Protocols/MSNP/Development: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
Line 65: | Line 65: | ||
https://support.microsoft.com/de-de/help/2433327/how-to-enable-and-disable-a-trace-for-the-microsoft-online-services-sign-in-assistant | https://support.microsoft.com/de-de/help/2433327/how-to-enable-and-disable-a-trace-for-the-microsoft-online-services-sign-in-assistant | ||
</pre> | |||
==== OLD ==== | |||
<pre> | |||
If you are a user having issues with Escargot, please: | |||
1. Uninstall MSN Messenger by going to `Control Panel` > `Programs` > `Programs and Features` (for Windows 7; `Control Panel` > `Add/Remove Programs` in Windows XP and below), select `MSN Messenger x.x`, or `Windows Live Messenger` in the list and click on `Uninstall`. | |||
2. Check that the `C:\Program Files\MSN Messenger`/`C:\Program Files (x86)\MSN Messenger` folder (`C:\Program Files\Windows Live\Messenger`/`C:\Program Files (x86)\Windows Live\Messenger` for WLM 8.5) doesn't exist anymore or is empty. If files still reside in the specified folders, delete them. | |||
3. Reinstall MSN Messenger by either using the pre-patched installers found on [this page](https://escargot.log1p.xyz/#downloads) (if you already have it **please redownload it** because we may have changed it since the last time you downloaded it), or you can alternatively download an unpatched version and manually patch it. | |||
4. If MSN Messenger is open, close it by right clicking on the MSN Messenger icon in the system tray (the area with the system date/time and other icons) and click on the `Exit` menu strip. | |||
5. Create a folder named `Escargot` in the root of your system's hard drive (e.g, `C:\Escargot`). | |||
6. Download [Debug_Escargot.reg](/uploads/0096c550020071acfda1183930714b93/Debug_Escargot.reg) and launch it by double clicking on it. At the "Adding information can unintentionally change or delete values and cause components to stop working correctly. (...) Are you sure you want to continue?" prompt, click on `Yes`. | |||
7. Download [msidcrl-debug.dll](https://storage.googleapis.com/escargot-storage-1/public/msidcrl-debug.dll), rename it to `msidcrl.dll` and use it to replace `msidcrl.dll` in `C:\Program Files\MSN Messenger`/`C:\Program Files (x86)\MSN Messenger` (or `C:\Program Files\Windows Live\Messenger`/`C:\Program Files (x86)\Windows Live\Messenger` for WLM 8.5). | |||
8. Launch MSN Messenger. | |||
9. Try logging in or try to reproduce the problem you are dealing with. | |||
10. Refer to Step 4. | |||
11. Download [Stop-Debug_Escargot.reg](/uploads/c79bd28c0d9de7b572b68230c04943d6/Stop-Debug_Escargot.reg) and follow the same instructions in Step 6. | |||
12. Go to the `Escargot` folder you created in the root of your system's hard drive and send us the files you have inside it. | |||
13. Go to the `C:\Program Files\MSN Messenger`/`C:\Program Files (x86)\MSN Messenger` (or `C:\Program Files\Windows Live\Messenger`/`C:\Program Files (x86)\Windows Live\Messenger` for WLM 8.5) folder and send us the `escargot-msidcrl.log` created inside said folder. | |||
14. Go to `My Received Files` folder (or the language-specific version of the folder, if any) in your `Documents` folder and send us the `MsnMsgr.txt` file in there as well. | |||
</pre> | </pre> | ||
Revision as of 14:03, 13 March 2021
Clean Install
