Literally the only things you can do are:
Find their location (Which is usually not correct)
D/DoS (But it'd be dumb as piss to do that to a home connection, lol)
In order to exploit the end user (Whether that be through Telnet or w/e) they'd have to have absolutley 0 protection. Hell, even the default Windows Firewall will protect you. (And correct me if I'm wrong, but a router will usually do so as well.)
I have no idea where you've been that has that rule, because anyone that does should be considered mentally challenged. If I post an image from my site, I have your IP in my connection log. Easy as that.
If you want to prove me wrong, go ahead. 18.104.22.168, take your best shot.
Here's a thread to reiterate my point: http://community.mybb.com/thread-69679.html