alright so far the replies on this topic have been rather vague, so I'll try and shed a little bit more light upon this subject. There are two basic attacks that I am aware of with the present day messenger.

The first attack is a basic buffer overflow. When someone says "boot code" this is what they're talking about. It's a string of characters sent to you to overrun the buffer and shut down the messenger. As yahoo has "progressed", the overflows that work have changed. the newest one I've seen has to do with sending a string of "www"s and "org"s in the pm box or chat window, which creates the basic effect, and you're knocked out of yahoo. All of these attacks are done through an automated program, which was said ealier.

The second one is called "bombing". This one involves sending a shitload of pms or cam invites, or anything else that sends a window to you. It creates the same basic effect as a DoS attack, slowing down your connection until yahoo eventually is forced to error. This is also done by a program, and the program involves it's own set of protocols to allow it to send these messages.

At one point there was also a couple of programs produced that would actually log a person out of their account on yahelite, cheetah, and java, but these programs were patched within a week.

These are the basic developments involved in "booting" that I have encountered. They are for the most part very simple, and used mostly by script kiddies so as to exploit helpless users into submitting to them.

Oh and one more thing. I wouldn't bother with the "hacker lounge" in yahoo. Most of those idiots haven't got a clue.