Vulnerability Development mailing list archives
Re: Infecting the KaZaA network?
From: "Simon 'corecode' Schubert" <corecode () corecode ath cx>
Date: Sat, 9 Feb 2002 22:03:53 +0100
On Wed, 6 Feb 2002 17:10:50 -0300 "Andrew McClymont" <andrewmcclymont () d-link net> wrote:
I just found out a folder named "My shared folder" under the KaZaA installation folder. Inside "My shared folder" there were various KaZaA installshield packages (exe files). Now, the people at FastTrack promotes their engine as a distributed way to send files to end users. This is seen whe you download KaZaA, you get a little exe (500 k) that downloads the full KaZaA client from one of its users, I would guess, from the "My shared folder". What happens if I infect the files under "My shared folder" with a virii or some trojan, every user that gets their KaZaA client from my computer gets screwed, right? And then, the victim himself will be sharing the KaZaA client infected to new victims.
fasttrack is using a digest to identify files. iirc not the whole file but some kbytes from the beginning. + filesize. could be exploitable, but the digest reduces the chance to work. cheerz corecode -- /"\ http://corecode.ath.cx/ \ / \ ASCII Ribbon Campaign / \ Against HTML Mail and News
Attachment:
_bin
Description:
Current thread:
- Re: Infecting the KaZaA network? Simon 'corecode' Schubert (Feb 09)