• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

PSA: If you click a link in in a AIM profile...

V

Vertimus

Banned
If you click a link in in a AIM profile and the link has your s/n in it, be prepared to get owned.

My profile:

<a href="http://blog.kezyxes.com/blog.php?iddqd=%n">blog - UPDATED!</a>

Note: the %n automatically gets parsed into your screenname by AOL/Oscar. To hide the obviousness in the URL, simply let blog.php be a javascript redirection.

tail /var/log/apache/access_log -n 10000 | grep iddqd reveals everything 😛
 
Originally posted by: sygyzy
I don't get it 🙁
Click to expand...

I don't get it either. Is the OP going to own everyone that visits his blog? 😕

And when I run into those things, I usually change what was my screenname in the url to onipaoniasidfjsdf. I don't see why people want to know who visits their blog and how often he or she does it. Unless they wear tinfoil hats then it's excusable.
 
i would just copy and paste the link and put their own sn when they're using imchaos or some crap and then delete all their logs.
 
Yeah i remember learning this quite a few years ago when those buddy tracker websites were popular.

What I did is copied the link, inserted naughty words into it and, for good measure, html code that would screw up the appearance of that person's list.

Those were the days.
 
if they use imchaos, copy and paste the link and replace your nick with their own sn and it'll login to their admin page to see all SN's logged... u can also delete all of them...
 
Wow. Speechless.

Let me get this straight. When you click on a link in an AIM profile, probably to view the blog of one of your friends (since they probably are on your "Buddy" list right?), your screen name gets passed to them in the URL. Then, they are able to know who viewed their profile. Heaven help us. God forbid! So let's spend an extra minute to change it out to something as clever as OMGWTFBBQ or OMGHI2U (as donated by desteffy) so you fool these information mongers. Those who were once on your tail armed with the knowledge (your screename) to ruin your life are now left with a cold trail.

Congrats hackers of tomorrow.
 
Originally posted by: Pepsi90919
explain how that is 'getting owned'
Click to expand...

well.. i dunno how it's gettin owned when they log your SN on each click...but you can sure own them by readin my post above if they use imchaos 😀
 
Originally posted by: sygyzy
Wow. Speechless.

Let me get this straight. When you click on a link in an AIM profile, probably to view the blog of one of your friends (since they probably are on your "Buddy" list right?), your screen name gets passed to them in the URL.
Click to expand...

it's when the link has %n in it. but i thought AIM removed such a "hack" to only gather the first characters of the screenname before the first whitespace (space) in the screenname. last i tried it, it didn't work. shrug... i haven't done anything with my profile in quite some time though.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top