I think the one of the most interesting and overlooked stories about the AOL era, is how the warez scene used bots and AOL's mail system to host every piece of pirated content for years.<p>Similar to IRC channels with bots that provided lists of available content and used DCC to transfer compressed files in small chunks -- these were still the days of 9600-56k, so transfers larger than floppies were often doomed to fail -- AOL private rooms would be filled with bots that would respond to requests and send files. The difference being that the AOL bots would email a list of available content, which could be a paginated list across multiple emails, or results for a specific search query. Then you would type another command into the chat to request a specific file or release, and the bot would forward you a series of emails with <1.4MB attachments (the maximum size at the time), already stored on AOL servers and ready to download at whatever speed your modem could handle.<p>It took AOL a long time to catch on to this, and even then, they couldn't keep up with the sheer number of fake accounts being created -- or, as the article points out, accounts made with phished credit cards, of which there were hundreds of thousands floating around and a never-ending supply of new ones as AOL's userbase grew. They effectively hosted the warez scene throughout the 90s, until residential broadband became available and 10-100mbps was common in places like Sweden and Singapore, at which point the scene shifted to IRC and self-hosted top sites (i.e. private FTPs).<p>It was a remarkably simple solution to a hosting problem, and the folks who organized it all will never get enough credit for their contribution toward creating a generation of graphics experts, for example, who couldn't afford the crazy prices of Photoshop or 3ds Max, but were able to use pirated copies to develop those skills and turn them into careers.
The year was 2003 and I was in my second year of CS undergrad. I saw a cool utility in AOL instant messenger that recorded the username of every user that looked at your profile. I cloned it and added it to my profile. A few of my dorm mates liked it and asked me to put it in their profile. Even more people came asking and I made a simple website (buddytracker.us) where you could add the utility to your profile. I did no marketing but every profile using buddytracker had a hotmail like link to get your own profile tracker. The first month I had 30 users, the second 500, the third 5000, then 50000. The following year 3 million people had added a profile tracker. It was a life changing experience allowing me to pay off my student loans, travel and take a non-traditional career path. I work on side projects to this day and AOL is where I got my start.
If anyone is interested, I have an archive of a lot of AOL progs[0].<p>These got me into programming and I made a couple of my own that are now completely lost to time.<p>ccoms (chat commands) were my favorite. The program would scan the chat and when you sent a command, it'd do whatever you asked and send a response back to the chat for everyone to see. Basically turning the AOL chat into a public command line. One of the more popular things people used it for was for playing pirated music. You'd send `play rammstein` to the chat, and it'd start playing a random Rammstein song from your mp3 collection.<p>I started writing one later[1], although I haven't touched it since 2016. It'd connect to your spotify account, instead.<p>Also, it seems Mark Zuckerberg was in the scene. He apparently wrote Darth Phader (a fader.) A fader would make your text in chats fade colors by injecting html to change the text color between each character. So, your text would start blue and fade to red further along in the message, then maybe go back to blue, it was all configurable in most of them.<p>Edit: I can't believe I left this out, but there's also a facebook group[2], Justin has a site with a lot of content about progs[3], and I recently stumbled on the AOL Underground Podcast[4].<p>[0]: <a href="https://progs.rexflex.net/" rel="nofollow">https://progs.rexflex.net/</a><p>[1]: <a href="https://github.com/RexMorgan/qwik-tools" rel="nofollow">https://github.com/RexMorgan/qwik-tools</a><p>[2]: <a href="https://www.facebook.com/groups/297526060414740/" rel="nofollow">https://www.facebook.com/groups/297526060414740/</a><p>[3]: <a href="https://justinakapaste.com/" rel="nofollow">https://justinakapaste.com/</a><p>[4]: <a href="https://aolunderground.com/" rel="nofollow">https://aolunderground.com/</a>
My first "hacking" success was with an ad-supported ISP called NetZero. The app logged you on to the web and had a persistent ad-banner on the screen. If you opened a full-screen app - in my case Starcraft - it would kick you off the internet.<p>However, I discovered that if you killed the NetZero application at just the right time (after connecting to the network but before the ad banner was initialized), you could stay online with no ad-banner and pwn some Zerg.
