Kicked off a Yahoo! chat room. Dude, that's "where the 1337 mean". j00'll never make it as a true h4x0r, if you don't cosy up with the Yahoo! crowd...
Printable View
Kicked off a Yahoo! chat room. Dude, that's "where the 1337 mean". j00'll never make it as a true h4x0r, if you don't cosy up with the Yahoo! crowd...
Ok some of the old tricks in Java and chat clients and most sites that use the technology for chat do a couple things when you connect. One thing is to re-map your kepboard, and one of the most common boot out of the room is to kill the app if a user hits the backspace key. Easy way to test this is to log into the room and say nothing but hit the backspace key, if you loose the room then you know the magic. Yahoo has used this for a long time in their chat rooms one of the few tools if it has a moderator can use.
I think they can only crash your yahoo messenger but if you logged on java browser or use chat 2.0 (www.yahoo.com)then you
won't get booted.
alright so far the replies on this topic have been rather vague, so I'll try and shed a little bit more light upon this subject. There are two basic attacks that I am aware of with the present day messenger.
The first attack is a basic buffer overflow. When someone says "boot code" this is what they're talking about. It's a string of characters sent to you to overrun the buffer and shut down the messenger. As yahoo has "progressed", the overflows that work have changed. the newest one I've seen has to do with sending a string of "www"s and "org"s in the pm box or chat window, which creates the basic effect, and you're knocked out of yahoo. All of these attacks are done through an automated program, which was said ealier.
The second one is called "bombing". This one involves sending a shitload of pms or cam invites, or anything else that sends a window to you. It creates the same basic effect as a DoS attack, slowing down your connection until yahoo eventually is forced to error. This is also done by a program, and the program involves it's own set of protocols to allow it to send these messages.
At one point there was also a couple of programs produced that would actually log a person out of their account on yahelite, cheetah, and java, but these programs were patched within a week.
These are the basic developments involved in "booting" that I have encountered. They are for the most part very simple, and used mostly by script kiddies so as to exploit helpless users into submitting to them.
Oh and one more thing. I wouldn't bother with the "hacker lounge" in yahoo. Most of those idiots haven't got a clue.