Author Topic: hey rejetto, does/will &rq support icq invisible exploit  (Read 2163 times)

0 Members and 1 Guest are viewing this topic.

Dude

  • Guest
hey rejetto, does/will &rq support icq invisible exploit
« on: June 08, 2003, 04:20:46 PM »
any plans? :)

cheers, keep up the good work!

Offline rejetto

  • Administrator
  • Tireless poster
  • *
  • Posts: 12949
    • View Profile
hey rejetto, does/will &rq support icq invisible exploit
« Reply #1 on: June 08, 2003, 05:14:41 PM »
i always thought it was not good to make something that easily exploits this
but, huh, i think i will before or later
mirabilis seems to not care about this server bug :(
i think they don't fix it cause it would break backward compatibilty

Offline alkimiya

  • Moderator
  • Tireless poster
  • *****
  • Posts: 315
    • View Profile
hey rejetto, does/will &rq support icq invisible exploit
« Reply #2 on: June 08, 2003, 05:29:28 PM »
is this when you check automsg of offline user and gets an empty response? or something else?

Offline Electron

  • Occasional poster
  • *
  • Posts: 81
    • View Profile
hey rejetto, does/will &rq support icq invisible exploit
« Reply #3 on: June 08, 2003, 08:44:05 PM »
Hm. Is it possible to write a plugin for this?
My world is how I creat it.

Offline rejetto

  • Administrator
  • Tireless poster
  • *
  • Posts: 12949
    • View Profile
hey rejetto, does/will &rq support icq invisible exploit
« Reply #4 on: June 09, 2003, 02:11:29 PM »
Quote from: "alkimiya"
is this when you check automsg of offline user and gets an empty response? or something else?

i already explained in this forum how to exploit it using the log window
it is based on server acknowledge

Offline alkimiya

  • Moderator
  • Tireless poster
  • *****
  • Posts: 315
    • View Profile
hey rejetto, does/will &rq support icq invisible exploit
« Reply #5 on: June 09, 2003, 08:35:29 PM »
hmm.. yes I remember now.. however you might not want to write a message to the offline/invisible user, just check if he/she is invisible.. does it work to send the check automsg-packet (which iirc is an empty message packet with another msg_type-code) and check for server ack?

Offline swn.daniel

  • Occasional poster
  • *
  • Posts: 4
    • View Profile
hey rejetto, does/will &rq support icq invisible exploit
« Reply #6 on: June 09, 2003, 09:56:27 PM »
yeah this would be another feature to make &RQ a litle bit more special  :twisted: ...and I think it's kinda simple to implement it, isn't it?

regards

Offline rejetto

  • Administrator
  • Tireless poster
  • *
  • Posts: 12949
    • View Profile
hey rejetto, does/will &rq support icq invisible exploit
« Reply #7 on: June 10, 2003, 02:38:37 PM »
yes alk, that's also what i recall, but &RQ does not let you send an automsg-request if the contact is offline, that's why you can't do it at the moment.

well...ATM i think i will

Offline alkimiya

  • Moderator
  • Tireless poster
  • *****
  • Posts: 315
    • View Profile
hey rejetto, does/will &rq support icq invisible exploit
« Reply #8 on: June 10, 2003, 03:10:03 PM »
I will look into this :)

Offline alkimiya

  • Moderator
  • Tireless poster
  • *****
  • Posts: 315
    • View Profile
hey rejetto, does/will &rq support icq invisible exploit
« Reply #9 on: June 10, 2003, 04:43:44 PM »
it worked very well :)

when checking auto message for offline/invisible user I get no server ack (default msg-type to check for away message (0xe803) even if offline).. when user is offline i get error packet :)

Some log info for the interested...

