Re: ICQ Spoofing Question (or second dumb question of the day)

[Riley Hassell <riley () SPEAKEASY NET>]

There are also various buffer-overflows in many of the chat clients.

The trick is avoiding the server. The server does almost all of the sanity
checks for Client->Server->Client chat protocols. If you can send a msg
to the Client directly, avoiding the Server totally, you can do all sorts
of crazy things.

I found an overflow in micq quite some time ago involving the url comment
field. Check the source... It's still there.

If you look through the various client's you'll notice all sorts of
security problems. The coders don't expect you to bypass the server.

Fortunatley, writing raw packets is not for the weak hearted. Therefor
this area hasn't really been explored by the script-kiddie alike.


  Riley Hassell
  Tier 3 - Abuse Mail
  Speakeasy Network
  Phone : 206-728-9770
  Email : riley () speakeasy net


On Tue, 19 Sep 2000, Robert van der Meulen wrote:

> Hi,
>
> Quoting Leon Rosenstein (l_rosenstein () MONTELSHOW COM):
> > Mandatory opening statement; I am not sure if this is meant for this list
> > but I have feeling it is.  Please flame me in private ;)
> I think it isn't :)
>
> > Is it possible (with any OS, or ICQ Clone) to spoof being a random
> > chatter?
> A search with almost any search engine on something like 'icq spoofing'
> would probably have turned up with the results you're looking for, one of
> them probably being a tiny little C source called icqspoof.c .
>
> Greets,
>       Robert van der Meulen
>
> --
> |      rvdm () cistron nl - Cistron Internet Services - www.cistron.nl        |
> |          php3/c/perl/html/c++/sed/awk/linux/sql/cgi/security             |
> |         My statements are mine, and not necessarily cistron's.           |
>         Life is a sexually transmitted disease with 100% mortality.