This blog has nothing to do with slogans. What would the three word slogan be for that? No Slogan Blog.

Wednesday, January 09, 2008

The Myspace Chat hack

MySpace uses the userplane chat application. It is a flash based chat that works well when it isn't being abused. Unfortunately it is often abused and this is disruptive to anyone in that chat room.

It used to be the people who wished to stop the room from functioning would simply send a screenful of emoticons and it would slow everyone's computer to a crawl and many people simply left. For whatever reason (I can only hope it might have been a security update) that fell out of favor for this new exploit.

What happens now is someone says something only you don't see it. You see their name but nothing after that. Then it simply sits there with your network at 100% usage and cpu at 100%. Refresh the page and it is fine.

So I decided to give this a closer look. I suspected they were using packet editors and knew they weren't all that smart so I decided to ask my favorite guru what the appropriate program to use was and he pointed me to a very good packet logger. I found the packet our little friend sent and it looked a lot like this:
rooms/public/2/dispatch_sosendChatTextGoodbye Room. Soon To Be Destroyed. thank your imature lame fucks who have no life ed and kev have fun mind fucking somthing that can't see you
312088735Bqup
So it looks like he's sending a font with one too many characters to begin with. But is there more to it? Not sure yet. And what is the cure? to filter for a packet containing that string, 0ii6699? That seems a bit wasteful on the client end. I do wonder if that number near the end is the user's MySpace number. No confirmation on that just yet. More testing I guess.
--update: That number is the user number of the chatter.

Don't know.

But there it is. So if your google search led you here because you wonder why the room is freezing, there's what I know. I'd bet they'll be changing that font number regularly.

Edit, I see I can't put the actual breakage in here and have it display, so for those of you paying attention at home it is font color=#<0ii6699>

10 comments:

KeishaMama said...

dunno what packet info you tried to paste babe, but there was no mention of 0ii6699.

I try to stay away from chat rooms in general. Mostly only kids who want to start crap and/or horny peeps frequent those and I must just be terribly un-cool because that just isn't my bag baby. You do it to read their responses and try to find their logic, or let off steam.

I still think the majority are idiots. Not you of course. :)

Unknown said...

Its an exploit that takes advantage of flash's very poor html rendering. The chat area is something called a 'loader', a generic html/image rendering doohickey, that doesnt handle malformed html that well. You could add an extra character to the font tag, or maybe something else. It locks up the flash plugin. Myspace its self cant fix the problem, unless it pairs up with a different chat service, persuades the one it has to use a different means of rendering the chat display, or persuades adobe to fix its crappy html rendering in the flash plugin.

Its a case of shit stacked on shit, and its not likely to get fixed anytime soon. There are much larger possibilities for exploit too,its just a matter of someone becoming interested. Myspace chat is a soup sandwich.

Anonymous said...

what was the name of the packet logger you used?

Anonymous said...

There are many ways in which a myspace chatroom can be frozen. As well as a dozen exploits. The most favorite is people logging in to myspace chatrooms as what we call colons or dots so no one can even see who they are to report them. Spamming smilies still lags up peoples computers only when you change the packet size. There is also the spams which people cant see which are one of the most effective at the moment but the color freeze hack which kills a whole room within seconds is the best. But its not hard to filter them all out so it wont effect you

Anonymous said...

make a dynamic proxie router and their little packet noob attempts will slide right off.

Anonymous said...

how do i exactly do all of this hacks and how do i prevent from any of these hacks happening to me?

Anonymous said...

the old fashioned way also works, cut and paste h href in there a coupla time, it doesnt lock anything up, but it sure is a pain in the butt.

Anonymous said...

how do you set up a dynamic proxie router?

Unknown said...

Its called WPE pro and its very simple. Yuo can change your font color and everything the spam is easier than the font color change. You dont use packets for the spam though email me for details on myspace. my email is yonggbaek@gmail.com but i dont check my gmail so email me at myspace plz.

Anonymous said...

How can i stop those guys from freezing me and/or the room?? i get so tired of people doing that just for no reason. how do i get back at them????