http://www.blackcode.com/news/view.php?id=405

LOL i nearly fell off my chair when i saw this.

I think Sharman Networks are lying, I think there was a serious bug in the code but they won't admit, why else do they release a patch within 24 hours? If Random thought it was a big bug I believe him. ;)

who are we too believe a company that includes trojans with their software or a mate from this board. :D

Way to go, Random Nut. :)

Good work man... And thanks for not releasing the code. :o

theres a full description (by RN) online of what the problem is and how it can be taken advantage, I think someone has posted a link in both the guest room and development room.

Why haven't Sharman tried to employ Random Nut?? He's clearly understands their own code better than they do..

Congrats dude :beerchug:

:lol: great job RN!

Sharman really should hire him. :D

I was just reading a thread about this in filesharing too.

Nice work RN ;)

I hope you dont go to the darkside and work for sharman.. :o

Sharman - - - > http://www.chinkii.com/uploads/album/misc/bowdown.gif random nut

Way to go RN! http://www.chinkii.com/uploads/album/misc/thumbsup.gif

Congrats RN, now you showed everybody who the real kazaa guru is. :lol:

Lol, thats really great!

I just have to agree on every post in this topic! Congrats RN :)

BOT

how do we know this is the real rn
and not some imposter?

Wow. :flowers: --> :santa:

Good a mod deleted that poser coco*** trying to steal RN's props. Good on you mod. :)

Hope you don't mind me asking but is RandomNut from this forum.

Yes click here (http://www.klboard.ath.cx/bb/index.php?act=Profile&CODE=03&MID=1789) for Random Nut's profile.

BOT

great job RN - It's about time that Sharman were shown up by a KL member (on a very public stage, I mean).

I can see this being in my national paper (The Mirror) in a few days time :) Can't wait to see it

read this also....

http://www.techtv.com/news/security/story/...3439428,00.html (http://www.techtv.com/news/security/story/0,24195,3439428,00.html)

So do we need a update of klite to fix this same bug, or what?

Originally posted by Schmiggy_JK23@28 May 2003 - 21:57
So do we need a update of klite to fix this same bug, or what?
There will maybe a patch/new build over a couple of weeks because Random is lately busy with other things.

Seems like something to add to the new build (before anyone who already can't wait for the build tries to kill me, I'm sorry [seriously] but I'd rather make sure this was sorted it now if it can be done now rather than later.

LOL
random nut = security researcher :lol: :lol:

GREAT JOB RANDOM NUT
that showed sharman

Hey if u do get hired, maybe you could get that full source
code that the developers could really use :lol:

Originally posted by zapjb@28 May 2003 - 18:28
Good a mod deleted that poser coco*** trying to steal RN's props. Good on you mod. :)
I don't remember posting in this thread.

And I am random nut. Just check my IP and email address ([email protected], same one as in the advisory). Jesus.

And no, I wouldn't want to work for Sharman Networks ever.

We already checked it, this is the real Random Nut. :)

LOL
random nut = security researcher :lol:  :lol:

As soon as you post in a security mailing list, you're a security researcher according to the press.

What I thought was funny was that the guy I emailed was on a long honeymoon. What are the odds, eh?

We already checked it, this is the real Random Nut. :)
So who deleted my post in the development forum?

Originally posted by random coconut@29 May 2003 - 10:25

We already checked it, this is the real Random Nut. :)
So who deleted my post in the development forum?
I'll ask the other Mods; one of them must have thought you were an impostor.

For german user:

http://www.tecchannel.de/sicherheit/reports/125.html
http://www.chip.de/news/c_news_10526535.html

:)

Great work as usual Random Nut ;)

I wouldnt want to be holding my breath for Sharman's "24 hours" :huh: :lol: :lol:

Heh, I now know what "Buffer Overflow" means in german... Thanks Benno. :D


I wouldnt want to be holding my breath for Sharman's "24 hours"   
They have already released KMD 2.1.1.

So your not letting fame go to your head mr coconut :lol:

How many people have been after you to talk then?

Not many really, maybe 10 different people, but perhaps it's much compared to what other "security researchers" (heh) get when they post something to Full Disclosure/BugTraq. I even got a fan email:

X-Originating-IP: [62.194.85.174]
From: "Murad Tanouti" <[email protected]>
Subject: fuckjou
Body: je moeder

:D

Jeez

fuckjou


says it all really. :D

these people really are stupid. he sends a so called "security researcher" his ip addy. not the smartest thing in the world to do.

why the name change and why not clear up some of the confusion and just get your randon nut account name changed?

