View the AOL-Files.com archive:
Notable Content
- AOL People – A collection of profiles for 594 members of our online community.
- Security Breaches – A compilation of all the major AOL hacks from through 2001.
- Articles – A bunch of how-to articles for various AOL hacks
Since this archive was compiled from archive.org, not all the links work and some content is missing. All of the highlighed links should work.
Background
In 1999 a guy known by the initials BMB approached me about creating an AOL hacking website. At the time I had a small, relatively unknown site that I setup to distribute some AOL software I had written. He came across it, liked it, and invited me to create a better, larger site with him. Rob, an acquaintance of BMB, offered to host the site. I wanted AOL-Exploits.com, which I felt accurately described what we were doing, but Rob wanted something a little less malicious.
We eventually agreed that our new site would be called AOL-Files.com.
The site grew quickly. At the time, there was no shortage of people trying to hack AOL. They were at their peak and their software was rife with vulnerabilities.
Most of what we did was harmless – gain acess to unauthorized areas, stupid tricks in chat rooms, create unauthorized screen names, etc. However, every now and then we probably took it too far..
On one occasion, BMB tricked a high level AOL employee into providing his SecurID pin, which is six digit number that changes every 60 seconds that certain AOL employees have to use in addition to a password for extra security. He quickly signed onto the employee’s account and discovered it had rights to manage AOL Keywords. Normally, when you sign onto AOL, you’re directed to the keyword “Welcome”, which takes you to the “Welcome to America Online!” window. BMB modified the rules so that the keyword ‘Welcome” took everyone to our homepage. In about thirty minutes, we received well over 100K hits.
Another time, Hypah, a prominent AOL hacker, discovered a flaw in the AOL Instant Messenger process that allowed him to change anyone’s AIM password. To demonstrate his newfound power, he stole 4751 three character AIM names (which were highly sought after).
At its peak in 2000 and 2001 we were receiving 10K visitors/day. Looking back its hard to believe we had a site with that much traffic.
Needless to say, AOL was not happy with what we were doing and contacted Rob several times trying to get him to take down the site. To the best of my knowledge, he just ignored all of them. It eventually got to a point that I became worried AOL might attempt to take action against me or BMB. And so, sometime in 2001, I stopped contributing to the site and moved on to other things. I believe BMB moved on as well.
I didn’t follow the site too much after I left. Most of the original founders stopped contributing and the site was rarely updated. Eventually AOL acquired the domain, which currently points to aol.com
If you remember the site, please shoot me an email and say what’s up.
2022 Update: I discuss AOL-Files and much more in an interview on the AOL Underground podcast.
Matt Mazur 
I remember when AOL-Files posted a story about the Palm V servers being unsecured inspiring me to create a “winsock” password cracker. I recall rates of around 2,500 tries per minute with a single socket which I eventually released to the public. Little did anyone know I had also added a command into the start button to retrieve their aim account:password and ICQ it to me. Everyone expected malware to run at startup so I bypassed early technical investigations by waiting until you commanded & expected it to connect to the net :)
Ever hear from TOM @ AOL files? We used to chat quite a bit until spamming AOL became big money for most of us.
Hey, long time no chat! I did talk with Tom a few years back. IIRC was living in NJ at the time. Had some legal headaches after hitting a cop who standing in the middle of the highway trying to pull people over. I do recall he was making a few $K per day at one point back in the day spamming AIM. I never got into that, but he was a master at it.
Smut, you were the fucking man back in the day bro. I was actually thinking of the top dogs from aol a few months ago and I remember Kai, Eses, Mikey, Smut, and HiPPo were the top of the line spam kings. Glad to see your doing well bro, your work was amazing.
PS: Matt (lord TAO right?) I’m also glad to see this blog posted, and to see your alive doing well. Didn’t chat with you a lot back in the day but you went to the same middle school as I did.
