Kazaa: UPloading to someone else

Discussion in 'Computer Security' started by StupidScript, Aug 17, 2005.

  1. StupidScript

    StupidScript Guest

    I know Kazaa allows other people to DOWNload from one's My Shared
    Documents directory.

    Can I UPload a file to someone's My Shared Documents directory?

    (I see lots of confusion about UP and DOWN loading on these groups, so
    ....) Here's an example of what I want to do:

    1) I have "pix1.jpg" on my computer.
    2) I want a Kazaa user to have it on their hard drive.
    3) I want to "push" it into their shared directory.

    I do NOT want them to download it from me ... I want to upload it to
    them.

    Is this possible? Thanks in advance.
    StupidScript, Aug 17, 2005
    #1
    1. Advertising

  2. StupidScript

    Winged Guest

    StupidScript wrote:
    > I know Kazaa allows other people to DOWNload from one's My Shared
    > Documents directory.
    >
    > Can I UPload a file to someone's My Shared Documents directory?
    >
    > (I see lots of confusion about UP and DOWN loading on these groups, so
    > ....) Here's an example of what I want to do:
    >
    > 1) I have "pix1.jpg" on my computer.
    > 2) I want a Kazaa user to have it on their hard drive.
    > 3) I want to "push" it into their shared directory.
    >
    > I do NOT want them to download it from me ... I want to upload it to
    > them.
    >
    > Is this possible? Thanks in advance.
    >

    This is not the place for the query, anyone who is using Kazaa is not
    concerned about computer security. Of course there are better ways...to
    get viruses or other deviant behavior, but I sure can't think of any.

    Winged
    Winged, Aug 17, 2005
    #2
    1. Advertising

  3. StupidScript <> wrote:
    > I know Kazaa allows other people to DOWNload from one's My Shared
    > Documents directory.
    >
    > Can I UPload a file to someone's My Shared Documents directory?
    >
    > (I see lots of confusion about UP and DOWN loading on these groups, so
    > ...) Here's an example of what I want to do:
    >
    > 1) I have "pix1.jpg" on my computer.
    > 2) I want a Kazaa user to have it on their hard drive.
    > 3) I want to "push" it into their shared directory.
    >
    > I do NOT want them to download it from me ... I want to upload it to
    > them.
    >
    > Is this possible? Thanks in advance.


    Well, I'm pretty certain this would require breaking in; there's no
    reason the two computers would 'see' each other at all via Kazaa's
    networks, because of their distributed nature. And, if I remember
    correctly from a single passing experience with Kazaa some time ago (and
    not on any machine of mine!), it does not offer upload opportunities
    anyway (those p2p networks are all about downloading).

    If you know the other party, tell him/her to run an FTP, WebDAV or
    similar server. If not, well, there's no legal way to do it...

    Joachim
    Joachim Schipper, Aug 17, 2005
    #3
  4. StupidScript

    Winged Guest

    Joachim Schipper wrote:
    > StupidScript <> wrote:
    >
    >>I know Kazaa allows other people to DOWNload from one's My Shared
    >>Documents directory.
    >>
    >>Can I UPload a file to someone's My Shared Documents directory?
    >>
    >>(I see lots of confusion about UP and DOWN loading on these groups, so
    >>...) Here's an example of what I want to do:
    >>
    >>1) I have "pix1.jpg" on my computer.
    >>2) I want a Kazaa user to have it on their hard drive.
    >>3) I want to "push" it into their shared directory.
    >>
    >>I do NOT want them to download it from me ... I want to upload it to
    >>them.
    >>
    >>Is this possible? Thanks in advance.

    >
    >
    > Well, I'm pretty certain this would require breaking in; there's no
    > reason the two computers would 'see' each other at all via Kazaa's
    > networks, because of their distributed nature. And, if I remember
    > correctly from a single passing experience with Kazaa some time ago (and
    > not on any machine of mine!), it does not offer upload opportunities
    > anyway (those p2p networks are all about downloading).
    >
    > If you know the other party, tell him/her to run an FTP, WebDAV or
    > similar server. If not, well, there's no legal way to do it...
    >
    > Joachim


    Take a lot at some of the viruses that used to infect that network. I
    haven't looked at it in recent years, I know there have been some
    changes since I looked, however the method utilized the same mechanism
    that showed what files were available on other machines. They didn't
    require overt user action for the virus to spread. This may be changed
    now, shrugs, Our users are not allowed to use these file sharing
    networks these days.

    Winged
    Winged, Aug 17, 2005
    #4
  5. From: "Winged" <>


    |
    | Take a lot at some of the viruses that used to infect that network. I
    | haven't looked at it in recent years, I know there have been some
    | changes since I looked, however the method utilized the same mechanism
    | that showed what files were available on other machines. They didn't
    | require overt user action for the virus to spread. This may be changed
    | now, shrugs, Our users are not allowed to use these file sharing
    | networks these days.
    |
    | Winged

    Definitely there has to be a ban on P2P software on corp and gov computer systems.
    They are a strong vector of infection and data collection.