As the News of this spreads, and people stop using their PC as a supermode, would it affect the fastrack system and slow down downloads :o

Originally posted by random coconut@29 May 2003 - 14:03
Not many really, maybe 10 different people, but perhaps it&#39;s much compared to what other "security researchers" (heh) get when they post something to Full Disclosure/BugTraq. I even got a fan email:

X-Originating-IP: [62.194.85.174]
From: "Murad Tanouti" <[email protected]>
Subject: fuckjou
Body: je moeder

:D
"je moeder" is Dutch and means "your mother", by the way.


Looks like the bringer of bad news needs to be executed. :D

RN what do you think how much would the RIAA pay you for the code, if they can take down the fasttrack network with it? :lol:

[QUOTE=4play,29 May 2003 - 07:20]
why the name change and why not clear up some of the confusion and just get your random nut account name changed? My question exactly. :unsure:

yeah I cant understand why not :huh:

RN what do you think how much would the RIAA pay you for the code, if they can take down the fasttrack network with it?&nbsp; :lol:

They already know about the vulnerability so why pay for it?

Although he has exploited the vulnerability, he will not be releasing exploit code into the public domain.&nbsp; &nbsp;

"I haven&#39;t released the exploit code. I don&#39;t want some little script-kiddie to close down all of the [FastTrack] network or parts of it," he said.

I thought you need some kind of code to do it. After all I&#39;m not a big genius when it comes to this things. :D

I have that code. It&#39;s not a worm, only simple code that can crash/hack my other computer. If I was an evil hacker I could&#39;ve easily written a worm.

Glad you aint an evil hacker,

don&#39;t want a coconut in my pc :lol:

Ah I see. :)

Originally posted by random coconut@29 May 2003 - 08:27

RN what do you think how much would the RIAA pay you for the code, if they can take down the fasttrack network with it? :lol:They already know about the vulnerability so why pay for it?
How do you know they already know the vulnerability?
(anecdotal evidence will do, so as not to incriminate your sources... :D )

How do you know they already know the vulnerability?
(anecdotal evidence will do, so as not to incriminate your sources...
becuase he posted plenty of information about it already.

no source code though so you would have to have plenty of experience with kazaa to be able to write an exploit it.


thank god mr coconut had enough sense not to publish the code as well otherwise every 1337 5kr1p7 kiddy across the planet would probably use it to slow down the network.

Random Nut could get payed millions by the RIAA and all the record companys that want to see the Fastrack Network abolished. He just needs to publicise it more so more ppl know about it. Not that i want him to though&#33; Long live Fastrack&#33;

good work random coco i new there was something wrong with the network myself and it has defently been that worm that has slowed down the network so many users creating an buffer overflow like
4000 users with net pumper notice the space between net pumper but if you type netpumper you get the real file but if you miss the space you have a file with a few thousand users wich = worm after worm
that goes for every piece of software between 700kb to 1.8mb and its the same virus 1 creates like 35 folders 1 creates 85 folders and it just keeps uploading virus after virus virtualy so the network has already been exploted IMO. it will need some amount of effort to cleansweep FT.

Originally posted by jamesandpie@1 June 2003 - 20:45
Random Nut could get payed millions by the RIAA and all the record companys that want to see the Fastrack Network abolished. He just needs to publicise it more so more ppl know about it. Not that i want him to though&#33; Long live Fastrack&#33;
Correction, &#39;Could have&#39; got paid (not sure about millions) but i bet there would have been a fair few 0&#39;s. Why would they pay him now though when they already know what the vunerability is and plus sharmen have already patched kazaa and i think the patched klite is on its way.

:o hmm.... i&#39;ve read this topic and the other ones about probs with dl stoppin, more searches,nothin happens ,it happened to me too .......
so could it be that this all connects somehow :unsure:


or am i gettin paranoid like my wife keeps sayin when i rant on about internet security,viruses and the likes and how important it is to be careful ????????????????????????


:blink: help they are gonna get us all :D

Yes, a patched K++ will be released soon. Just need to do some stuff first.