Mar 15 2009

How Yahoo Booter Works ?

Yahoo messenger can get into yahoo chat, but in reality, it’s a seperate service…

Yahoo Messenger’s server has a Buffer, this buffer is actually 128k not the 512k.

When the attacker sends multiple packets to you, what you don’t get from the server gets stored in a buffer, in comes a chat packet, the client grabs it, in comes 5 chat packets, you grab the first 3 packets, 2 are left behind on yahoo’s server, you then grab the 2 packets and then the buffer is back to empty.

Actually the booter sends 1k’s worth in 1 packet of PM (instant messaging packets) but instead of sending the 1 packet, the booter builds up 10 pm/im packets.

Then you send it to yahoo 10 loops packets of PMs @ 1k each = 80k in 1 load to yahoo then the booter sends it again, 160k.

Now if you can send 128k’s worth of data, pm packets, chat packets, anything you like to the other user BEFORE the user can get the data out, yahoo will simply disconnect them over 128k why?

Most Probably because the server is instructed to disconnect idle users or users who are no longer online, what’s the point of Keeping someone in yahoo chat if they are not getting the data people are sending them, after 40 minutes of a client sending data yahoo goes, we’ve buffered 128k, the user aint there, kick him…!

In Short, Yahoo Messenger Would Crash if it got anything more than 128k.

Also the connection protocols YMSG and Chat2 which is also a factor. YChat was harder to boot for the simple fact that it lacked in features compared to YMSG.
This is also why YMSG is easier to boot then Chat2. The more features the more ways you can be booted.

Yes there are ways to prevent from being booted…..!