

I am trying to use the hosts file trick on my G4 with Tiger and another G4 with OS 9 with v3.0.0 and v2.5.1 respectively, but the connection attempts always time out as if the host file was not modified at all. Is there another solution that might work, like a prebuilt application with the necessary changes?

Full downloaders for Mac Here: https://onedrive.live.com/?id=49B4220E95DBBA3D%2111534&cid=49B4220E95DBBA3D

@abcermelo84 MSN, not AIM. ;p

changed title from Native Mac Support to Native Mac Support for the MSN Frontend

I was just playing about with MSN 6.01 on Mac OS 10.13.6. Edited the host file on Mac to "35.185.201.91 messenger.hotmail.com" and in Terminal typed 'nettop' >enter - This monitors out going connections by IP/Port. It does try to connect to 35.185.201.91 but when it fails it then tries to connect to "91.201.185.35.bc.googleusercontent.com:1863". It then says it can't sign in. Once it closes this connection the "91.201.XX.XX" one disappears. Must be 100% down to the SSLv2. Has anyone got a live SSLV2 server working anywhere that maybe this could be tried on? Give it a go yourself. Try it.

Just to clarify, SSLv2 is SSL 2.0, and @valtron's production server for Escargot is Caddy, which doesn't support any SSL or old TLS ciphers. As far as I know, he won't be switching to something more flexible in HTTPS like Apache or nginx because he doesn't want to deal with manually setting up any certificates, so don't expect support for Messenger:mac on the live server (or any MSN version from 5.0 - 7.5 working properly on old systems; those require HTTPS to authenticate) anytime soon. As for when someone runs their own Escargot server, they would have to set up a production server that supports SSL and the necessary ciphers and convert the Caddy configuration to the one of the other server for it to support Messenger:mac.

With the help of someone named "Sauce" and soem guesswork of my own, I was able to pinpoint where messenger.hotmail.com is stored for Messenger:mac 1.0.

First of all, "Sauce" suggested I use ResEdit (a Macintosh resource viewer, it seems) to look for the string in the binary. At first, I looked in the string table and had no luck. But when I found out that Mac OS has a sort of registry in the form of specialized files, I plopped MSN's in a hex editor (/System/Preferences/MSN Messenger Preferences) and searched for messenger.hotmail.com. To my surprise, it was in there as plain as day inbetween the usual binary junk, and after noticing it had a resource name (MSNp), I looked for that in the application and did the same search, which yielded the same result. After replacing the string in both locations, I opened Messenger:mac and tried to log in, which I was able to do. I was also able to send messages to one of my accounts along with receiving them, too.

@valtron If you're interested in patching Messenger:mac up to whatever was last to support MD5 auth, then locate the MSNp resource in the main program with ResEdit, replace messenger.hotmail.com with the usual (do the same in the preference file in case), and then give it a go. :p

changed title from Native Mac Support for the MSN Frontend to Native Mac Support for MSN Messenger

changed the description

added MSN label

Now that I look back, I'm not sure if anyone who's reported on MSN:mac for OSX post-3.0 not working tried redirecting login.live.com since Escargot has an RST.srf endpoint. If anyone's willing to try that out then that'd be greatly appreciated.

EDIT: OK nvm so I forgot the person who tested 6.0.3 did try to reroute the login server to Escargot and showed the SSLv2 problem. Honestly I just forgot about that and only focused on the GitLab comments. Will probably have to leave the issue stashed until there's a change in production servers (preferably Apache :p).

This year I was able to get MSN:mac 2.0 working on Mac OS 9.2 (QEMU) with the same patching method as 1.0 and I was going to get an OS X 10.2 VM set up too to at least try to patch and test 3.0 and possibly 3.5.x, but it seems to be super laggy even with like 4 GB of RAM configured. At least I'm getting confirmation that more versions work (even if others already got them working).

Now I got around to testing 2.5.1 on 9.2 as well and it appears this is when the Mac clients started using MSNP8 (enhanox said this version used MSNP5/6, but maybe this was a fluke or he tested a different build?). This time in addition to the MSNp resource edit I had to edit the 15th string in the STR# string table, ID 1102. That particular string is the Nexus URL, and the client connects to it with either SSL 2 or 3 but for some reason on SSL 3 specifies TLS ciphers. Anyway I have reason to believe 2.5.x and up are the clients currently not supported by Escargot, not 3.5.1 (or maybe 3.0 was the MD5 version for OS X clients and Microsoft didn't exactly have a straightforward versioning system for the Mac clients...).

Got 2.1.0 tested too, and that actually uses MSNP6 so I was able to log on to it.

I'll try to connect to escargot with QEMU with Mac OS X 10.0; if I can.

Testing on my iMac G4 running Mac OS X Panther 10.3.9 (and 33.6kbps dial up because why not?) - using the HOSTS file change in the wiki:

• M68k MSN Messenger 1.3; can login fine, but cannot send/receive messages, have to sign out/in for contact changes to occur, no "Contact added you" request on my other account on PC. Seems to get stuck on "Verifying User" - I didnt copy the Server Chat text (can do if requested).
• MSN 2.0; logs in fine, but doesn't alert other contacts to online/offline change and messages don't get sent or received.
• MSN 2.1; logs in fine, can add contact and send/receive messages perfectly fine. Logging in alerted my PC I logged on/off, etc.
• MSN 2.5.1 is actually for Mac OS 9 (which can run in Classic Mode) and was the last release. However, it seemed the host modification didn't work in Classic Mode and I was unable to find the host file mentioned in the wiki in my Classic System Folder.
• MSN 3.0; this is the latest version I could get to work, with sending/receiving working fine from both sides.
• MSN 3.5; The copy from the ZIP didn't work, but the copy I had from Office 2004 launched but fails at login (I believe it was previously mentioned this is likely due to SSL, and I have no desire to setup MITMProxy currently)

Hmm, not sure if I was able to test 2.0, but yeah 2.1 was working for me as well. Also host modification probably didn't work for 2.5.1 as that version from my testing is when they added the Tweener login (the Nexus one, to be specific). valtron as of recent has been looking at enabling support for older TLS 1 ciphers (via a fork of Caddy, although I think just using something like nginx, etc., would be infinitely less painful), so that coupled with a wildcard domain for Escargot's certificate might allow older systems to work? Have no idea right now, but lets hope it goes somewhere.

Oh, also welcome back Acer. Honestly thought you had abandoned the project after 2017 and MessengerGeek going rogue and stuff. These days most people are on the Escargot (not MessengerGeek, besides the last one was shut down) Discord since it's infinitely less of a toxic cesspool (which mind you, I can tell was purposefully enabled, but let's not get into that right now :p).

Thanks! c: I primarily just was having personal private issues in 2017, and I recently have very little to do so why not look at fun MSN stuff?

As cool as Caddy is, is its primary benefit automatic SSL handling? Cause like... certbot will handle all the stuff for you now, it even reloads apache/nginx after the certificate has renewed itself every 20 days.

I'll find the Discord link and join shortly, hopefully :3

is its primary benefit automatic SSL handling? Cause like... certbot will handle all the stuff for you now

Exactly what I'm thinking. valtron's pretty stubborn with fully migrating from Caddy though because he keeps on bringing up how easy it is for him to have HTTPS set up with no human intervention, yet doing it on Nginx is as easy, if not more flexible. Plus that and similar software are more advanced than Caddy ever will be. Only time will tell if/when he opens up.