Oh hey – yep, I went to Wellington Landings. Were we there at the same time in late 1990s?
yup. during the spam days– you are a year or 2 up I hit you on aim wayyy back in the day and chopped it up just slightly. You were much higher on the totem pole so I wouldn’t think you’d remember but yeah those were the days I remember you guys ran the show on AOL-Files which was the best days I can remember since. But yeah late 1990’s I’m 30 now bout to hit 31–
in Wellington*
I was a pr: vb6 dweller. That was my room. Used to miss chat lining with PERiSH, j0ker, and a bunch of others I can’t remember off the top of the head– made some decent chat spammers that used to compete with san0’s chazam.. lenshell went down I was going to pull screens.
Wow, the vb6 chat… old school…
Thanks for the trip down memory lane and for saying hey.
wow. tao. pretty interesting finding this..I used to go by sting, do you still talk to rob? he would host aol-libraries for me and cam0
Haven’t spoken with those guys in ages. Those were good times though :)
Wow what a trip down memory lane, I remember rob, bmb, Tom, artem. I made a massive amount of $ back in the days with tom’s spammer for the chat rooms, I used to go by init
I remember Tom telling me once that he was making $1k/day from his AIM spam bot. As a broke 13 year old, I was in awe. Now I learn that he shared it with others 😬
Oh man, 3 char screen names. This is great. haha
Good times :)
wow wat a trip down memory lane. i def remember aol-files. great times.
Fantastic archive, Tau :)
wow. hope all is well man
Cam0 that’s you? -shell
Wow bro.. been a long time since nV2…
A few years ago I booted up my old desktop from 2000 and was able to sign in still using my old AOL 4.0! Master.tol still worked but they completely shut down the eB tokens, the software libraries.
Wellington Landings? Wow I was in the acreage(Royal Palm). Best time of my life back then blowing money living at home with no responsibilities plus good looking girls in every direction. Had fourwheelers, 1994 Supra with Greddy T88(not really 88mm but massive -700hp+) turbo swap and a 1999 Supercharged mustang Cobra. Tree aka treesmokaa came to visit from NY bringing a few girls and we had a great time. Haven’t heard from tree in a few years….hope your ok Dan.
Wow this brings back such memories. I remember chatting with Artem or Tom a few times. I remember all these exploits. And smuts cracker.
Good times!
Is it just me or do you guys miss the scene as much as I do?
Yea, those were the days. – ba5ic
yup. ;[
Just listened to the new aol-underground podcast. I remember sharing screen shots from internal areas and giving them to AOL-Files & FDO-Files. Also giving BMB and others accounts that had rainman access.. Fun times. Thanks for the shoutout on the podcast Tau.
You didn’t waste any time listening to that podcast, hah. Thanks for saying hey!
Also can you remind me what Rainman did? As I was prepping for that interview that question came up but I never quite figured it out. What could you do with an account with Rainman access?
It’s essentially a way content is managed within the platform, it’s almost like a mark up language that looks like super simple richtext (as in the syntax). The idea is that you could create or update content, primarily text-based content like articles and things like that. You could embed images by referencing the GID and also link to other things, such as by GID so it’d be invoked if the link was clicked.
In addition to articles, some of the uglier forms you probably saw with your invoke scanning were likely generated this way, especially ones with no interaction other than “Close”.
In the AOL Underground podcast episode, I think you mentioned that “FDO could be emailed”, but I think you may have been confusing it with RAINMAN, which often could be emailed to a special address (rainmansys@aol.com) and it would execute what was in there — so in that sense it’s like a scripting language, albeit a super limited one.
There was some other stuff involved, but primarily it was meant to be an “easy” way for people to generate content. At some point they even had a WYSIWYG editor (IIRC anyway) which took care of the commands and everything.
I *think* it was loosely based on how early computer-based newspaper articles were written on essentially word processors without any rich text ability.
Super interesting, thank you for explaining!
I still hear from Rob every once in a while. I remember you and BNB as well. Just heard your podcast. Take care, redeaglejw
Do you (or anyone) happen to have either of their emails? If so, can you shoot them to me? matthew.h.mazur@gmail.com