Re: ICQ exploit

[Bodie <mclarkc () ESSEX AC UK>]

On Wed, 28 Mar 2001, Ed Rolison wrote:

> > While playing around with my laptop and desktop today I noticed something
> > with ICQ.
> >
> > If you have ICQ setup on 2 machines using the same ICQ number, as soon as
> > the second machine starts ICQ up the first machine gets an error about your
> > ICQ number being used on another machine and immediately takes ICQ off line.
> >
> > I don't know the mechanism that allows this but has anyone considered an
> > exploit based upon this mechanism? Seems to me a sequential run could knock
> > a whole bunch of people off ICQ..
>
> I've noticed this behaviour, although correct me if I'm wrong, but to do this
> you need to actually log on to ICQ - thus you can't do it, because you'd need to
> crack every account...

I'm not sure about this, i'm gunna check it out tonight, but i think it
would be possible to forge the message that is sent to the client to make
it disconnect, and if that is possible then it definately is possible to
crash the icq network completely quite easily