Create a `.bat` file with the contents shown below but replace `{EmailAddress}` with the email address you are using on MSN Messenger: rmdir /S /Q "%USERPROFILE%\AppData\Local\Microsoft\Messenger" rmdir /S /Q "%USERPROFILE%\AppData\Local\Microsoft\MSN Messenger" rmdir /S /Q "%USERPROFILE%\AppData\Local\Microsoft\Windows Live Contacts\{EmailAddress}" rmdir /S /Q "%USERPROFILE%\AppData\Local\Microsoft\Windows Live\Contacts" rmdir /S /Q "%USERPROFILE%\AppData\Local\Temp\MessengerCache" rmdir /S /Q "%USERPROFILE%\AppData\Local\Temp\{EmailAddress}" rmdir /S /Q "%USERPROFILE%\AppData\Local\Temp\{EmailAddress}.shadow" rmdir /S /Q "%USERPROFILE%\AppData\Roaming\Microsoft\MSN Messenger" rmdir /S /Q "%USERPROFILE%\Contacts\{EmailAddress}" REG DELETE "HKLM\Software\Microsoft\Windows Live\Messenger" /f REG DELETE "HKLM\Software\Microsoft\MSNMessenger" /f REG DELETE "HKCU\Software\Microsoft\MSNMessenger" /f REG DELETE "HKCU\Software\Microsoft\Windows Live\Communications Clients\Shared" /f REG DELETE "HKCU\Software\Microsoft\IdentityCRL" /f pause Start the `.bat` file by right clicking on it and select `Run as administrator`. You may also want to remove your `Temporary Files` and `Temporary Internet Files` using `Disk Cleanup` or `CCleaner`. **Sources:** https://messengersupportspace.wordpress.com/2009/05/29/clean-installation-of-windows-live-messenger-%e2%80%93-windows-vista/ https://messengersupportspace.wordpress.com/2009/05/29/clean-installation-of-windows-live-messenger-%e2%80%93-windows-xp/
Debug Logging
**Messenger** Messenger for Windows has the ability to create a log file. Here is a reg file [Debug.reg](https://storage.levelleap.com/nina/protocols/msnp/development/Debug.reg) to enable the logging on (at least) versions < 9. The log file will be in the `Documents > My Received Files` (the folder name depends on Messenger language). In Windows Live Messenger, you will find some logs there: `C:\Users\{user}\AppData\Local\Microsoft\Messenger\` **Microsoft Identity Control** You can use these 2 reg files to turn on/off logging for microsoft identity control components (msidcrl, ...): [Enable_Logging.reg](https://storage.levelleap.com/nina/protocols/msnp/development/Enable_Logging.reg) [Disable_Logging.reg](https://storage.levelleap.com/nina/protocols/msnp/development/Disable_Logging.reg) The path were the log will be is in the reg file. If you don't change the path in the reg files, you need to create 2 folders: `C:\MSOTrace` and `C:\MSOTraceLite` **Sources** NOTE: Please replace `MSOIdentityCRL` by `IdentityCRL` in registry keys name when needed. https://messengersupportspace.wordpress.com/2007/08/03/how-to-create-a-messenger-idcrl-log/ https://social.technet.microsoft.com/wiki/contents/articles/18103.microsoft-online-services-sign-in-assistant-how-to-enable-debug-tracing.aspx https://support.microsoft.com/de-de/help/2433327/how-to-enable-and-disable-a-trace-for-the-microsoft-online-services-sign-in-assistant
OLD
If you are a user having issues with Escargot, please: 1. Uninstall MSN Messenger by going to `Control Panel` > `Programs` > `Programs and Features` (for Windows 7; `Control Panel` > `Add/Remove Programs` in Windows XP and below), select `MSN Messenger x.x`, or `Windows Live Messenger` in the list and click on `Uninstall`. 2. Check that the `C:\Program Files\MSN Messenger`/`C:\Program Files (x86)\MSN Messenger` folder (`C:\Program Files\Windows Live\Messenger`/`C:\Program Files (x86)\Windows Live\Messenger` for WLM 8.5) doesn't exist anymore or is empty. If files still reside in the specified folders, delete them. 3. Reinstall MSN Messenger by either using the pre-patched installers found on [this page](https://escargot.log1p.xyz/#downloads) (if you already have it **please redownload it** because we may have changed it since the last time you downloaded it), or you can alternatively download an unpatched version and manually patch it. 4. If MSN Messenger is open, close it by right clicking on the MSN Messenger icon in the system tray (the area with the system date/time and other icons) and click on the `Exit` menu strip. 5. Create a folder named `Escargot` in the root of your system's hard drive (e.g, `C:\Escargot`). 6. Download [Debug_Escargot.reg](/uploads/0096c550020071acfda1183930714b93/Debug_Escargot.reg) and launch it by double clicking on it. At the "Adding information can unintentionally change or delete values and cause components to stop working correctly. (...) Are you sure you want to continue?" prompt, click on `Yes`. 7. Download [msidcrl-debug.dll](https://storage.googleapis.com/escargot-storage-1/public/msidcrl-debug.dll), rename it to `msidcrl.dll` and use it to replace `msidcrl.dll` in `C:\Program Files\MSN Messenger`/`C:\Program Files (x86)\MSN Messenger` (or `C:\Program Files\Windows Live\Messenger`/`C:\Program Files (x86)\Windows Live\Messenger` for WLM 8.5). 8. Launch MSN Messenger. 9. Try logging in or try to reproduce the problem you are dealing with. 10. Refer to Step 4. 11. Download [Stop-Debug_Escargot.reg](/uploads/c79bd28c0d9de7b572b68230c04943d6/Stop-Debug_Escargot.reg) and follow the same instructions in Step 6. 12. Go to the `Escargot` folder you created in the root of your system's hard drive and send us the files you have inside it. 13. Go to the `C:\Program Files\MSN Messenger`/`C:\Program Files (x86)\MSN Messenger` (or `C:\Program Files\Windows Live\Messenger`/`C:\Program Files (x86)\Windows Live\Messenger` for WLM 8.5) folder and send us the `escargot-msidcrl.log` created inside said folder. 14. Go to `My Received Files` folder (or the language-specific version of the folder, if any) in your `Documents` folder and send us the `MsnMsgr.txt` file in there as well.
Tools
Here is some tools that may be useful:
API monitor:
- WinAPIOverride: http://jacquelin.potier.free.fr/winapioverride32/
- API Monitor: http://www.rohitab.com/apimonitor
- SpyStudio API Monitor: http://www.nektra.com/products/spystudio-api-monitor/
- API Monitor: http://apimonitor.com/
- Auto Debug: http://autodebug.com/
- Tracer: https://yurichev.com/tracer-en.html
- API Spy: http://www.matcode.com/apis32.htm
- oSpy: https://github.com/oleavr/ospy
Network monitor:
- WireShark: https://www.wireshark.org/
- Fiddler: http://www.telerik.com/fiddler
- RawCap: http://www.netresec.com/?page=RawCap
- DNSQuerySniffer: http://www.nirsoft.net/utils/dns_query_sniffer.html
- SocketSniffer: http://www.nirsoft.net/utils/socket_sniffer.htm
- IMSpector: http://www.imspector.org/
Disassembly:
- IDA: https://www.hex-rays.com/products/ida/
- IDA FindCrypt plugin: https://www.aldeid.com/wiki/IDA-Pro/plugins/FindCrypt2
Strings extraction:
- Strings2: http://split-code.com/strings2.html
API hooking:
- Detours: https://www.microsoft.com/en-us/download/details.aspx?id=52586
- Deviare: http://www.nektra.com/products/deviare-api-hook-windows/ ( http://www.nektra.com/products/deviare-api-hook-windows/deviare-in-process/ )
- EasyHook: https://easyhook.github.io/
Various:
- MSN Webcam Recorder: http://msnwcrec.arrozcru.org/index.html
- MSN Polygamy: https://storage.levelleap.com/nina/clients/msnp/misc/MSN_Polygamy.exe