Kazaa & Morpheus expose sensitive info

03 Sep 01 16:04 by in category Uncategorized


shank643 used our newssubmit to tell us that if you connect with a telnet client to someone that is running KaZaa (or a clone) you can see some information about the user. The website call it sensitive info, I would call it information that could be a little dangerous.

The telnet session will expose the users ip address (your ‘phonenumber’ on the internet) but more important it reveals the SupernodeIP where you are connected to. The Supernodes are the weakest point in a KaZaa network, taking them down will cause serious harm.



Summary:

Kazaa and Morpheus allow users to easily search, share, discover, create, and communicate with other users. These products reveal sensitive information about the remote host, and the username that is currently being used by the remote client.

Details:

Example:

# telnet morpheus.users.ip.address

Trying morpheus.users.ip.address…

Connected to morpheus.users.ip.address.

Escape character is ‘^]’.

GET / HTTP/1.0

HTTP/1.0 200 OK

X-Kazaa-Username: {USER NAME HERE}

X-Kazaa-Network: MusicCity

X-Kazaa-IP: morpheus.users.ip.address:1214

X-Kazaa-SupernodeIP: 130.74.237.54:1214

Source: Securiteam.com

6 Comments on Kazaa & Morpheus expose sensitive info

Juice
Posts: 163
Posted on: 03 Sep 01 20:46
Well use a firewall and you won't have to worry about it. People how don't use a firewall are settings them selves up to get probed.
the111
Posts: 362
Posted on: 03 Sep 01 21:07
Same as just about any other online chatty/shary thing? ICQ, MSN - they all give away other users IPs. Besides, you can't rely on the anonymity of your IP to protect you on the net! You could download a firewall such as Zonealarm, but this eats system resources. Better is to go to grc.com and follow instructions there.
guest
Posts: 15284
Posted on: 03 Sep 01 22:42
Don't think is new. Typing netstat /n in a dosbox has always given you all the ipadresses you are connected to. Taking down the supernodes? Get real! Almost every broadband Kazaa/morpheus/groksteruser acts as a supernode. Good luck in taking down tenthousands of them.
Hypnosis4U2NV
Posts: 1465
Posted on: 04 Sep 01 06:02
NOw whats the best firewall to have? Im running Norton Internet Security?
Juice
Posts: 163
Posted on: 04 Sep 01 22:20
Well I tried Norton's. Have to say the Zonealarm Pro is the best.
guest
Posts: 15284
Posted on: 05 Sep 01 00:07
I´ve used Norton when i was newbie :4 I have used Zonealarm (pro) for a long time now and it is THE best firewall availible...
Tell us, what do you think about

Kazaa & Morpheus expose sensitive info

Most popular headlines

Windows Blue to allow boot to desktop and brings start menu back? (3)

  • Tue 16 Apr 16:12 by DoMiN8ToR
  • Software, Windows 8

The upcoming update of Windows 8 might allow users to boot to the desktop again.

Jobs in US entertainment industry on all-time high - piracy?! (8)

The number of jobs in the film and music industry in the United States has increased despite the claimed negative effects of illegal downloads.

The Piratebay domain moves to Greenland - circumvents blockade (3)

The PirateBay has moved to the domain thepiratebay.gl in fear that their previous domain would be ceased by Swedish authorities

Intel 9 series chipset has native SATA Express (SATA over PCIe) support (2)

A Chinese tech site has posted a picture that reveals details on Intel's 9 series chipset.

See all headlines

Active Commenters