I think even more than mailtools/fileservs and punters, my favorite thing about AOL progz was just being more expressive. When you hung out in TeenPoolParty13, you could be extra cool by sending text that was wavy, or mixed colors, or different sizes, fonts, etc when the actual UI didn't let you use that many options. But it let you embed HTML (and I guess UTF) so with a prog you could be more expressive, or just plain weird.<p>I've never forgotten how progz, Geocities, and MySpace all showed that people <i>want</i> to express their individuality and experiment if you give them the chance. But the boring commercialism of the 2010s internet killed the user's ability to be special.
This could have been written about me. I remember going to a friends house one night and seeing FateX for the first time. We spent a night mass mailing people and causing general chaos online. I went home and got my hands on Hellraiser, AO Korn, Pepsi, Havok, MIB, and a slew of other progz which I cant remember their names.<p>One day I asked my dad how they were made and he said he had some vague idea. So he took me to CompUSA and we left with a Learn Visual Basic in 24 hours book and Visual Basic software box. I went off and started writing my own programs and hanging out in various AOL related programming chat rooms. I made IRL friends from people that were part of that scene and that I met in those chat rooms. I have very fond memories of the internet back then.<p>I was 13 at the time I started coding AOL progz and went on to have a career in software development because of it.
I have described this world to a few people in my life recently, and look back on it very fondly.<p>Everyone was anonymous, everyone was crazy motivated, and it was a wild west of credit card theft, software theft, and more.<p>I wrote a few prolific mass mailers and servers, was pretty well known in the scene, and was only 12/13 years old.<p>I learned to program, create great user experiences, and more.<p>My servers were the first to have plain text search: /server send photoshop instead of /server send 26-40<p>It also hosted the lists via a PHP webapp, tracked metrics on the web across users of the app, and connected to IRC.<p>It was a wonderful time of chaos, rapid learnings, and intrinsic motivation that shaped my life forever. If not for this period of time in my life, I dont know where Id find myself.
A more interesting bit of AOL era ephemera was that we used away messages as people use Twitter today. In the AOL client you could set a short message (just a few hundred characters) as an away message that others would see if they had you in their contacts. People started to constantly set themselves 'away' with messages about what they were up to, how they were feeling, etc. I'm sure this likely influenced Jack Dorsey and the other early folks at Twitter since they were growing up and using AOL at the same time.
Good to see an article around this era of "hacking" (writing punters in VB). I haven't seen too much about it and I'd love to know if there are others.<p>My fondest recollection was that there was a Pokemon battling type game (Pokemon Platinum, I think?) where you could battle Pokemon over chat. The creator had hard-coded his AOL username into the binary to unlock a bunch of moves and skills. We figured out you could load the binary into a hex editing app and change the screen name - only problem was, it had to be the same length as the creator's: 9 characters. So made a new screen name, the one that stuck with me for the next 10-15 years, so I could unlock some pointless features in an AOL program. But it introduced me to Visual Basic, hex editing, and generally being interested in tinkering with computers and software.
The punter/proggie scene definitely got me into programming. Articles like this bring such a special kind of nostalgia. It was both educational and for me at the time, it was very rebellious. My parents did not want me downloading any of these things on our family computer. My friends and I would share floppy disks of punters as contraband.<p>Learning Visual Basic and the open source community of .bas files was ahead of its time. The tutorials and programming guides, the general willingness to share information.<p>I learned how to write C++ from a random guy who went by LostSideDead. If you happen to be reading this sir, thank you for spending so much time teaching a kid how to write code. I’ve made a long career of it and I love it.
