-
May 25th, 2003, 10:37 AM
#1
Banned
Hacking with Kazaa
###############################################################*
# S.A.B.R.O. Net Security Advisory
# home.earthlink.net/~wh1004989
###############################################################*
#Product: Kazaa
#Authors: Sabro
#Tools Needed : netcat, winfo
###############################################################*
#Overview#-----------------------------------------------------#
Kazaa is a popular P2P file sharing program that most are aware
of, however it can be used to find other systems to gain access
to.
#Method#-------------------------------------------------------#
First start Kazaa and once your connected look in the
Tool/Options/firewall area, and down towards the bottom you'll
notice the Incoming Ports section.
Record the port number listed in the Use Port **** for incoming
connections and select the Use Port 80 as alternative for
incoming connections checkbox. Now that you've done this
fire up netcat and issue the following commands :
nc -v -t 127.0.0.1 80 and once connected enter :
GET / HTTP 1.0
You should receiving something as the following
HTTP/1.0 404 Not Found
X-Kazaa-Username: sabro
X-Kazaa-Network: KaZaA
X-Kazaa-IP: 209.183.120.91:2957
X-Kazaa-SupernodeIP: 66.65.160.49:2436
Record the ip address and port of the X-Kazaa-SupernodeIP, shut
Kazaa down and repeat the process, you should receive a new
ip and port. Collect these for further use. Once you've got
what you want connect to these other ips with netcat, being
sure to try ports 80/TCP, 1214/TCP and the port you got from
the supernode.
You should then notice the different user names for Kazaa and you
should get the standard 404 not found. If you lucky enough to get
a listing of files shared by Kazaa, fire up your trusty web
brower at point it at the victim. You should be able to see
to see the same file listing, however when you click on most of
the files, you won't be prompted to save, merely a click and
nothing happens....on your end. The victim will see the following
example on their side :
Title | Artist | User | Participation Level | Progress | Status | Time | Uploaded/Reg
-------------------------------------------------------------------------------------------------------------------------
Hand in my Pocket | Alanis Morrisette | | Low(0) | | Aborted | | 128k/3474kb
--------------------------------------------------------------------------------------------------------------------------
World Needs a Hero| MegaDeth | | Low(0) | | Aborted | | 128/5481kb
--------------------------------------------------------------------------------------------------------------------------
Respect | Pantera | | Low(0) | | Aborted | | 128/4907kb
__________________________________________________________________________________________________________________________
While this is a mild annoyance to the victim, and hardly constitutes
a security flaw, we have used this method to identify win boxes
running Kazaa, and vunerable to other attacks such as open or
weakly passworded shares, BO, Netbus, etc etc without having to first
scan the host to see if they have these services available.
#eof
Sincerely,
Sabro
http://home.earthlink.net/~wh1004989
-
May 25th, 2003, 11:18 AM
#2
So you're one of those twats that sickened Kazaa the way it is now....
Bravo ! (ironic)
I for one am not impressed....
-
May 25th, 2003, 11:36 AM
#3
You'r a ****, what da hell do you think you gain from this? Nothing, you'v just show what a big fool you are! I pitty you....
- Noia
With all the subtlety of an artillery barrage / Follow blindly, for the true path is sketchy at best. .: Bring OS X to x86!:.
Og ingen kan minnast dei linne drag i dronningas andlet den fagre dag Då landet her kvilte i heilag fred og alle hadde kjærleik å elske med.
-
May 25th, 2003, 11:42 AM
#4
Whooppee!
Well that was big of you ! this site like it has been said a thousand times is for security professionals and people with an interst in computer security not condoning or publishing "hacks" this is not a black hat hangout where you can find out how to destroy someones machine or annoy some kazaa user ! se your knowledge and skill in a productive way and certainly dont go shouting your mouth off about your so called prowess !
Grow up and stop ruining things for other users (kazaa etc).
Another not very impressed member !
Our destiny is to endure all hardships that we encounter along the path to what we perceive to be true and worthwhile !
The Head foundation
Please give generously
-
May 25th, 2003, 12:07 PM
#5
Hmmm, I on the other hand disagree with the comments in this post. I mean, isnt this supposed to be "Hackers know the weakness in your system, should'nt you?" This method shown here is of interest. How would you defend yourself from this if you dont know how this works??? Maybe sabro should have tried to mention a work around for this problem. I on the other hand, now will use this information to see if:
1 - Its true and if it actually works.
