AIM BugNov 25 2002 02:15AM Dave B. (bzerob bellatlantic net)
Major AIM Bug Courtesy Of Infested Nexus --- AIM: Infested Nexus. I have =
uncovered a bug in America Online's AIM service, which can allow a =
normal user to be able to transfer any file onto another users computer =
without consent. This works using the 'get file' feature. If a user has =
the option to allow others to get files without a prompt this hack can =
be executed. After downloading the USERX.lst file - end the file =
connection. Then name any file you wish to send and rename it USERX.lst =
and use the "send file" feature. The file will immediately begin =
transferring without asking for authentication on USERX's computer - =
though they will see the download box. I have tested this on a number of =
people who were away from their computer and it has worked. Tested on =
AIM 5.0.2938. If you go further with this exploit please give credit to =
Infested Nexus. ---- Infested Nexus AIM: Infested Nexus
uncovered a bug in America Online's AIM service, which can allow a =
normal user to be able to transfer any file onto another users computer =
without consent. This works using the 'get file' feature. If a user has =
the option to allow others to get files without a prompt this hack can =
be executed. After downloading the USERX.lst file - end the file =
connection. Then name any file you wish to send and rename it USERX.lst =
and use the "send file" feature. The file will immediately begin =
transferring without asking for authentication on USERX's computer - =
though they will see the download box. I have tested this on a number of =
people who were away from their computer and it has worked. Tested on =
AIM 5.0.2938. If you go further with this exploit please give credit to =
Infested Nexus. ---- Infested Nexus AIM: Infested Nexus
Be well!
~Dave
[ reply ]