Our Big Problem "ICQ Homepage Exploit" and Protection

The document below was taken from Hackcity.com and it shows that our computers are not secure enough. As it explains, you can enter someone elses computer, shut down their icq, steal their files or things like these... Activating the ICQ Homepage by pressing "Services Button" and "My ICQ Page" and choosing "Activate Homepage" is makes your computer a server that everybody can reach. ICQ is already saying that it is not secure and doesn't suggest you activate it as stated below :

"Caution! By activating the "My Homepage" feature, you may provide third parties with certain limited remote access to certain files on your computer. Activating this feature increases the risk that parties will be able to tamper with your computer. Also please note that by activating the "My Homepage" feature you allow third parties to view your IP address. "
Click here to see more

 

ICQ Homepage Exploit
By Shadow51


Ever wondered why there is a little house beside the name of some people? That doesn't mean they are at home, it means they have the ICQ-Webserver running. The idiots who made it left huge bugs in it, like you can close their ICQ remotely, and even download their files. The only problem is that you can't see the files, so you have to know what you're downloading.

To close the ICQ client:

1. Click on the start button
2. Click on RUN
3. Type Telnet 123.123.123.123 80 Of course replace the 123.123.123.123 by the IP of the

THIS PART OF THE DOCUMENT IS CUT FOR PREVENTING PEOPLE TRYING THIS HACKING METHOD. THE PART SHOWN ABOVE AND BELOW IS ENOUGH TO UNDERSTAND THE BUG AND MAKE PATCH FOR IT FOR THE ICQ COMPANY. DETAILED INFORMATION CAN BE TAKEN FROM HACKCITY.COM FOR ONLY EDUCATIONAL PURPOSES.

THE ONLY PROTECTION AGAINST THIS BUG IS TO DE-ACTIVATE ICQ HOMEPAGE AS SOON AS POSSIBLE

5. Type QUIT

Wait about 10 seconds. If they go offline that means it worked, if not, then it didn't work. Now suppose you want to get some of their files.

Lets say that you want to see the file c:\windows\win.ini, and he or she has the ICQ-Webserver on:

1. Go to your browser
2. Type http://123.123.123.123/.html/......../windows/win.ini
note that you need the /.html/ part. It will trick the server into believing it's a html file, and note that

THIS PART OF THE DOCUMENT IS CUT FOR PREVENTING PEOPLE TRYING THIS HACKING METHOD. THE PART SHOWN ABOVE AND BELOW IS ENOUGH TO UNDERSTAND THE BUG AND MAKE PATCH FOR IT FOR THE ICQ COMPANY. DETAILED INFORMATION CAN BE TAKEN FROM HACKCITY.COM FOR ONLY EDUCATIONAL PURPOSES.

THE ONLY PROTECTION AGAINST THIS BUG IS TO DE-ACTIVATE ICQ HOMEPAGE AS SOON AS POSSIBLE

16. If all goes well, you now have all the users passwords.
It should look something like this:

crypt_Blizzard_Storm : öA@N
www.mircosoft.com : Administration:PASSWORD
*Rna\Dan\dannyk : q34ad6gt
*Rna\Test\957935 : nar8s7yj
*Rna\Test2\wolves : cyal8r
*Rna\Test3\curtisph : q73vnrht
*Rna\My Connection\USERNAME : PASSWORD
*Rna\My Connection 3\USERNAME : PASSWORD

17. Reboot
18. Press F8 at startup
19. Choose "Command Prompt Only"
20. Replace user.dat and system.dat with your originals that you previously had backed up

Shadow51
29000000
Shadow51@writeme.com
Document taken from www.hackcity.com

See also the related topic "Protection of ICQ Account Cracking"