Secure Instant Messaging Protocol (SIMP)

SIMP was a small utility made by the folks over at www.winfosec.com (apparently no longer around) that was initially designed as a PoC tool for secure instant messaging between two distinct hosts. The program uses the blowfish encryption algorithm in order to secure the message content before throwing it on the wire. Both sides of the connection must have the same encryption key in order for this to work correctly (blowfish being a symmetric cipher).

While doing research for my GCIA practical, I decided it would be much easier to understand the SIMP communication process if ethereal (now wireshark) could display the client interactions in a more visible manner. Using the protocol dissector for POP and the developer doc as references, I was able to write a very generic dissector for SIMP. The dissector is not perfect - the most notable issue is the incorrect ASCII display of the encrypted text in the protocol tree view. Though the correct ASCII is not entirely necessary in the tree, it needs to either be correct or ommitted to avoid confusion; I will probably tinker around with it more as time permits.

In order to get it working on your system, first download the source for the SIMP dissector and place it in the directory where you have extracted ethereal. Then, add "packet-simp.c" to the DISSECTOR_SOURCES macro in the Makefile.am and Makefile.nmake files. Run ./configure && make and you are done.

If you would like to make any changes to my dissector, have at it. The developer doc can be found in doc/README.developer.

Screenshots

Session Initialization

This is the beginning of a conversation between "User1" and "User2"

Sending a Message

sending...

Quiting the Program

quiting...