November 21st, 2003, 03:43 AM
I recently found a very interesting flaw in the AIM server log-on mechanism. It began when I logged on to my account on a windows box and began messages with maybe three people.
I then played a little unreal tournament 2003 and left the computer signed-on to AIM and the messages to the certain individuals were still active.
I then logged on to my linux box on the same LAN as the windows box, I proceded to log on to GAIM and continue the conversations that I had previously left up on the windows box. I typed to the users which I had previously been chatting with and received no responce from either users for a long duration of time....
Curious, I went back up to my windows box and sure enough I was still logged on to AIM and was receiving the messages that I had typed on the linux box on the windows box, and the users that I had been talking to had actually been talking to me the whole time but the windows box's client was recieving all the incoming messages.
I find this rather interesting and I think that it opens a new gaping hole in the hijacking of AIM messages. May someone know what have happened????
If the scatman can do it so can you.