Toprog

Toprog is a program that act as a proxy server between two ICQ users. 
Every messages sent from UIN A to UIN B and from B to A goes through the 
proxy and thus can be read by you. From the victim point of view, everything 
appears to be normal. However a simple netstat would show something odd 
is going on. 

For the program to work, many conditions must be present:

- You need to know both UIN. 
- The users must be visible. It won't work on invisible users cause the 
ICQ server won't tell us their IP and ICQ port.
- They must be in each other contact list. (Otherwise they won't use TCP 
to send message, all messages will go through the ICQ server)
- The TCP connection between the two user hasn't been established yet(
i.e. no messages was already sent between them).

Suppose UIN A is online since a while and UIN B becomes online. If you
start the program at this very moment and they send messages to each
after, you should be able to see the contents of those messages. 


Installation and usage

The program is written in Java, so it should in theory run on any
computer equiped with a Java virtual machine. It is not an applet however,
it won't run from a web browser. If you don't have a Java virtual machine,
you can get one at www.javasoft.com/products/index.html. Get JDK or JRE.
JRE is much smaller and if you have no java coding experience it is all
you`ll probably need. JDK is only required to compile java source code and
I only give the source code for the curious.


I don't use JRE but to run the program with it try something like
this(read JRE README if you have problem, please don't mail me...):

   jre -cp <toprog directory> toprog <localUIN> <localUIN password> <UIN A> <UIN B> 

   -localUIN is the UIN the program user to log into the ICQ server and 
    get UIN A and B IPs and ports. It can be any UIN, as long as you know
    it's password. This UIN will appear online only for a few minutes.

   -LocalUIN password is the password of the UIN in the LocalUIN field.
    Kinda obvious...

   -UIN A and B are your victims.

Here's an exemple with JDK:

[root@localhost toprog]# java toprog 333333 password 111111 222222

Toprog 1.0
An Eyewitness
Autumn98

Getting IPs and Ports number...Done
Sending Channels init...Done
Starting connection...Done.
Connections established
222222 (message): 
Hello!

111111 (message): 
Hi!

Etc. 

All the messages are log in the current directory in file toprog.log.

Finally note that if a connection already exist between UIN A and B the  
program will block, probably after the Starting connection message. 

Feel free to mail me comments, bugs report, suggestion, etc. Please don't  
mail me to much about JDK/JRE however...

An Eyewitness
aneyewitness@geocities.com
98/11/11
