Printable View
I keep hearing of people asking the question "whats with the morphues/kazaa exploit; it's not really hacking?" Heres where their wrong. A person can leech exe, zip, doc, wrd, txt, etc... files from the victims computer. It's a hacking exploit because the victim only intended to share their mp3 files, not there exe. files. You can get full version software and private texts from someone this way.
Please help me out if you like this article and give me points, thx.
Its not bad short and to the point but you might have gone on to say that once people realise that they can be hacked through Morphues that they may stop letting people uploading mp3s from them. This is a real problem a few crackers ruin it for the rest of the people who just want to get some different tunes.
Correct me if I'm wrong, but with morpheus you can share any file you want be it .exe, .doc, .txt or whatever, as long as it's in your shared folder. Also, you can view these files on someone else's computer via a web browser. Just connect to their IP on TCP port 1214 and you can view/launch the files contained in their shared folder. Bottom line, if you don't want to share something out...don't put it in your shared folder. As far as this being a hack, well, I wouldn't consider it a hack. If there is a different vulnerability out there that I seemed to have missed, please let me know, but as far as launching files other than mp3, that seems to be a feature common to the morpheus program. Questions, comments suggestions are welcome as always.
-The Eeshman
with kazza and morpheus you share all types of files not only mp3's...... it was built that way on purpose!
and you can also block shares from any files u dont want to share
even if you did have read only access to files on my computer what good is that?
You're an idiot who knows nothing - stop trying to spoil it for other people.Quote:
It's a hacking exploit because
Yeah,...once I heard about this exploit, I rigged 'my' Morpheus so it wouldn't share anything. Simply by not giving it server rights. And doubling my protection by manually making none of my files shareable. But yea...I was chatting with a few friends about how they got Borland C++ and VB just because stupid users shared their whole harddrive. That gave me the thought to search for: *.pwl
It was funny because I actually got a few. :p, sucks to be them eh? But I didn't do anything malacious...I just simply let it pass - happy with my findings. But never-the-less. If your running Morpheus, make sure that ONLY the drives/folders/files YOU want to be shared are REALLY being shared...otherwise some other guy might not be as nice as me!
:) ;)
Ditto...and It is DESIGNED that way. Any file in the shared folder can be downloadedQuote:
Originally posted by petemcevoy
You're an idiot who knows nothing - stop trying to spoil it for other people.
Brethren!
If you go to today's edition of www.msn.com, I believe you may find something rather interesting, to say the least, concerning file sharing programs...a rather eye-opening article for computer neophytes..."Online Spies"....
So...is this or is this not a hack??? Or is it just a case of some unknowing user accidentally sharing out his/her entire drive? A file sharing program does just that...shares files. Just lock down the files that you don't want to share. Simple as that.
-The Eeshman
Wow.. This is sad.... I did a search for *.PWL on KazaA and about 50 people came up :p
Most of these were 'default' and 'USER***', but I did see a few administrator and root ... LMAO
I feel sorry for them :D
A root pwl file?
Idk looked fishy to me too... Maybe we got a Linux fan using Windowze :p
didn't know my littel tut on morpheus/kazaa hacking made such a big sceen, well here's my idea, the maker of kazaa (and morpheus) wanted to share all fiel like exe,zip,mp3 so made it to shere all files but didn't think about the *.pwl files and if u just click serch for more by this user u don't see a full list... more or less it's not an exploite jsut a hole, shity programing, good example of windows:)
You call this HACKING???....so called exploit cut and pasted stra8 from the source:Quote:
Originally posted by warp82
I keep hearing of people asking the question "whats with the morphues/kazaa exploit; it's not really hacking?" Heres where their wrong.
The Problem:
------------
Morpheus/KaZaA lets its users share their entire hard drive with the world. Letting you
have access to there M$ money files, cookies that have passwords in them ect...
Exploiting the flaw:
You can simply connect to someone in Morpheus or Kazaa and begin downloading a file (I
suggest searching for “.sys” or “.pwl” to get only ppl with all files shared). Then go to DOS
and run netstat (newbies type "netstat -n") There IP address will be connecting from port 1214
so it'll be like this "x.x.x.x:1214". Now, go to http://x.x.x.x:1214 to see a complete
downloadable list of the files you can download.
Exploiting the flaw (a harder way, the 1st seems to easy):
Open your favorite IP scanner (I use SuperScan get it at http://www.foundstone.com) set
it to all ports from 1214 to 1215 chances are anyone with port 1214 open will be sharing on the
Morpheus/KaZaA system...
Closing:
--------
This is a good tool to get the IP # of a person sharing child porn also, do with them
what you will (nuke, nuke, nuke!)... You can contact me on AIM as 'Guerrilla Se7en' or by
email at [email protected] : 1st posted at http://www.angelfire.com/linux/antiwindows/
Correct me if I'm wrong.. but if this is an "exploit" of the program, then its like saying that being able to FTP to an ftp server and downloading anything in a directory that you have access to, rather than a specific file is a 'exploit'... I mean, for crying out loud, if your going to be saying something that is a specific item in the program is an exploit, then what's next?
