as a starter i'd like to correct some information about the comment crash, the reason you can't paste it is because it crashes the client, not because it's too big... if it was too big you wouldn't be able to send it an im. and it's been on aim filter and used by your average aim user since early august the following exploits were found and implemented by Robbie Saunders, although i believe the file crash was used before me by `CodeDreamer` 3 other exploits: 1) Font Crash: windows aim stores recent font names for instant messages, and i found that by sending a lot of different fonts causes aim to pop up with a font error, and after messing around i discovered that lines "<HR>" crash the client (and in some cases the OS) after the error has popped up, making for a neat little crash if you send a few hundred fonts with a horizontal line tacked on the end =) 2) File Crash: i'm not quite sure why this crashes the client, but if you send a file with a very large filename, the client crashes, and just closes on any nt based OS 3) Icon Crash: aim doesn't check incoming buddy icons to be under a certain height or width, so you can send an edited .gif file that may be 1k but claims to be very large (such as 10000x10000) and end up freezing the aim client for a large period of time, and on slow computers cause serious memory issues... i have tested with larger values (like 65kx65k) but it appears aim will pop up a memory buffer error instead of crashing... and apparently sending corrupt wav files will crash the client in the same manner If you're on windows you can use the software i created to exploit these bugs (AIM Filter), it can be found at http://www.ssnbc.com/wiz/ in software>aim aim filter is a local proxy that acts as both a server and client, meaning you can implement the crashes/features no matter what aim client you're on (and it's easy to use too, just type commands like aim.file.crash)
This archive was generated by hypermail 2b30 : Sat Oct 06 2001 - 16:31:51 PDT