Hi, See my demo source code (masm32): www.geocities.com/cyber_flash5/aimhol.zip If you have problems downloading, please send me an email. A simple 2x30 search returned approx. 6000 screen names! My CONCERN is what would one do with all these screen names/data?! Maybe create Spam/Virus/Worm/etc.,...? This technique could enhance malware code distribution because it can now obtain screen names/email addresses/personal info by simply querying it directly from the AOL OSCAR/BOS servers. The AIM default privacy setting is 'Allow ALL users to contact me'. Currently several 3rd party clients exist which I think piggyback upon the OSCAR protocol to communicate with AOL IM clients: GAIM - http://gaim.sourceforge.net/ TRILLIAN - http://www.ceruleanstudios.com/trillian/index.html Should AOL prevent these tools from accessing their servers? (see http://www.the44.net/badaim/ ;) ; ########################################################### Title: Aimhol - A companion to AOL 'Find a Buddy Wizard'. Purpose: Automatically retrieves AOL Instant Messenger screen names from the OSCAR/BOS servers! Author: Vengy! (-_-) Date: 2003 and beyond ... Tested: Win2K/XP ... Compiled: MASM32 Bugs: cyber_flash@hotmail.com Aimhol: - A companion to AOL 'Find a Buddy Wizard'. ======= This program will attempt to AUTOMATICALLY retrieve AOL Instant Messenger screen names and associated data (hobbies, nicknames,...) by querying the AOL OSCAR/BOS servers! :) It uses port 443 to connect. AIM default is 5190 but HTTPS (443) slips thru most firewalls. Files included: --------------- aimhol.asm Main source code and search tips. aimhol.exe Main program. surnames.inc List of 2150 most common US surnames. rand.inc Generates a random number in the range [0-(MAX-1)] misc_stuff.inc Useful procedures such as MD5, Winsock, etc., ... readme.txt You're reading it. AIM Login Process: ------------------ OSCAR (Open System for Communication in Realtime) is a proprietary protocol developed by America On-Line (AOL). OSCAR defines a system of exchanging instant messages. The protocol is used by all versions of AOL's Instant Messenger (AIM) client and the latest versions of ICQ (ICQ2000 and later). An OSCAR login is composed of a TCP packet that includes the login name (screen name), password, and client version string. Upon successful login, a cookie is issued that grants users access to the various BOS servers for the life of the session. The AIM network is comprised of two kinds of servers: Open System for Communications in Real- time (OSCAR), which handles user authorizations; and Basic OSCAR Service (BOS), which provides the search tools for users to find each other. How Aimhol works: ----------------- It randomly picks a "Last Name" from a list of 2150 most common surnames (see surnames.inc) as compiled by 'http://www.census.gov/genealogy/names/dist.all.last' or builds a new random surname based upon the ODDS parameter (1 in 50), then sends it to the BOS server as a 'Find Buddy' request. All responses are logged in ***BUDDY.TXT*** using the TLV (Type)(Length)(Value) format as follows: (00,09)(00,NN)(Screen Name) (00,08)(00,NN)(City) (00,07)(00,NN)(State) (00,06)(00,NN)(Country) (00,02)(00,NN)(Last Name) (00,01)(00,NN)(First Name) Additional data such as, hobbies, nick names, etc.,... are logged too! Also, Screen Names are extracted from buddy.txt and saved in ***SN.TXT***. (-_-) P.S. Yep, I was bored last week. ;)
