Home page logo

bugtraq logo Bugtraq mailing list archives

Long-standing bug in AustNet IRC network Virtual World
From: gbayley () AUSMAC NET (Grant Bayley)
Date: Sat, 3 Apr 1999 15:55:31 +1000

Hi folks,

I've documented (with examples) a long standing bug in the AustNet IRC
network "Virtual World" service which masks user IP address/hostnames for
the purpose of preventing nukes and other fun things.  The admins have
known about it for some time but seem to want to fix things like LoveOP
which sends lame love messages rather than helping their users stay
anonymous and secure, something they tout quite widely on their webpage.

In short, it uses a trivial but brute force attack using /who queries even
when the user is set to +i (invisible).

I've documented it at:


And there is a plain text version at:


I should mention in passing that other IRC networks like Xnet that offer
hostname/ip masking do not suffer from the same bug.

Have fun.


Grant Bayley
- Network Administrator, Batey Kazoo Communications
- Administrator, The AusMac Archive
http://www.ausmac.net/    gbayley () ausmac net

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]