Not really hacking AOL, but I found that you could get the passwords in plain text from the Filesystem, which meant I could get around the parental controls and use it when I wanted!<p>Submitted it to “happy hacker” and it got in the newsletter, I was super chuffed as a 13? yr old!<p>Edit: I had a thing called “aol admin tools” which I have no idea if it was legit or not but could see lots more than I could normally lol
1. 25 years ago a 28.8k modem and Cyrix 486 with 8mb ram on AOL had better end-user performance than today’s most popular web apps. There is still no mass-market equivalent to the appeal of those chat rooms. Technology will never defeat latency bloat of tracking hooks.<p>2. The anonymous or weakly pseudonymous internet was a superior user experience. It felt like an escape to freedom, similar to traveling to another country with chosen friends. The strong identity internet feels like surveillance more than escape. It leads me to believe that ‘the metaverse’ will always suck, not matter how good the technology gets.<p>3. What killed AOL? They had two separate generations of internet dominance, first the entire stack, and then with messenger after the ISP disruption. A company that can lead a massive growth industry, and then pivot to a successful product after their own disruption seems like a solid blue chip. I know what happened, they started focusing on old incompetent subscribers by giving them a familiar interface poorly replicated on the browser. But how? Who thought this was a good idea?
If I recall correctly, the primary method of "punting" was to send an instant message with a bunch of unclosed HTML tags, which the client's renderer wouldn't be able to handle and would crash the AOL application.
What a scene-- these are great: <a href="https://patorjk.com/blog/2012/05/03/cracking-magus-fate-zero-encryption/" rel="nofollow">https://patorjk.com/blog/2012/05/03/cracking-magus-fate-zero...</a><p><pre><code> I looked further and found each cipher was simply doing a
character offset, meaning each cipher was a Caesar Cipher.
The offsets were 70, 97, 116 and 101, respectively. If you
look up the corresponding ASCII code for those numbers, you
get the word “Fate”. I tried out this new decoding strategy
and was able to successfully decode a directory of MaGuS’
files. I had broken the code! MaGuS was using what is known
as the Vigenere Cipher, and for that particular directory,
“Fate” was the pass-phrase.</code></pre>
This one is definitely a nostalgia blast. As a 15 year old kid, it was very empowering to discover what you could do to programmatically bypass rules that were apparently in place for everyone else to adhere to.
There's still mirrors of AOL-Files on the web somewhere. I was looking at my profile I submitted to their "AOL People" directory back in '98 not too long ago
I was expelled from school for having a website where I listed downloads of all the AOL tools I could possibly find. There were thousands... The school network administrator somehow found my website and decided that these AOL tools were being used "to hack the Macintosh network and slow it down". I protested to the school principal that they were completely unrelated, but as a 13 year old interested in hacking, I didn't have any credibility. That followed me around on my permanent record and other schools treated me like a criminal.<p>Joke's on them, though. I learned to teach myself everything (since they refused to), dropped out of school, and got a job at a start-up. Don't stay in school, kids - hack for fun and profit!
Oh to reminisce about the adventures from the days when it all began. One could power on the PC and go make breakfast all the while a script executes after boot to "dial up" the wan. From the kitchen one listened to the audible feedback of the process as the spinning disk clattered and then the dopamine rush hits as the modem is dialing up, hoping the modem pool was not overloaded. Bbs, Irc, war dialing, AOL hax, NetZero punts and all the great fun is where several nerds found their calling, this nerd included. Some things have changed for the better while some things have changed for the worse yet here we are connecting everything, secure or not.
Maybe I should write an article titled "How Lotus123 macros got me interested in programming".<p>I wrote such a complicated program that I found out Bill Gates was wrong: 640K was not enough for everyone. But I realized that I could divide my mess of macros into categories, save them in separate files, and then selectively import only those that were being used at the time with a "root" set of macros. I was 18 or 19 at the time. It was many moons later when I learned about virtual memory and swap space, I realized I'd implement my own version of virtual memory/swap. In a very caveman like fashion. All without messing with someone else.
TIL that AOL released a db of search queries from 2006.
There's some pretty fucked shit in here ngl<p><a href="https://searchids.com/user/described/1" rel="nofollow">https://searchids.com/user/described/1</a>
AIM subprofiles were my first foray into writing HTML, hosting web servers, and "hacking." I used a server called SmallHTTPServer to host my subprofile that I later ended up bundling into a self-extracting ZIP file. The trick was to make people think the ZIP was just photos. When you did Direct Connect to people, you could see their IP address in your command prompt. So when they opened the ZIP it started serving their C:\ drive over FTP/HTTP at a known IP. Good times.
