Looking At Your Files Without Using Kazaa

[tracydani]

I read this elsewhere and copied it here. This looks similar to something we used to discuss in the past here and I thought it should be brought back up because it may be a way for RIAA to get a list of your files even with the hide shared files disabled.

TD







...without even needing to run Kazaa yourself !

I discovered this site and tool today, but haven't yet tried it out:

http://www.dsns.net/news.html

From that site:

"Do you want some mp3 files?

Here is a way I discovered how you are able to locate users of the file-sharing tool "KaZaA" with DSNS and access their mp3 files without running KaZaA itself.

1- Select any dailup range
2- Add port 1214 (protocol probe: HTTP (GET), file: /)
3- Go!

After just few seconds I got following results:

217.1.x.x 1214 200 OK, KazaaClient Aug 29 2001 19:44:27
217.1.x.x 1214 200 OK, KazaaClient Aug 29 2001 19:44:27
217.1.x.x 1214 200 OK, KazaaClient 0.1
217.1.x.x 1214 200 OK, KazaaClient Aug 29 2001 19:44:27
217.1.x.x 1214 200 OK, KazaaClient Jul 5 2001 17:18:29
and so on...

4- Now open your favourite browser and goto http://*ip*:1214/
5- Have fun

What do you use DSNS for? Post into the port scanning forum.

-- Hannes Gräuler "

*************************
I've used PortExplorer to see what IP's are connecting to my PC and through what ports. I can map them and see where they come from, but THIS goes much farther than that! If Hannes post is correct, you can actually access the Kazaa users files directly through their IP and port after finding them with DSNS any time their running Kazaa.

[delphin460]

not if you have a firewall you cant

[Afronaut]

Interesting.

Maybe i should try this some day.

Im not really into this kinda thing, getting in to ppl's PC's and such more
than using, say, p2p app.

Any Kazaa Lite user without some sorta "protection"
should be intersted in this.

Better yet, all the guys who "develope" them new/old K-Lite versions should
definately take a look into this and try to disable the possibility somehow.

Hey Boss, you reading this?


I wouldnt mind seeing more security added on K-Lite.
Alltho, i use it maybe once a month for a mp3 or two.

[Sparkle1984]

I don't really see the point in this. I did the port scanning and got many results, but when I tried to open it in my browser, eg http://62.11.51.206:1214/ all I get is a 404 error. I suppose if someone is behind a firewall, that will stop you from getting at their files?!

Anyway, it would be impossible to search for specific files using this method, and it seems a very tedious way of "filesharing".

[Entity101]

That vulnerability was fixed long ago when Kazaa 2.0.0 appeared.

[tracydani]

I did not post this as an alternative way to share files Mearly saying that if this could be used to get a list of files from a particular ip, people may want to be aware of this.

I'd hate to be using kazaa with the option to hide my files enabled only to discover that people were seeing them anyway

@Error403

You say people cannot look at your files this way? Or they cannot download them this way?

TD

[h1]

Originally posted by Guitar-Slinger@3 April 2004 - 06:20
Hey Boss, you reading this?