Vulnerability Development mailing list archives
Re: Napster a little insecure?
From: jpr5 () BOS BINDVIEW COM (Jordan Ritter)
Date: Fri, 28 Jan 2000 14:27:40 -0500
On Thu, 27 Jan 2000, Dennis Miller wrote: # I'm running Napster v2.0 Build 1318 which is a freeware utility to # share MP3's across the internet located at http://www.napster.com # <http://www.napster.com> . Notice Napster sends the complete location # of the file(s) being sent. Does this mean that there is a way to coax # the client to offer up ANY file? # # RECEIVED (on different query) # 81 00 C9 00 # "c:\WINDOWS\DESKTOP\mp3s\Nirvana-Lithium.mp3" # (32-byte checksum) # (size in bytes) # (bitrate in kbps) # (freq) # (duration in seconds) # (username) # (magic cookie - "643813570") # (line speed) # 92 00 C9 00 # "G:\Program Files\napster\Music\NIRVANA - Smells Like # Teen Spirit.mp3" # (32-byte checksum) # ... # 00 00 CA 00 00 00 You are not the first to ask this question, so I'll explain the reasoning behind this. Full filepaths are how we currently uniquely identify mp2/mp3 files. We could have used a file ID system whereby only the filename and an associated ID were transmitted, but we decided that, in addition to the filename, the path also constituted searchable text. Your above example doesn't demonstrate this, but the following will: "G:\Program Files\napster\Music\NIRVANA\Smells Like Teen Spirit.mp3" In any case, the answer to your question of whether other files can be reached via the Napster client is a resounding "NO". To begin with, the napster algorithm for adding files to your sharelist requires that the file actually contain mpeg frame headers. Even other music formats are not sharable through Napster, unless they contain at least this. This file list is updated everytime you load the client software. Furthermore, when a request to download a file is received, that request is matched against the current list of shared files, which as explained before only contains mp2/mp3 files. Think of a big strcmp() loop; if it isn't in the list, you can't get it. Could you be sneaky and stego other kinds of files with mpeg frame headers into Napster? Probably, but who in their right mind would bother? The answer was and still remains, No, you cannot download any files other than those mp2/mp3's that you chose to share. --jordan
Current thread:
- Napster a little insecure? Dennis Miller (Jan 27)
- Re: Napster a little insecure? Gunes Sen (Jan 27)
- Re: Napster a little insecure? Jordan Ritter (Jan 28)
- IIS4.0 .htw vulnerability Fricke, Gregory D. (Jan 28)
- <Possible follow-ups>
- Re: Napster a little insecure? Thiago Mello (Jan 28)
- Re: Napster a little insecure? Sebastian (Jan 29)
- Re: Napster a little insecure? technot (Jan 29)
- Re: Napster a little insecure? Thomas Maschutznig (Jan 29)
- Re: Napster a little insecure? Mark Shirley (Jan 30)
- Re: Napster a little insecure? WHiTe VaMPiRe (Jan 30)
- Re: Napster a little insecure? Jordan Ritter (Jan 30)
- Re: Napster a little insecure? Maniac . (Jan 30)