Hell, I mean, you can view all a users files just by right clicking on a file shared by them and choosing Find more from Same - User...
So how exactly is this an exploit.. I mean, I'll give you that its not the original program interface (although morpheus does include a stripped browser in the program... but that' about as far as you can stretch it....
All that this stupid 'exploit' will do is stop those kickass users who have almost every song under the sun stored on their computers to stop sharing them.. I gave the 'exploit' a short test, and closing sharing with other users kills the whole exploits idea... you get nothing....
So why bother saying this is a flaw/exploit.. in my opinion, its an additionally feature, coz users with non-sensitive information can share it and get access to it just about anytime...
Hell, most of my friends have morpheus sharing their diablo II directory, so they can acccess their character anywhere..
So, PLEASE!! tell me how this is a exploit... Its killing my sleep deprived and alcohol drown brained....
It is not an exploit, unless you call it that because you would be exploiting stupid users.
The Morpheus program is not just a mp3 sharing program, it allows you to share whatever you want to. If the users are stupid enuff to share important directories, then they deserve to be "exploited".
btw...The root pwl file isn't as unusual as you might think. There are those of us who have to keep a Win installation around for the wife and kids and keep a "root" account on there to connect to my Linux box while within Winblows.
Why is it evryone thinks a exploit/flaw has to be a program on a *nix box u run? Why can't you accept that some are easy to find like this one, a security flaw just means it has a place with weak security.
We don't call it an "exploit" because the program is doing what is was designed to do....share files. Security in this case is the user's responsability...i.e. being careful about which directories you share. SHEESH!Quote:
Originally posted by guerrillase7en
Why is it evryone thinks a exploit/flaw has to be a program on a *nix box u run? Why can't you accept that some are easy to find like this one, a security flaw just means it has a place with weak security.
so running easy exploits on webservers that do what there supose to do just have really no if any security isn't really an exploit? no cgi exploits are real exploits? no exploits are real exploits? damn then there is no such thing as an exploit. in your mind.....
This is not an exploit...
Face it...
Its just simply using a different interface to access the files.
Your not able to do something that you shouldn't be able to do, which is really what an exploit is...
Now, if you could upload to their computer through this method... I'd say its an exploit... but you can't.... so I won't..
I'd be hard pressed to bring myself to admit this is a security flaw... the closest this comes to being a security flaw, is that you can get the users IP Address... and that is unavoidable in a P2P situation AFAIK...
Ok..Let me see if I can explain this in a way that you can understand.Quote:
Originally posted by guerrillase7en
so running easy exploits on webservers that do what there supose to do just have really no if any security isn't really an exploit? no cgi exploits are real exploits? no exploits are real exploits? damn then there is no such thing as an exploit. in your mind.....
1) The original intention of Morpheus is to allow users to share files, ANY kind of files.
2) As long as the user puts the files they want to share in a specific directory and follows directions,
AFAIK you cannot access any other directory other than the shared one. If you can find a way of
accessing a directory that the user is not sharing then THAT would be an exploit.
Just because some idiot users choose to share their entire hard drives and you can access them, it does not mean you
have found an unintended use for the program.
Whereas if you are able to exploit a webserver that has a bug that hasn't been patched, you could say
that you have exploited the admin's laziness/the programmer's incompetence since the specifications
on the server never called for the program to be unable to deal with buffer overflow or whatever means
you would be using to access it.
There is a big difference between what happens with Morpheus and what a true exploit is..and if my explanation or that of the other
posters here telling you don't help you understand...I dont know what else to tell you.
Sheesh!!
u can.Quote:
Originally posted by Matty_Cross
...Now, if you could upload to their computer through this method... I'd say its an exploit... but you can't....
so using this to d/l there .passwd file and telnet into root isn't going to give u the power you want inorder for it to be an exploit?
so exploiting a sys admin's stupidity(if they don't chek for security updates) and exploiting a sys user's stupidity(by shareing evrything) isn't the same?Quote:
Originally posted by Tortured Spirit
...Whereas if you are able to exploit a webserver that has a bug that hasn't been patched, you could say
that you have exploited the admin's laziness/the programmer's incompetence since the specifications on the server never called for the program to be unable to deal with buffer overflow or whatever means you would be using to access it...
Quote:
Originally posted by guerrillase7en
so exploiting a sys admin's stupidity(if they don't chek for security updates) and exploiting a sys user's stupidity(by shareing evrything) isn't the same?
Basically, yes. Security updates are released to patch a bug/security hole that was never intended to be there in the first place.
With a P2P program like Morpheus, they original intention of the program was to allow ppl to
share files from a specific directory or directories.
AFAIU, an exploit by definition is finding a way to take advantage of a bug or security hole that
should not exist in the first place.
And that, to me anyway, is the difference.
it shouldn't allow you to share the holde hard drive/nor let it list *.pwl/.passwd filesQuote:
Originally posted by Tortured Spirit
...take advantage of a bug or security hole that should not exist in the first place.
...
that's a security hole that shouldn't exist....
dunno if it work though...
It's a perl script wich is supposed to be a Kazaa/Morpheus Denial of Service Attack..