Code: [Select]
2003-06-10 18:42:30 SRV_ICBMERR: User is offline
2003-06-10 18:42:30 RECEIVING..............................................
  FLAP: 2A 02 AD 4F 00 0C                                * ­O  
  SNAC: 00 04 00 01 00 00 00 00 00 00                              
  DATA: 00 04                                              
2003-06-10 18:42:30 SENDING................................................
  FLAP: 2A 02 00 11 00 81                                *    
  SNAC: 00 04 00 06 00 00 00 00 00 00                              
  DATA: 1B F1 32 43 8D 42 00 00 00 02 06 39 38 36 32 34   ñ2CB     98624
        36 00 05 00 62 00 00 1B F1 32 43 8D 42 00 00 09  6   b   ñ2CB  
        46 13 49 4C 7F 11 D1 82 22 44 45 53 54 00 00 00  F IL Ñ‚"DEST  
        0A 00 02 00 01 00 0F 00 00 27 11 00 36 1B 00 07           '  6  
        00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00                  
        00 00 00 03 00 00 00 04 FF FF 0E 00 FF FF 00 00          ÿÿ  ÿÿ  
        00 00 00 00 00 00 00 00 00 00 E8 03 00 00 00 00            è    
        01 00 00 00 06 00 00                                    
2003-06-10 18:42:30 Checking auto message for 986246

2003-06-10 18:37:31 SENDING................................................
  FLAP: 2A 02 00 10 00 81                                *    
  SNAC: 00 04 00 06 00 00 00 00 00 00                              
  DATA: 03 FA 58 21 BD FD 00 00 00 02 06 39 38 36 32 34   úX!½ý     98624
        36 00 05 00 62 00 00 03 FA 58 21 BD FD 00 00 09  6   b   úX!½ý  
        46 13 49 4C 7F 11 D1 82 22 44 45 53 54 00 00 00  F IL Ñ‚"DEST  
        0A 00 02 00 01 00 0F 00 00 27 11 00 36 1B 00 07           '  6  
        00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00                  
        00 00 00 03 00 00 00 04 FF FF 0E 00 FF FF 00 00          ÿÿ  ÿÿ  
        00 00 00 00 00 00 00 00 00 00 E8 03 00 00 00 00            è    
        01 00 00 00 06 00 00                                    
2003-06-10 18:37:31 Checking auto message for 986246
2003-06-10 18:37:28 User offline: 986246
2003-06-10 18:37:28 RECEIVING..............................................
  FLAP: 2A 02 8E 9F 00 1B                                * ŽŸ  
  SNAC: 00 03 00 0C 00 00 80 4F 47 A6                          €OG¦
  DATA: 06 39 38 36 32 34 36 00 00 00 01 00 01 00 02 00   986246        
        00                                                
2003-06-10 18:37:04 RECEIVING..............................................
  FLAP: 2A 02 8E 9E 00 53                                * Žž S
  SNAC: 00 04 00 0B 00 00 80 4F 2A 56                          €O*V
  DATA: 4E B2 C9 09 AC AE 00 00 00 02 06 39 38 36 32 34  N²É ¬®     98624
        36 00 03 1B 00 07 00 00 00 00 00 00 00 00 00 00  6              
        00 00 00 00 00 00 00 00 00 03 00 00 00 00 FF FF                ÿÿ
        0E 00 FF FF 00 00 00 00 00 00 00 00 00 00 00 00    ÿÿ            
        E8 03 00 00 00 00 01 00 00                       è        
2003-06-10 18:37:04 SENDING................................................
  FLAP: 2A 02 00 0F 00 81                                *    
  SNAC: 00 04 00 06 00 00 00 00 00 00                              
  DATA: 4E B2 C9 09 AC AE 00 00 00 02 06 39 38 36 32 34  N²É ¬®     98624
        36 00 05 00 62 00 00 4E B2 C9 09 AC AE 00 00 09  6   b  N²É ¬®  
        46 13 49 4C 7F 11 D1 82 22 44 45 53 54 00 00 00  F IL Ñ‚"DEST  
        0A 00 02 00 01 00 0F 00 00 27 11 00 36 1B 00 07           '  6  
        00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00                  
        00 00 00 03 00 00 00 04 FF FF 0E 00 FF FF 00 00          ÿÿ  ÿÿ  
        00 00 00 00 00 00 00 00 00 00 E8 03 00 00 00 00            è    
        01 00 00 00 06 00 00                                    
2003-06-10 18:37:04 Checking auto message for 986246
[/code]