Kev 69 Posted June 10, 2012 Report Share Posted June 10, 2012 Hi all, I'm thinking of releasing a bot that will email the results to the user. So, I'm testing it right now and inputted my email address and username/password in order to test it. It's a gmail account and it's testing out fine. My concern is that I am inputting my email addy password hardcoded inside the bot. Is it possible for someone who's watching traffic and packets etc to see (unencrypted) what the username and password is, and then be able to log into the gmail account and change the password? Does ubot encrypt this info? Thanks in advance! Kevin Quote Link to post Share on other sites
bot-guru 1 Posted June 11, 2012 Report Share Posted June 11, 2012 Very good question.I'm looking forward to the right answer. Quote Link to post Share on other sites
malefic 48 Posted June 11, 2012 Report Share Posted June 11, 2012 If the username and password are being sent to an unsecured (non-SSL site) then there is a chance that someone may see the credentials as they pass across the Internet - this is not a Ubot problems. Even if Ubot encrypts the data (which is sort of does using exe encryption / obfuscation I think), they may not be able to get it from the code easily by reverse engineering but if you go to a http:// address your details are in the clear. As most of the big email providers (I am thinking Gmail, Yahoo, Hotmail etc) have SSL certs and https sites, as long as you use those addresses your details should be safe. Hope that helps. Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.