Star Tool AOL 2.5/3.0 16 bit

Date 1996
Founded Unknown, Hexed and Released by Mad Misery
Submitted By O0O
Source Archive

This was a huge discovery for PC AOLers. Up until this point PCers were unable to do the things Mac hax0rs were able to with their version of the Star Tool, called Utilities. The Star tool for 16 bit AOL clients came with a limited Atomic Debugger and an invoker for f1 tokens.

Within weeks of Mad Misery’s general release of the Star Tool, invoke scans were done and many private AOL staff areas were found leading to the discovery of VPD and Rainman tools for the PC. This was the beginning of PC token exploiting.

Star Tool for AOL 3.0 32 bit

Date Fall 1997
Founded Lithium Node
Submitted By O0O
Source Archive

This was the first star tool to be discovered since early 1996. It was also the first for the newer 32 bit versions of AOL software designed for Windows 95. It had an Atomic Debugger integrated into This was far stabler than the stand alone debugger being used for AOL 2.5/3.0 16 bit.

It was found in the MMDev file library under the name “testsys.exe” but it had a 151 viewrule(On Campus only/Internal). In order to get around the viewrule an internal with access to kw: Manage Boards was used to change the viewrule to the file library.

1998 America Online Tokens

****America Online Tokens****

(adapted from token_list)
(This document must have attribute viewrule_151. For further assistance contact OpsSec)

gv All casino games special tokens casino NU
$A Add product to shopping cart clerk NU
$B Request billing information clerk
$C Begin checkout process clerk
$D Delete product from cart clerk
$F Request clerk form w/pop clerk
$I Show store information clerk
$L List items in shopping cart clerk NU
$M Get billing method clerk
$P Show product desc clerk NU
$S Request shipping information clerk
$V View product from cart clerk
$b Process internal billing info clerk
$d Delete product from cart clerk
$f Request clerk form clerk

$E modify_cart_entry clerk2
$G get_product(ext id appd to ft 1) clerk2 NU
$Q process quantity clerk2
$R retrieve_product(int_id=hard_cod clerk2 NU
$a add_store clerk2
$c display_cart clerk2
$e delete_entry_from_cart clerk2
$g request_store_id(ext_id) clerk2 NU
$h process_store_id(ext_id) clerk2
$i process_internal_bill clerk2
$j return_to_product_summary clerk2
$k process_checkout clerk2
$l process_list_option clerk2
$m modify_store clerk2
$n remove_from_cart_screen clerk2
$o display_product_option clerk2
$p display_product_summary clerk2
$r process_radio_option clerk2
$s display_about_this_store clerk2
$t process_text_option clerk2
$u copy from_bill_to clerk2
$v process_ship_to clerk2
$w delete_store clerk2
$x request_cc_info clerk2
$y process_cc_info clerk2
$z process_bill_to clerk2

$W enter promotional area clerk_special NU
$X specify machine type clerk_special
$Y specify product choice clerk_special
$Z provide shipping info clerk_special
dM Set domain – message board collector
eT Start mail text entry collector NU

C1 Request collection contents collman
C2 Request more collection contents collman
C3 Request lastest stories collman
C4 Sign up for Live Wire collman NU
C5 Cancel LiveWire registration collman
C6 Reset collman domain collman
C7 Show “where” info collman
Ct Get indexed coll w/atoms collman

Ca Request collection contents collman2 NU
Cb Request more collection contents collman2
Cc Request latest stories collman2
Cd Sign up for Live Wire collman2 NU
Ce Cancel LiveWire registration collman2
Cf Reset collman2 domain collman2
Cg Open Coll info for Edit collman2 NU
Ch Modify Coll info collman2
Ci Act on named collection collman2 NU
Cj Convert Overwrite Confirm collman2
Ck Send collman form collman2
Cm Display item for edit collman2
Cn Cut item from collection collman2
Co Copy item from collection collman2
Cp Paste item (above) to collection collman2
Cq Paste item (below) to collection collman2
Cr Start add item to collection collman2
Cs Add/Update item data collman2

Read More

Exploring Historical & Emerging Phishing Techniques

International Journal of Network Security & Its Applications (IJNSA), Vol.5, No.4, July 2013
DOI : 10.5121/ijnsa.2013.5402 23

Marc A. Rader1 and Syed (Shawon) M. Rahman2, *
1CapellaUniversity, Minneapolis, MN, USA and Associate Faculty, Cochise CollegeAZ, USA
[email protected]
Associate Professor of Computer Science at the University of Hawaii-Hilo, Hawaii,
USA and Part-time Faculty at Capella University, Minneapolis, USA
*[email protected]
Organizations invest heavily in technical controls for their Information Assurance (IA) infrastructure.
These technical controls mitigate and reduce the risk of damage caused by outsider attacks. Most
organizations rely on training to mitigate and reduce risk of non-technical attacks such as social
engineering. Organizations lump IA training into small modules that personnel typically rush through
because the training programs lack enough depth and creativity to keep a trainee engaged. The key to
retaining knowledge is making the information memorable. This paper describes common and emerging
attack vectors and how to lower and mitigate the associated risks.
Security Risks, Phishing, Social Engineering, Cross Site Scripting, Emerging Attack Vectors, DNS poising.
Phishing is a social engineering technique that is used to bypass technical controls implemented
to mitigate security risks in information systems. People are the weakest link in any security
program. Phishing capitalizes on this weakness and exploits human nature in order to gain access
to a system or to defraud a person of their assets.


Read More

Netcat 1.10

Netcat 1.10

Netcat is a simple Unix utility which reads and writes data
across network connections, using TCP or UDP protocol.
It is designed to be a reliable “back-end” tool that can
be used directly or easily driven by other programs and
scripts. At the same time, it is a feature-rich network
debugging and exploration tool, since it can create almost
any kind of connection you would need and has several
interesting built-in capabilities. Netcat, or “nc” as the
actual program is named, should have been supplied long ago
as another one of those cryptic but standard Unix tools.


Read More

Ghost Tool 6

Ghost Tool 6

AIM FIlez DC Tool

AIM FIlez DC Tool

Coded By: Seven

AOL Invoke List

32-000105 – Create PUBLIC Room
32-002185 – The SPAM Area (Link to ARC)
32-002326 – The America Online Guide Area (JADE)
32-002411 – Change Software Version Numbers
40-005060 – Sales and Service Forum
40-009366 – Request-O-Rama
40-011549 – TOS Area (Detailed
32-000029 – Blank Mail (NF)
32-000030 – Update Welcome screen
32-000040 – Catch Hidden (NF)
32-000056 – Continue? (NF)
32-000105 – Create PUBLIC Room
32-000158 – On Stage Screen (NF)
32-000270 – Untitled Auditorium (NF)
32-000274 – Blank IM
32-000292 – Network News (NF)
32-000295 – Covers buttons
32-000296 – Uncovers Buttons
32-000300 – End of Account (NF)
32-000350 – Works for Macs
32-000351 – Microsoft Stuff
32-000754 – Send Question (NF)
32-001612 – Mercury Sign-On Screen (more…)

Read More