Dos32.bas with Visual Basic was my first intro to programming. There was no useful search so you had to navigate through webrings to get programming tutorials. There were also networks of private vb channels where the hackers hung out, those were always fun to drop in on.<p>Maybe I’m looking back with rose-colored glasses but I remember Visual Basic being intuitive and approachable for beginners in a way that I haven’t seen since.<p>The fader text is a nice touch too, that immediately makes me nostalgic.
Man, unless people were in this world they don't quite understand it. I miss those days, because those days sparked my desire to become a programmer. Without groups like UPS I would never have gotten hold of tools like VB at the time I needed it to as a teenager to create that spark.<p>What a great time :)
This is exactly where my programming career started. I was a young kid, aged 11 or 12, learning Visual Basic 5 & 6, making UIs that were backed by coms
(I think that's what they were called?) downloaded off the internet.<p>I wasn't knowledgeable enough to write the coms but I could make interfaces that called the functions within them. I made little apps that let you change the chat colours and phishing apps to message people so you could appear like an AOL staff member and maybe get their username and password.<p>Those same chatrooms are where I was exposed to pornography for the first time. My innocence never recovered from that, but it is what it is.
Yep, idling to win out chatroom ownership when AOL reset the server. Using Tameclone to flood out clients and Uccom (or bizkit047's version of it) to take over and moderate. It was my first real move into programming and running a server in my basement.<p>I still have all of my source code. My only claim to fame was I wrote a program to automate the generation of ICQ accounts (which could login to AIM for botting, and were harder to ban since you couldn't setup a wildcard match for the screen names being all "random" numbers.) Apparently it was good enough that someone felt it was worth cracking my crappy copy protection.
This is a flashback to some memories I had completely forgotten about. I remember getting into the 'super admin' backend of AOL back in the day. That was so much fun.
I'm with you guys here. My first program was an AOL...program. Learned how to program by copying some kids I met in private AOL chat rooms.<p>My first commercial program (shareware) was a legit AOL add-on (AoLOL!). Designed, built, and redesigned several times before I had the courage to ship it. Visual Basic 3.0. Used Win32 API to attach my program to the AOL toolbar (for AOL 2.5 and AOL 3.0). Had folks from all around the country send me a $14.95 check via US mail.
Wondering if anyone here was part of the AIM screen name cracking gig that was going on around the same time? Writing some of these crackers was one of my first experiences in programming and I also credit it with being a formative experience.<p>There were quite a few people who were interested in finding new methods used to brute force passwords as well as writing programs similar to what the article describes, good times
Not really a hack, but AOL provided some free web hosting at members.aol.com/~[your screen name]. When they increased the character count in screennames from 8 to 10 I immediately created some to "domain squat". My most successfully was "ikillkenny" which I used to host my mildly popular South Park screensaver website.
Grew up on this stuff. Still fondly remember the warez bots in channels that would forward emails with archives attached for pirated software, often in 1.44MiB increments since it had to fit on floppy disks.<p>It was a gateway for many of us into other distribution mediums for pirated software. I was part of that scene for years helping with various tasks as a teenager.
I still remember AOHell and similar tools, was interested as a kid in how the credit card # generation worked and learned about the method payment processors used to validate credit card numbers. But I was mostly interested in the punting feature, me and my friends used to spend hours doing that to each other
people confuse what it's <i>always</i> like to be a teenager in every generation with what happened in the world when they were teens.<p>"remember when everybody programmed in GW Basic?" no, that time never existed, but a certain set of people at a particular time in history got exposed to programming and that's what was available and understandable to them. In the fat part of the adoption curve for product lifecycles, that number of people can dwarf the number of pioneers who knew other languages like C, but their experience is not an accurate or detailed history of computer science.<p>AOL was a blip, a big, fat blip, whereby a certain generation of teens discovered computing, and while it was important personally to some people, in no way was AOL ever important, it was just froth.
Zuck was an AOL programmer <a href="https://www.businessinsider.com/mark-zuckerberg-when-i-was-a-kid-i-loved-aol-2009-6" rel="nofollow">https://www.businessinsider.com/mark-zuckerberg-when-i-was-a...</a>
People have pirated cassettes, VHS, floppy disks, CDs, USB drives. Some decades ago people even connected other people's hard drives into their computers.<p>Then people pirated over phone, BBS, LAN parties, the Internet.<p>Shit, there might be even people pirating shit over Ham radio.
