Re: Infecting the KaZaA network?

["Simon 'corecode' Schubert" <corecode () corecode ath cx>]

On Wed, 6 Feb 2002 17:10:50 -0300 "Andrew McClymont"
<andrewmcclymont () d-link net> wrote:

> I just found out a folder named "My shared folder" under the KaZaA
> installation folder.
>
> Inside "My shared folder" there were various KaZaA installshield
> packages (exe files).
>
> Now, the people at FastTrack promotes their engine as a distributed
> way to send files to end users. This is seen whe you download KaZaA,
> you get a little exe (500 k) that downloads the full KaZaA client from
> one of its users, I would guess, from the "My shared folder".
>
> What happens if I infect the files under "My shared folder" with a
> virii or some trojan, every user that gets their KaZaA client from my
> computer gets screwed, right?  And then, the victim himself will be
> sharing the KaZaA client infected to new victims.

fasttrack is using a digest to identify files. iirc not the whole file but some kbytes from the beginning. + filesize.

could be exploitable, but the digest reduces the chance to work.

cheerz
  corecode

-- 
/"\   http://corecode.ath.cx/
\ /
 \     ASCII Ribbon Campaign
/ \  Against HTML Mail and News

Attachment: _bin
Description: