Chat Exit
by Tau

The Chat Exit exploit enables a screen name to stay in a chat room sixteen to eighteen minutes after that screen name has signed offline. Anyone is welcome to do this but this article is intended to teach others how it was discovered. Following the same techniques will lead to greater exploits that are waiting to be discovered. I discovered this and after thorough testing I have concluded that nothing greater can be done with this exploit so I have decided that more good can be done by teaching it to others.

This all began in my attempt to have my screen name stay online after it had signed off. My tests led to no where so began to attempt the same with the chat room. I envisioned creating numerous screen names and populating various private and public chats with them until no one could enter them. I had remembered that the rD token makes a user not in a chat room so I began testing with the that token. Sending the rD token while in a chat room results in your screen name leaving the chat room but keeps the chat room open. However, no new messages and no updated screen name list will occur afterwards. Therefore, it is pointless. Next, I tried skipping the rD token using the Atomic Debugger. This did result in what I had hoped; it kept my screen name in the chat room after I had closed the chat room. Unfortunately, this too, was pointless. If I entered another chat room or if I signed offline my screen name would immediately leave the chat room. This led me to believe that the system checks all screen names that are online to see whether they were in fact online. I have heard that in the past screen names could get stuck online for days and weeks at a time. AOL most likely fixed that glitch and now automatically checks whether all screen names in the system are actually online. This made me think, what if AOL didn't register the screen name as being online? If you could get the screen name online without AOL thinking it's online then the system wouldn't check to see whether it was actually online, so it would never be kicked off. The token that makes the screen name you sign onto online is the SC token. So I tried this. Before I started I cloned with AOL 2.5 so I could put another screen name in the chat room and check whether my theory was correct. I skipped the SC token while signing online with the Atomic Debugger, entered a chat room, then skipped the rD token while exiting the chat room. I signed offline and checked the chat room with AOL 2.5. The screen name was still there! It was a success. I quickly performed more tests and soon found myself with six screen names in a chat room. But all of the sudden one by one left the room. I started testing one screen name at a time to see how long it would stay in a chat room. My results ranged from sixteen to eighteen minutes. So I am led to believe that something happens around seventeen minutes that kicks the screen name offline. This I still do not know.

I will assume that you want to see your screen name stay in a chat room so the following steps include cloning with AOL 2.5.

1. Open AOL 4.0 or 5.0.
2. Open AOL 2.5 on the screen name you will be cloning with, sign on, and enter the chat you will be doing this in.
3. In AOL 4.0/5.0 open the Atomic Debugger with the Star Tool/Master AOL and go to Command | Set Breakpoints...
4. Find the item buf_set_token and select it. Then click OK.
5. In the Atomic Debugger click Setup | Setup (Ctrl+Enter)
6. Now check the boxes that say Atom Trace and Single Step
7. Minimize the Atomic Debugger and sign online
8. When signing on a window will appear saying Atom Single Step with five options at the bottom. In the box at the top it should say buf_set_token <"SC">. Click Skip. You will get other Atom Single Step boxes asking you if you want to skip the pv, f1, DP, as well as a few others. When these appear you need online click Go on the Atom Single Step window.
9. Go back to the Atomic Debugger and uncheck Single Step but do not close the Settings window or the Atomic Debugger
10. Enter the public or private chat that you want your screen name staying in.
11. Recheck the Single Step option in the Atomic Debugger.
12. Exit the chat. The Atom Single Step window will appear saying buf_set_token <"rD">. Click Skip.
13. Sign offline with AOL 4.0/5.0.
14. Check AOL 2.5 to make sure the screen name is still there.

I encourage everyone to conduct his or her own tests. If you find anything interesting and wish to be generous I would be grateful for any tips or information you could share.