Page 1 of 2 12 LastLast
Results 1 to 10 of 17

Thread: AOL Instant Kiss!

  1. #1
    I am a cracker
    Guest

    Post AOL Instant Kiss!

    My girlfriend was on the internet today and someone sent her a AOL Instant Kiss! AOL Instant Kiss is a e-mail that will steal your Screen name and password if the user click's on it the sends the information back to the Script Kiddy... This Subj: Someone has been thinking of you! < /html>< font ptsize=1>
    Date: 2/9/02 2:53:18 PM Pacific Standard Time
    From: ktsfr
    BCC: Ezkmogrl420




    AOL Insta-Kiss

    Dear AOL Member


    Someone thinks very highly of you and has sent you an AOL Insta-Kiss.
    The AOL Insta-Kiss is a way for people to express their emotions for others
    with America Online. The Insta-Kiss can be the start of a long lasting
    romance
    or a way to show that special someone just how much you care.

    To view your AOL Insta-Kiss Click Here.

    Would you like to send me or someone else a kiss?
    It's easy with Love@AOL's InstaKiss.

    The AOL Insta-Kiss is just one of the many cool things
    you can find in Love@AOL. You have been sent an AOL Insta-Kiss

    Where it says click here to view your AOL INSTANT KISS I held my cursor over the link and it said http://greetings.aol.com@209.202.218.12/al4/instant kiss so I did a scan to see who it was and this was the results

    Stealth Report
    Stealth report for www.angelfire.com (209.202.218.12)
    Date: 2/9/02 6:05:04 PM

    Scan Rule: Top 20 Scan

    209.202.218.12
    Host name: www.angelfire.com
    Port: 80
    Server: Apache/1.3.9 (Unix) FrontPage/5.0.2.2510

    Server may have HTTP vulnerabilities/exposures. (12 items)

    Special Request
    Risk Level: High
    Location: http://209.202.218.12/MSADC/..%%35%6...32/cmd.exe?/c+

    IIS Unicode Vulnerability.


    Special Request
    Risk Level: High
    Location: http://209.202.218.12/MSADC/..%%35c....32/cmd.exe?/c+

    IIS Unicode Vulnerability.


    Special Request
    Risk Level: High
    Location: http://209.202.218.12/cgi-bin/..%%35....exe?/c+dir+c:

    IIS Unicode Vulnerability.


    Special Request
    Risk Level: High
    Location: http://209.202.218.12/msadc/..%%35%6...32/cmd.exe?/c+

    IIS Unicode Vulnerability.


    Special Request
    Risk Level: High
    Location: http://209.202.218.12/msadc/..%%35c....32/cmd.exe?/c+

    IIS Unicode Vulnerability.


    Special Request
    Risk Level: High
    Location: http://209.202.218.12/pbserver/..%%3....exe?/c+dir+c:

    IIS Unicode Vulnerability.


    Special Request
    CVE: CAN-2000-0884
    Risk Level: Medium
    Location: http://209.202.218.12/scripts/..%bg%...cmd.exe?/c+dir

    IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.


    Special Request
    CVE: CAN-2000-0884
    Risk Level: Medium
    Location: http://209.202.218.12/scripts/..%bg%...cmd.exe?/c+dir

    IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.


    Special Request
    CVE: CAN-2000-0884
    Risk Level: Medium
    Location: http://209.202.218.12/scripts/..%bg%...cmd.exe?/c+dir

    IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.


    Special Request
    CVE: CAN-2000-0884
    Risk Level: Medium
    Location: http://209.202.218.12/scripts/..%cg%...cmd.exe?/c+dir

    IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.


    Special Request
    CVE: CAN-2000-0884
    Risk Level: Medium
    Location: http://209.202.218.12/scripts/..%t0%...cmd.exe?/c+dir

    IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.


    Special Request
    CVE: CAN-2000-0884
    Risk Level: Medium
    Location: http://209.202.218.12/scripts/..%t0%...cmd.exe?/c+dir

    IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.

    How can I get this guy to stop sending mail to my AOL ACCOUNTS!I called AOL they did nothing ...
    I put the changed all the privacy settings high.

  2. #2
    Senior Member
    Join Date
    Dec 2001
    Posts
    884
    You need to call Angelfire dude and report the account "al4" for doing this. They should be prompt and suspend it. AOL has nothing to do with this guy.

  3. #3
    Senior Member
    Join Date
    Dec 2001
    Posts
    884
    Oh, you could also forward the email, if it is from a fellow AOL member, to screenname "TOSSPAM" They'll take care of it if he/she has AOL service.

  4. #4
    Banned
    Join Date
    Oct 2001
    Posts
    1,459
    Wow... Where did you do that scan?

  5. #5
    I am a cracker
    Guest
    alright thanks

  6. #6
    I am a cracker
    Guest
    ac1dsp3ctrum
    Wow... Where did you do that scan?


    I used the program Stealth 2.0
    very tight!

  7. #7
    Senior Member
    Join Date
    Dec 2001
    Posts
    884
    Stealth is a really kool prog. I've used it many times before.

  8. #8
    I am a cracker
    Guest
    If you go to www.neworder.box.sk you can get Advanced Administration Tools this is pretty tight to.

  9. #9
    Senior Member
    Join Date
    Jan 2002
    Posts
    206
    I think this scam is the one where you have to goto the 'Insta Kiss' site. Then enter your screen name and password to find out who sent you the alledged kiss.

    Now if your dumb enough to give your screen name AND password to someone, well maybe you deserve the tag 'idiot' or '*******'.




  10. #10
    Senior Member
    Join Date
    Dec 2001
    Posts
    884
    the_g_nee: But it's his girlfriend he's talking about, not him...she might not be too internet/security-literate.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •