Re: AOL for Windows DoS/Exploit

From: p00h (p00hat_private)
Date: Mon Jun 01 1998 - 15:43:49 PDT

Next message: forcer: "Re: NEW ircii/bitchx(/epic?) overflow"

Previous message: Niall Smart: "Re: Patch to prevent setuid bash shells"
Maybe in reply to: Invisi: "AOL for Windows DoS/Exploit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

this is a very old bug, i believe that the term for it is "punting"
dunno though,
there are other bugs, ill elaborate on what you said
aol supports PARTIAL html, its like win95's implementation of tcp/ip
it only supports parts of it
there are several exploits for this, rather then include source, which
would be useless for something that only requires 1 line to be typed, i will explain how

to crash through instant messeges, send an instant message with the following text
"<a1><pre><a1><a1>"
you can send a few of these, this will freeze aol, causing either a gpf, or reboot,
this is because aol is recieving html, which it recognizes, but cannot decide what to do with it

to crash through mail, simply send a letter filled with
"<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<"
this crashes aol, it does this because of the way aol handles html
imagine that each < is a for loop, so every time there is a new <, thats another nested
for loop, this jumps cpu utilization to 100% i believe

-p00h



Invisi wrote:

> Well.. I thought this was something that some of you might get a kick
> out of... as well as informative.  I also havent seen this on any other
> sites.  here's the stuff...
>
> Tested on: AOL3.0 16-bit Windows, AOL3.0 32-bit Windows, AOL4.0 Windows
>
> Problem:
> AOL's Instant message's uses HTML.  This enables there customers to
> change font sizes, colors, backgrounds, to suite there tastes.  Well
> here is where the bug comes into play.
> All you simply have to do is send someone who is useing a AOL version,
> that uses the <font> tagg, a instant message of
> <font =
> 9999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999>
> A AOL instant message has to be below a certain character size that can
> fit in one message.  This goes beyond the valid size, as well as being a
> invalid parameter for <font>.  It will cause your AOL software to freak
> out, and a GPF will occur.  If your able to stick more 9's in there,
> then please do.
>
> Fix:
> Convert back to a older version of AOL for Windows, like 2.5 or before.
> Or, simply reject any Instant Messages by useing the $IM_OFF command.
> Since Instant Messages are a big part of AOL, most people keep there
> Instant Messages turned on.
>
> - Invisible

Next message: forcer: "Re: NEW ircii/bitchx(/epic?) overflow"
Previous message: Niall Smart: "Re: Patch to prevent setuid bash shells"
Maybe in reply to: Invisi: "AOL for Windows DoS/Exploit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:56:20 PDT