Ah, reminds me of the "good ol' days" of the port 139 exploit[1]<p>[1] <a href="https://insecure.org/sploits/windows.OOB.DOS.html" rel="nofollow">https://insecure.org/sploits/windows.OOB.DOS.html</a>
This is a funny story I read on hacking AOL messenger.<p><a href="https://twitter.com/davidbyttow/status/1099112484974125056" rel="nofollow">https://twitter.com/davidbyttow/status/1099112484974125056</a>
This was me, too.<p>Shout-outs to maxl, nion, frikk, fatmac, rikky, kai and oracle, syfa and some other good dudes from that time. Some of you are here, I know.<p>Can't believe we're talking about dos32.bas in 2022.
OnlineHost: CATWATCH has entered the room.<p>Fun memories. I still have copies of a lot of those .bas files with the original pinter/punter code. Did anyone ever actually get a rainman account?
I was just thinking about these the other day, incredibly timely HN post. The look of all these progs was always so cool to me as a kid. Would love to see some old screenshots!
I feel like the same is happening with bots in todays chat platforms. I know some kids who first got into programming because they wanted to program a discord bot.
I am so much a product of this generation, I had forgotten so much of what this article mentions, but damn, this brought it back. I remember doing the exact punting scam, along with my first and only script kiddie DDOS back then (I was maybe 8 years old, and thought Bill Gates was my bully and that Linux was going to take over the world)<p>Tangent, I started work on remaking "You've Got Mail" a few months ago, with an updated ethos, focusing on decentralized web.<p>It's weird to cry over an article so unemotional, but, that era made me into who I am today.
Progz were sort of the gateway drug to real hacking of AOL. There was a headbanger dude named Beav who archived most progs for download on his Angelfire website LensHell. There's still an archive available (<a href="https://lenshellprogarchive.com" rel="nofollow">https://lenshellprogarchive.com</a>)<p>Progz were mostly for annoyance and were either released as one purpose programs, such as a punter to boot people offline, or a fader to color text in chat when colors were introduced, or an OH Scroller that scrolled endless text to disrupt chat (you would run these on hacked overhead aka "OH" accounts used by staff that didn't get auto-booted for scrolling). Some progs were sort of All-In-One programs where they had maybe a punter feature, a fader feature, etc. These all in one progs usually had a bunch of useless stuff like an "echo bot" or "trivia bot" or whatever. Some had more nefarious purposes like termers which were used to get people's accounts terminated. Things like punters and termers were usually short-lived as AOL would catch on to whichever method they were using an patch it.<p>The article talks about the open-source sharing nature of progz, and maybe that was true for the folks who lived in the vb private chats or who released their BAS files (dos32.bas was my first ever intro to coding), but many in the hacker scene were typical teenage boys who would constantly try to one up each other and prove how leet or oldschool they were...and new methods weren't always widely shared. The biggest status symbols for AOL hackers were leet screen names, like "Boss" or "Hack". Even more leet were 3chars which were the smallest amount of characters in a screen name and thus hard to get. The leetest of all were restricted names that had banned words, like "FuckAOL" or were only 2chars like "DJ", or indents like " MrLeet" since they were seemingly impossible to make.<p>In order to get these screen names, hackers would find ways to steal account information to reset the passwords, or use tools like Sub7 to infect users and then steal their passwords. More technically savvy hackers would exploit holes in AOL's systems such as the "sign up" page which was the source of a really famous hack in 2000. Other hackers were adept at finding ways to convince AOL to terminate an account for supposed threats. Because of this, most AOL hackers had an extensive numbers of <>< or phished accounts to avoid a rival hacker from terming you "perm" account which was usually paid for by your parents. The term phish and its associated progz, phishers, phish tanks, etc., were actually coined on AOL.<p>Some guys from the scene are legendary. One guy who used AOL on a Mac would often find exploits only he could use, including one where he stole pretty much every 3char name available. Rumor has it he went on to create a very popular online game where users are slithering snakes. :-)