2 - If it does work, and if it does cause a real threat (i fail to see the danger in it yet) then how to work around it.
3 - I will help make sure that this problem gets known, and hope for feedback on fixing it.
I admitt that the way sabro has posted it, it looks like an "evil" wannabe exploit, but this provided information is good in order to find means of protection.
Sabro: Remeber one thing, this site is for protecting data. Not evading it, if your going to point out weaknesses in detail, then atleast try to help in fixing that.
Cheers.
//addon
The reason why im giving sabro a greenie here is, hes a total newbie to this site, so i think another chance should be given. In addition, i also see Sabro as a person who does posses some knowledge, wether this knowledge is desctructive or productive time will tell. Lets not judge by the person himself, but by the information provided by this person. If this person is destructive to the internet, then it does make him whatever you have named him. If his knowledge though helps the security communuty, then let this knowledge me welcome and helpful. Sabro, please Read the sites FAQ and the rules.
I keep reading many sites with new exploits all the time, its part of the information i need in order to secure a system. The easiness shown here by sabro just demonstrates the dangers that kazaa offers.
Cheers.
Ubuntu-: Means in African : "Im too dumb to use Slackware"
-
May 25th, 2003, 12:12 PM
#6
Member
Well i think geepod Sabro doesn't mean that
GOD BLESS YOU
-
May 25th, 2003, 12:22 PM
#7
Bat21, im not here to judge what sabro means, im here to see if the information provided by him us useful or not. I think it is useful, i mean, how would you fight back a problem that you dont know about? Some people here link to exploits on certain services and applications, sabro did not link to one, he actually posted it here. Where is the difference?
So if you would make a post saying "Windows XP has a flaw on this and that" and you would provide a link to the full story describing the problem, that would be ok then or not?
In order to secure a system, you need to know the weaknesses. Dont bitch at weaknesses presented to you first hand. Kazaa is so popular, that this problem must be made publice. Thanx to the information provided by sabro, a fix for it is only a matter of time.
Cheers.
Ubuntu-: Means in African : "Im too dumb to use Slackware"
-
May 25th, 2003, 12:44 PM
#8
Instronics,
I can understand your point of view, but the manor it was brought is asking to try his way to hack kazaa.
If he wanted to bring it in a security-related manor, he should have said :
" this is a possibility to hack Kazaa and/or Kazaa-users " or something like that...
and btw he promoted it due to he wrote this himself and quoting
himself as author (I'm not arguing on the authenticity), but I stick with my point of view,
he should have brought it to us otherwise...
Greetz,
-
May 25th, 2003, 12:52 PM
#9
While this is a mild annoyance to the victim, and hardly constitutes
a security flaw, we have used this method to identify win boxes
running Kazaa, and vunerable to other attacks such as open or
weakly passworded shares, BO, Netbus, etc etc without having to first
scan the host to see if they have these services available.
Hmm....need I say more? Obviously this wasn't just to show us that Kazaa could be exploited to annoy a user, but a method of finding points of entery....Thus...not Apropriate, or atleast not in my eyes...
- Noia
With all the subtlety of an artillery barrage / Follow blindly, for the true path is sketchy at best. .: Bring OS X to x86!:.
Og ingen kan minnast dei linne drag i dronningas andlet den fagre dag Då landet her kvilte i heilag fred og alle hadde kjærleik å elske med.
-
May 25th, 2003, 12:53 PM
#10
I agree with you shrekkie about the way he has chosen his words. Indeed you are right, but i still think there should be a chance given to him, and not to neg the hell out of him. I mean its his second post here on AO. Let us show some understanding. Let him see the way we have reacted to his thread here, and give him the chance to make it up. Many of the people here on AO have evaded computer security at some point, their skill(z) prove that. I too have w00ted a service or 2 in my life (sorry dad ). The manner of his post was indeed wrong. Patience will show us what sabro can provide to the security community. Lets just wait and see.
Cheers.
//addon
Dear Noia, i do understand your point of view, aswell as shrekkies, and i respect it. But please, lets try to use the information provided to help fix this weaknes, and not to get a n00b banned from AO just yet. His next post should help to reveal his true intensions. Has anyone here yet considered looking for a work around to this problem?
Cheers everyone, and forgive me if my opinions are not the same as yours
Ubuntu-: Means in African : "Im too dumb to use Slackware"
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|