Originally posted by guerrillase7en
so running easy exploits on webservers that do what there supose to do just have really no if any security isn't really an exploit? no cgi exploits are real exploits? no exploits are real exploits? damn then there is no such thing as an exploit. in your mind.....
Ok..Let me see if I can explain this in a way that you can understand.

1) The original intention of Morpheus is to allow users to share files, ANY kind of files.
2) As long as the user puts the files they want to share in a specific directory and follows directions,
AFAIK you cannot access any other directory other than the shared one. If you can find a way of
accessing a directory that the user is not sharing then THAT would be an exploit.

Just because some idiot users choose to share their entire hard drives and you can access them, it does not mean you
have found an unintended use for the program.

Whereas if you are able to exploit a webserver that has a bug that hasn't been patched, you could say
that you have exploited the admin's laziness/the programmer's incompetence since the specifications
on the server never called for the program to be unable to deal with buffer overflow or whatever means
you would be using to access it.

There is a big difference between what happens with Morpheus and what a true exploit is..and if my explanation or that of the other
posters here telling you don't help you understand...I dont know what else to tell you.
Sheesh!!