Hacking Morpheus/Kazza
02-24-2002, 11:32 AM
#1
Registered User
Thread Starter
Join Date: Feb 2002
Posts: 79
Hacking Morpheus/Kazza
something i found in another siteNot really haX0ring, but none the less funny.
quote:
--------------------------------------------------------------------------------
Just_A_Dude
Info:
Title: Hacking Morpheus/Kazaa Users
Author/E-Mail/Homepage: just_a_dude / just_a_dude@Tronix-Online.com / http://www.Tronix-Online.com/~just_a_dude
Date: 12/15/01
Requirements: A little bit of experience with networking.
--------------------------------------------------------------------------------
Index:
1. Disclaimer
2. Intro
3. Problem
4. Exploit
5. Solution
6. Tips
--------------------------------------------------------------------------------
1. Disclaimer:
This file was made for educational purposes only.
Kurant Tronix® does NOT take the responsability over
the actions of people using this information.
--------------------------------------------------------------------------------
2. Intro:
Hello, I wrote this text file just because I felt like typing and
because a lot of people use morpheus and don't know they can be "hacked".
Morpheus and Kazaa are a big comunity just like Napster and some other.
This file explains a hole found by me (just_a_dude) which later on I discovered
someone else had found it already but I felt like writting a text file about
it so here it goes. I'll be referring to Morpheus/Kazza as M/K.
--------------------------------------------------------------------------------
3. Problem
The hole is a big mistake by the Morpheus/Kazaa developers. As you probably know,
all those "Sharing Programs" like M/K, Napster, Direct Connect, Bearshare, Winmx,
hotline, etc.. use a protocol to communicate within the server and the client or
client to client. Well, M/K listens to port 1214 for incoming connections (when
someone connects to you to download a file) and the protocol it uses is HTTP.
You're probably laughing at the M/K developers, but they were just doing their job.
They should use another protocol, since this one will be really exploited.
The hole allows you to view/download files from any user that is sharing at least
one file.
--------------------------------------------------------------------------------
4. Exploit
Here are the steps for exploiting this hole:
1. Open M/K.
2. Search for anything you'd like to download.
3. Start downloading it.
4. Open a MS-DOS prompt and type "netstat -n" without the quoting marks. (This
should display all the active connections with IP numbers, not hostnames).
You should get something like 'xxx.xxx.xxx.xxx:1214" in the 'Foreign Address' column.
Where xxx.xxx.xxx.xxx is an IP Address.
5. Open your webbrowser and type in 'http://xxx.xxx.xxx.xxx:1214' and press enter.
6. Voila! You got the list of the shared files from xxx.xxx.xxx.xxx. Now you can download
any file you want, however if the user is full (meaning that he's got no more slots left)
you wont be able to download anything.
--------------------------------------------------------------------------------
5. Solution
People's solution: You can either stop using M/K or just stop sharing any files.
Developers solution: Create your own protocol because using this one is already "hacked", besides
it's not original.
--------------------------------------------------------------------------------
6. Tips
If you want fast downloads using this hole, you can do a domain scan for port 1214.
If you dont know what a domain scan then, let's say your IP is 123.123.123.123, scanning a domain would be
scanning every ip from 123.123.123.xxx for port 1214 where xxx is a number between 1 and 255.
To do this (domain scan) I personally recommend OstroSoft Internet Tools (www.ostrosoft.com).
Once you found another IP with port 1214 open, do the exploit with it.
--------------------------------------------------------------------------------
quote:
--------------------------------------------------------------------------------
Just_A_Dude
Info:
Title: Hacking Morpheus/Kazaa Users
Author/E-Mail/Homepage: just_a_dude / just_a_dude@Tronix-Online.com / http://www.Tronix-Online.com/~just_a_dude
Date: 12/15/01
Requirements: A little bit of experience with networking.
--------------------------------------------------------------------------------
Index:
1. Disclaimer
2. Intro
3. Problem
4. Exploit
5. Solution
6. Tips
--------------------------------------------------------------------------------
1. Disclaimer:
This file was made for educational purposes only.
Kurant Tronix® does NOT take the responsability over
the actions of people using this information.
--------------------------------------------------------------------------------
2. Intro:
Hello, I wrote this text file just because I felt like typing and
because a lot of people use morpheus and don't know they can be "hacked".
Morpheus and Kazaa are a big comunity just like Napster and some other.
This file explains a hole found by me (just_a_dude) which later on I discovered
someone else had found it already but I felt like writting a text file about
it so here it goes. I'll be referring to Morpheus/Kazza as M/K.
--------------------------------------------------------------------------------
3. Problem
The hole is a big mistake by the Morpheus/Kazaa developers. As you probably know,
all those "Sharing Programs" like M/K, Napster, Direct Connect, Bearshare, Winmx,
hotline, etc.. use a protocol to communicate within the server and the client or
client to client. Well, M/K listens to port 1214 for incoming connections (when
someone connects to you to download a file) and the protocol it uses is HTTP.
You're probably laughing at the M/K developers, but they were just doing their job.
They should use another protocol, since this one will be really exploited.
The hole allows you to view/download files from any user that is sharing at least
one file.
--------------------------------------------------------------------------------
4. Exploit
Here are the steps for exploiting this hole:
1. Open M/K.
2. Search for anything you'd like to download.
3. Start downloading it.
4. Open a MS-DOS prompt and type "netstat -n" without the quoting marks. (This
should display all the active connections with IP numbers, not hostnames).
You should get something like 'xxx.xxx.xxx.xxx:1214" in the 'Foreign Address' column.
Where xxx.xxx.xxx.xxx is an IP Address.
5. Open your webbrowser and type in 'http://xxx.xxx.xxx.xxx:1214' and press enter.
6. Voila! You got the list of the shared files from xxx.xxx.xxx.xxx. Now you can download
any file you want, however if the user is full (meaning that he's got no more slots left)
you wont be able to download anything.
--------------------------------------------------------------------------------
5. Solution
People's solution: You can either stop using M/K or just stop sharing any files.
Developers solution: Create your own protocol because using this one is already "hacked", besides
it's not original.
--------------------------------------------------------------------------------
6. Tips
If you want fast downloads using this hole, you can do a domain scan for port 1214.
If you dont know what a domain scan then, let's say your IP is 123.123.123.123, scanning a domain would be
scanning every ip from 123.123.123.xxx for port 1214 where xxx is a number between 1 and 255.
To do this (domain scan) I personally recommend OstroSoft Internet Tools (www.ostrosoft.com).
Once you found another IP with port 1214 open, do the exploit with it.
--------------------------------------------------------------------------------
yeah *****