From NINA Wiki
Jump to navigation Jump to search


From my testing, all the versions I tested (6.0.3, 7.0.2, 8.0.1) use TLSv1 to connect to the login servers, HOWEVER it just uses an old record layer. More information about this would be very appreciated.

MSNP Mac TLSv1.png

  • 6.x, 7.x: MSNP14, MSNP13
  • 8.x (including beta): MSNP16, MSNP15, MSNP14, MSNP13

This is the only official Microsoft client that uses the TWN auth method after MSNP15 (SSO/RPS was introduced in MSNP15).


You can enable connection logging on M:M 7 and 8 by enabling it in Preferences (Cmd+,). The file location will be ~/Documents/Microsoft Messenger.log on M:M 7 and ~/Library/Logs/Microsoft Messenger.log on M:M 8.

Changing servers

To change the servers, you'll have to edit the binary data itself using an hex editor.

There's a configuration file (plist) located in ~/Library/Preferences/Microsoft/, 7.x) and ~/Library/Preferences/ that caches some server values (ABCH Server, NS Server, Gateway Server) that should also be changed if the app has been opened before.

CVR commands sent

M:M 8.0.1

CVR 2 0x0409 mac 10.13.6 i386 macmsgs 8.0.1 macmsgs

M:M 8.0.0 beta

CVR 2 0x0409 mac 10.13.6 i386 macmsgsbeta 8.0.0 macmsgsbeta

M:M 7.0.2

CVR 2 0x0409 mac 10.9.6 i386 macmsgs 7.0.2 macmsgs

M:M 6.0.3

CVR 2 0x0409 mac 10.9.6 i386 macmsgs 6.0.3 macmsgs

All of these requests were sent using macOS 10.13.6, but 6.x and 7.x seem to send the client operating system version as 10.9 (probably a cap?)

Odd quirks

Messenger:mac only reads the PassportURLs Header from the Passport Nexus if it ends with ConfigVersion=14.

It uses TWN even on MSNP16, so it gets the ABCH token from the DALogin value from the PassportURLs header. It's currently unknown how it gets the token itself, more information would be appreciated.