I'm assuming you've seen those AIM Bots such as "Moviefone", "ShoppingBuddy", "naim help" and so on by now? These AIM Bots require a way to deliver an instant reply with no limit of how fast and how many in such a short time without giving the usual rate limit warning. If you send an IM to a friend or who ever you'll notice the color rate limit bar below the Send button. AOL recently gave everyone with an AIM account the chance to convert their AIM account into a Bot using its AOL Open Bot Developer's Program. What they apparently didn't know was that there would be an exploit to this AIM Bots program conversion process. This exploit was eventually created by someone who goes by Virus. This comes as no surprise to me because of the past experience of exploits/loopholes from AOL/AIM.
Details:
Vulnerable: Version 5.9
others?
Exploit: Disable Rate Limit(excluding chat room) on AIM account.
1. Go to http://developer.aim.com/bot.jsp.
2. Convert your screen name into a bot.
3. Sign onto AIM.
4. Send an IM to yourself.
5. Exit, sign on, sign off.
6. Unconvert it, reconvert it.
7. Sign on, unconvert it.
8. Exit, sign on.
I tested this on one of my own AIM accounts with success. I used IE because that is my default browser and is what AIM uses anyways. You'll notice it is working when you open an IM window and find that the IM Rate Limit bar is all green.
Sunday, December 23, 2007
Disable AIM Rate Limit
Subscribe to:
Post Comments (Atom)
1 comment:
hi,
i need a simple IM relay to forward some generic alert message to all 20 users in my team, when they reply to that IM user it will relay again, making it a chat group but users no need to join.
I get rate limit when i try to net:oscar libraries on perl and some time it get kicked out.
So tried your steps line by line, but even after all the steps the green bar is not full. (Still same rate limits). Did i miss something on this instruction?.
Thanks in advance.
Post a Comment