-
September 6th, 2003, 04:19 PM
#1
KazaaLite/Kazaa Backdoor
Now ive heard about a backdoor in kazaa lite and/or all other [gloworange]KAZAA[/gloworange] products. What it is suppost to do is allow a user to connect to a [gloworange]Kazaa/Kazzalite[/gloworange] User's [glowpurple]"My Shared Folder"[/glowpurple] simply by using thier IP in and addressbar. Then a belive a backbutton or something is displayed and a user caan click back to move back a folder frm the [glowpurple]MY Shared Folder[/glowpurple] . This backdoor is suppost to allow all user on [gloworange]kazaa[/gloworange] to access the entire C Drive of another User. I would Like To know If This is true and/or if there is a way to protect yourself w/ a firewall. PLEASE HELP
-
September 6th, 2003, 04:31 PM
#2
Junior Member
never heard of it.
you used to be able to browse users shared folders by typing they ip addy and port in the address bar,but nothing else,never access they C drive unless they have it shared.lol
\"it is better to stay silent and appear stupid then to speak and remove all doubt\"
-
September 6th, 2003, 04:48 PM
#3
Yup, it worked. If I share just a folder, you see the contents of the folder.
If you share "c:\" you get the contents of "c:\" but are unable to browse subdirectories.
Here is a screenie:
-
September 6th, 2003, 07:21 PM
#4
IS the page that is displayed when you put in their IP a page generated by Kazaa?
-
September 6th, 2003, 07:36 PM
#5
IS the page that is displayed when you put in their IP a page generated by Kazaa?
Yes, KaZaA is a server and client software, so yes, the page is displayed from the KaZaA server and everything is indexed that you specified to share. Kinda like an index page that is returned to a browser when browsing FTP or a web site directory. If you type
http://123.456.789:kazaaport then you will see the contents of what you shared. I am sure if there is a way to share your files then there can be ways to explore the rest of sombody's computer if smart and crafty enough, but too bad I am not crafty or smart.
As for KaZaA being a "backdoor" I have not seen anything can can be construed as a backdoor, but if somebody were to decompile the software and add extra code to add some kind of extra "functionality" would not be extremely difficult to an experinced programmer or reverse engineer.
-
September 6th, 2003, 07:41 PM
#6
would this be like what music cpmpanys use to messup your songs and/or view your songs?
-
September 6th, 2003, 07:46 PM
#7
heh, I din't know. I can think of several ways. Simply download some songs, grab the IP and send the IP to be subpenaed. As for messing songs up, it would be easy to simply create a bogus file and share it. As for messing up "your songs" directly, I do not know if you can remotely alter files.
-
September 7th, 2003, 01:19 AM
#8
i would like to know if the page that is diaplayed when you visit the users IP can be alterend? Like maybe it is located in a DLL or something on my computer.
-
September 7th, 2003, 01:26 AM
#9
I do not know. Open a debugger and find out.
-
September 7th, 2003, 02:47 AM
#10
goozle, whatever you say.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|