| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 16 May 2003 20:45:50 -0000
From: <cyber_flash@...mail.com>
To: bugtraq@...urityfocus.com
Subject: Automatic Harvesting of AOL Instant Messenger Screen Names!
Hi,
See my demo source code (masm32):
www.geocities.com/cyber_flash5/aimhol.zip
If you have problems downloading, please send me an email.
A simple 2x30 search returned approx. 6000 screen names!
My CONCERN is what would one do with all these screen names/data?!
Maybe create Spam/Virus/Worm/etc.,...?
This technique could enhance malware code distribution because it can now
obtain screen names/email addresses/personal info by simply querying it
directly from the AOL OSCAR/BOS servers.
The AIM default privacy setting is 'Allow ALL users to contact me'.
Currently several 3rd party clients exist which I think piggyback upon the
OSCAR protocol to communicate with AOL IM clients:
GAIM - http://gaim.sourceforge.net/
TRILLIAN - http://www.ceruleanstudios.com/trillian/index.html
Should AOL prevent these tools from accessing their servers?
(see http://www.the44.net/badaim/ ;)
; ###########################################################
Title: Aimhol - A companion to AOL 'Find a Buddy Wizard'.
Purpose: Automatically retrieves AOL Instant Messenger screen names
from the OSCAR/BOS servers!
Author: Vengy! (-_-)
Date: 2003 and beyond ...
Tested: Win2K/XP ...
Compiled: MASM32
Bugs: cyber_flash@...mail.com
Aimhol: - A companion to AOL 'Find a Buddy Wizard'.
=======
This program will attempt to AUTOMATICALLY retrieve AOL Instant Messenger
screen names and associated data (hobbies, nicknames,...) by querying the
AOL OSCAR/BOS servers! :) It uses port 443 to connect. AIM default is 5190
but HTTPS (443) slips thru most firewalls.
Files included:
---------------
aimhol.asm Main source code and search tips.
aimhol.exe Main program.
surnames.inc List of 2150 most common US surnames.
rand.inc Generates a random number in the range [0-(MAX-1)]
misc_stuff.inc Useful procedures such as MD5, Winsock, etc., ...
readme.txt You're reading it.
AIM Login Process:
------------------
OSCAR (Open System for Communication in Realtime) is a proprietary protocol
developed by America On-Line (AOL). OSCAR defines a system of exchanging
instant messages. The protocol is used by all versions of AOL's Instant
Messenger (AIM) client and the latest versions of ICQ (ICQ2000 and later).
An OSCAR login is composed of a TCP packet that includes the login name
(screen name), password, and client version string.
Upon successful login, a cookie is issued that grants users access to the
various BOS servers for the life of the session. The AIM network is
comprised of two kinds of servers: Open System for Communications in Real-
time (OSCAR), which handles user authorizations; and Basic OSCAR Service
(BOS), which provides the search tools for users to find each other.
How Aimhol works:
-----------------
It randomly picks a "Last Name" from a list of 2150 most common surnames
(see surnames.inc) as compiled by
'http://www.census.gov/genealogy/names/dist.all.last' or builds a new
random surname based upon the ODDS parameter (1 in 50), then sends it to
the BOS server as a 'Find Buddy' request. All responses are logged in
***BUDDY.TXT*** using the TLV (Type)(Length)(Value) format as follows:
(00,09)(00,NN)(Screen Name)
(00,08)(00,NN)(City)
(00,07)(00,NN)(State)
(00,06)(00,NN)(Country)
(00,02)(00,NN)(Last Name)
(00,01)(00,NN)(First Name)
Additional data such as, hobbies, nick names, etc.,... are logged too!
Also, Screen Names are extracted from buddy.txt and saved in ***SN.TXT***.
(-_-)
P.S. Yep, I was bored last week. ;)
Powered by blists - more mailing lists