(rename .txt to .pl if u wanna try)
--------------------------------------------------------------------------------
Originally posted by guerrillase7en
quote:
--------------------------------------------------------------------------------
Originally posted by Matty_Cross
...Now, if you could upload to their computer through this method... I'd say its an exploit... but you can't....
--------------------------------------------------------------------------------
u can.
so using this to d/l there .passwd file and telnet into root isn't going to give u the power you want inorder for it to be an exploit?
--------------------------------------------------------------------------------
Since when can you UPLOAD to their computer through this 'exploit'?
I just re-read the 'exploit' tutorial you posted, nothing about being able to upload up there....
guerrillase7en...
It SHOULD let you share your whole hard-drive.. its is a file SHARING program.. the key word here is SHARING... Have you noticed, that when your using Morpheus, there is a search option to search EVERYTHING? Does it not dawn upon you that this is there because they didn't really want to create a search category for every single type of file?
Its meant to be able to share any type of file.
If a user shares their whole hard drive, that is their choice.... it may not be the best choice, but its their choice.. it isn't an exploit in the software... its doing what it was intented to do....
I personally am going to stop (or at least try to stop) posting to this thread, as I seem to just be repeating myself...
I feel kinda like this... :brickwall
The Morpheus/KaZaA exploit is not really a exploit..... How can you exploit someones inability to check what files a specific program is sharing with the internet ? If those people just spend 5 seconds and click on a button on a toolbar they could see which files K/M is sharing.... But I guess there too busy for that... So we should just let them have all their personal files on the internet for the world to see :D
Although I have been sending messages to the people who do have *.pwl or other system files shared..... There are many more... This non-exploit doesnt only exist in K/M it exists in other file sharing programs... Its just that we choose to publicize these programs.....
Alll they need to do is get hacked or something or other and then thell be more concerned with security... Thell be picking away at the files with tweezers :p
Nothing is REALLY an exploit... Its all human error... if someone had taken the time to add a few more lines of code to prevent K/M from sharing system files.... Then we wouldnt be here. :)
First off) that is not hacking that is just newbie sh*t
Second) like almost everyone said its only files in your shared folder
Third) You are ******n stupid to even think of this as an exploit
Amen !! My post(s) above were my last attempts to explain this..It can't be explained any clearer than has already been. SO I am gonna quit :brickwall: with these kids and go on...Quote:
I personally am going to stop (or at least try to stop) posting to this thread, as I seem to just be repeating myself...
I feel kinda like this... :brickwall:
well i'm tired of psoting here.... so seeing how this is going to be the last time i psot let me make it good, whoever it was that said "this isn't hacking'" is stupid coz hacking is exploring, and that's what this is. I don't give a **** what u want to call it what i call it is a 'security flaw' seeing how it allows stupid users to allow ppl to get into there pc. whom ever said you can't upload, i didn't tell evrything step-by-step in that tut. use some coman sence d/l there .passwd file see if ther have a telnet or a ftp server or somthing open... ac1dsp3ctrum is right " Nothing is REALLY an exploit... Its all human error... if someone had taken the time to add a few more lines of code to prevent K/M from sharing system files.... " same for what u call exploits on a *nix sys if they whould of addes a few more lines of code to it...
Kazaa/Morphus/Aimster= TRASH Get bear share.....
Keepen it real
FreeAgent
Almost everyone who replied to this post said that this is not an exploit,... and it isnt... This is my last post on this thread... Have fun :D
when using Kazaa. Do a search on everything for PWL.
Once you get a person who has this file get their IP and use the exploit to get read access to his system. Once you do that you will see that you have access not only to his shared directory but to his whole system.
Then download the PWL file crack it and then hack into his computer.
Very easy
Quote:
Originally posted by guerrillase7en
well i'm tired of psoting here.... so seeing how this is going to be the last time i psot let me make it good, whoever it was that said "this isn't hacking'" is stupid coz hacking is exploring, and that's what this is. I don't give a **** what u want to call it what i call it is a 'security flaw' seeing how it allows stupid users to allow ppl to get into there pc. whom ever said you can't upload, i didn't tell evrything step-by-step in that tut. use some coman sence d/l there .passwd file see if ther have a telnet or a ftp server or somthing open... ac1dsp3ctrum is right " Nothing is REALLY an exploit... Its all human error... if someone had taken the time to add a few more lines of code to prevent K/M from sharing system files.... " same for what u call exploits on a *nix sys if they whould of addes a few more lines of code to it...
...so your leaving right?
:)
It is an exploit if, had it been done against an M$ product or *nux, you'd be calling it an exploit.
It is a hack if, had it been done against a M$ product or *nux, it would be a hack.
It is a bug and complete disregard for security if, had M$ done the same thing, you'd be calling it a bug and complete disregard for security.
So ... if the default is to share the whole drive ... then it is it is clearly a severe security exposure and illustrates complete disregard for security on the part of Morpheous and Kazaa's authors.
If there a warning pops up when a whole logical drive is shared, then that is good coding and everything reasonable has been done that can be done to safeguard the user.
If it just lets you make a change to the configuration that shares the whole drive without issuing a warning or caution, that is okay (just okay).