    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    http://www.ik-cs.com/got-a-virus.htm
    David H. Lipman, Aug 17, 2005
    #5
  6. StupidScript

    StupidScript Guest

    Thanks for the input.

    I want to assure you all that I'm nearly pure white hat. I have no
    intention of doing anything evil.

    I'm simply wondering how a file I did not download ended up in my
    sister's Kazaa shared folder.

    I know there must be dozens of exploits for breaking into a Windows XP
    system and depositing files, heck, I've seen rogue FTP directories set
    up and running on office production WinNT boxes, so I know it is
    possible, Kazaa or not.

    Since the IP address of Kazaa users and a route to their shared folder
    is clearly part of the Kazaa system, albeit running on the hosts's port
    80, then anyone armed with that info has a head start.

    This is not about viruses and worms that are disguised as/in media
    files that launch after the client downloads them from a Kazaa host and
    launches them.

    I'm simply wondering if there exist any common exploit to cause a Kazaa
    host to accept incoming files whose transfers have not been initiated
    by the client.

    i.e. How did that unrequested file get into my sister's shared folder?
    StupidScript, Aug 17, 2005
    #6
  7. StupidScript

    Winged Guest

    StupidScript wrote:
    > Thanks for the input.
    >
    > I want to assure you all that I'm nearly pure white hat. I have no
    > intention of doing anything evil.
    >
    > I'm simply wondering how a file I did not download ended up in my
    > sister's Kazaa shared folder.
    >
    > I know there must be dozens of exploits for breaking into a Windows XP
    > system and depositing files, heck, I've seen rogue FTP directories set
    > up and running on office production WinNT boxes, so I know it is
    > possible, Kazaa or not.
    >
    > Since the IP address of Kazaa users and a route to their shared folder
    > is clearly part of the Kazaa system, albeit running on the hosts's port
    > 80, then anyone armed with that info has a head start.
    >
    > This is not about viruses and worms that are disguised as/in media
    > files that launch after the client downloads them from a Kazaa host and
    > launches them.
    >
    > I'm simply wondering if there exist any common exploit to cause a Kazaa
    > host to accept incoming files whose transfers have not been initiated
    > by the client.
    >
    > i.e. How did that unrequested file get into my sister's shared folder?
    >

    Take a look at http://secunia.com/search/?search=Kazaa &w=0

    I see several methods that are mentioned on that page. Yes, there are
    ways to do this.

    Of note read the directory transversal flaw (unfixed) that allows files
    to be modified or created, just about anywhere on the computer,
    attackers choice (depending on permissions etc.). All someone would
    need to do is click on a specially crafted link. If you run Kazaa as
    admin, expect to lose control of your system.

    I hope while you visit the page you note the number of viruses that you
    are exposed to. These are the known ones.

    Winged
    Winged, Aug 18, 2005
    #7
  8. Winged <> wrote:
    > Joachim Schipper wrote:

    <On the topic of uploading via Kazaa>
    >> If you know the other party, tell him/her to run an FTP, WebDAV or
    >> similar server. If not, well, there's no legal way to do it...
    >>
    >> Joachim

    >
    > Take a lot at some of the viruses that used to infect that network. I
    > haven't looked at it in recent years, I know there have been some
    > changes since I looked, however the method utilized the same mechanism
    > that showed what files were available on other machines. They didn't
    > require overt user action for the virus to spread. This may be changed
    > now, shrugs, Our users are not allowed to use these file sharing
    > networks these days.
    >
    > Winged


    That's why the word 'legal' is in there. ;-)

    Joachim
    Joachim Schipper, Aug 18, 2005
    #8
  9. StupidScript

    StupidScript Guest

    Thanks a lot for the info, everyone. And thanks for the Secunia link,
    Winged. Just what the doctor ordered. :)
    StupidScript, Aug 22, 2005
    #9
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. j forester
    Replies:
    4
    Views:
    1,467
  2. =?Utf-8?B?S2ltYmVybHk=?=

    How can I check my email from someone else's pc?

    =?Utf-8?B?S2ltYmVybHk=?=, Apr 24, 2006, in forum: Microsoft Certification
    Replies:
    1
    Views:
    2,690
    =?Utf-8?B?Sm9obiBTdHJvaGVja2Vy?=
    Apr 24, 2006
  3. Wi-Fi Dude
    Replies:
    13
    Views:
    16,207
    redskins
    Apr 23, 2011
  4. Gary Glencross

    Borrowing someone else's XP disc - some questions

    Gary Glencross, Mar 4, 2004, in forum: Computer Information
    Replies:
    4
    Views:
    553
    George
    Mar 5, 2004
  5. Representative Trantis

    Changing Settings On Someone Else's Computer

    Representative Trantis, May 8, 2004, in forum: Computer Information
    Replies:
    3
    Views:
    398
    Chris
    May 9, 2004
Loading...

Share This Page