Re: KaZaA + Morpheus sharing files

From: Markus Kern (markus-kernat_private)
Date: Thu Aug 02 2001 - 04:30:58 PDT

  • Next message: zen-parseat_private: "Re: Telnetd AYT overflow scanner and linux telnet 0.17"

    "Hackemate.com.ar" <hackemateat_private> wrote:
    
    <snip>
    
    > But they are not linked like that, they are:
    > 
    > http://24.232.8.x:1214/16206/Sting+-+All+ThisTime+%28unplugged%29.mp3
    > instead of:
    > http://24.232.8.x:1214/Sting+-+All+ThisTime+%28unplugged%29.mp3
    > 
    The number (16206 here) is probably an index into an internal table
    which contains all the shared files. This is actually a Good Thing
    because it means that you can only download files that are in the table
    in the first place. If implemented correctly it makes directory
    traversal
    attacks impossible.
    
    Another thing that bothers me about KaZaA is that it downloads its
    updates
    not from a central server but from other peers on the network. If the
    client
    doesn't perform any integrity checks on the file it would be trivial to 
    serve a trojan as update which would be automatically executed after the
    users permission to update KaZaA.
    
    -- Markus Kern
    



    This archive was generated by hypermail 2b30 : Thu Aug 02 2001 - 13:03:53 PDT