This does not belong anywhere else...so...
 

Hi, all I am working on my own fasttrack client and I'm really having a lot of fun with it. I've been asking for help...i need people who are familiar with C++ programming, windows API calls and just generally windows API in general and plug-ins for it.

Also need people familiar with Java programming too and perl.

If you are interested in helping me out on this unpaid, labour of love project please PM me and let me know.

Now then for the rest of you who get sick and tired of me posting bits and pieces of the new client in other threads i've decided to keep them confined within the restrains of this one thread

so if you are interested in seeing a work-in-progress then enjoy if not then well, that's too bad...don't look at it ;)

First pic a customised dialog that pops up if Adaware uninstalls the dummy cd_clint.dll file that my software needs to run. I tried to find a way to bypass the necessity of the dummy cd_clint.dll file by downloading the Cydoor SDK (developer's kit or pack)

but haven't gotten around to doing anything with it yet.

anybody thinks that they can make a kazaa-client without the cydoor dependency...please try and release it to the public.

Until then its a dummy cd_clint.dll file for me ;)

:S:

Please forgive me if i get over enthused about this but it makes m so happy to be able to bring you all a client that will actually improve you overall enjoyment and p2p experience

In this version i did away with the Surfola.com although it is still available if you want to surf the web anonymously while using "metamorphesis" (the name of my new client which will surpass and replace KaZaLite as the number one p2p client for windows....or as least i hope it will :D

look at this screenshot (remember this is a work in progress)

btw if you surf to Napsterites through surfola you can't post to the forum unless you register as a member of the surfola website so i figured well that's gotta go so now you can post here just like normal from the metamorphesis client (a hacked version of KaZaA)

:)

look below:

Based on the past timmay, I can't wait to see what kinda spyware you come up with for your program.

LOL


Either way, best of luck. Congrats on the initiative.
Remember dont hire jason as your PR guy.

LOL

i have been in contact with jason recently and he declined my offer :(

however, I may take the advice of Jack Spratts and so many knowledgeable others whom have suggested that i realease a new spyware with hidden p2p capabilities.

I think that would make for a more attractive headline on cnet...don't you?

hehe :)

best of luck with the FT client (no offer of help from me as the last time I coded was about 4 lines of Basic on a BBC-B).

One question: will you be including IP bouncing?

it seems far too easy right now for some 'copyright enforcer' to run an IP trace by d/ling a file from you (leading to nasty 'cease & desist' letters to people's ISPs) and apparently Filetopia has managed to combat this with IP bouncing.

I think end-to-end anonymity is becoming a big concern for p2p users, and would look forward to an FT client that could provide that.

This is a VERY excellent point TwinSpan and right now the answer is no...however I do have another article i intend to do for the Napsterites to show you all just how dangerous and how vulnerable we all are....and yes

i can't hardly wait to write it...i hope it will be enjoyed as much as my previous article on using the Getright browser to connect with Supernodes now that parts of the fasttrack network have been changed to act and behave differently and older clients [1.4 and below) have been rendered useless by changing the protocol (language that is spoken of the internet) by the current Fasttrack clients.

Without giving too much away...KaZaA or at least the network has its own form of DNS (domain name service) meaning you type in a name like :

www.google.com and it gets translated into its numerical form of 216.239.39.100

try this:

click this link http://216.239.39.100 and see if it doesn't also take you to the Google search engine website.

This is normal and its a natural part of the way the internet works

From my findings (based on the works of Indiana Jones and Scyth) i've been able to determine that fasttrack clients (KaZaA is the only one I've studied but this should apply to Grokster too, possibly Imesh [but I don't know about Imesh--i'm trying to take one thing and do it well instead of knowing a little bit about a LOT of things i'd rather know a LOT about one thing ;)]

Anyways, I've learned that KaZaA through its DNS service (encrypted of course to "normal eyes" but not to my pioneering private eyes , lol) does associate your ip address with your UserName@KaZaA its quite remarkable how this works and as far as I know no one else has documented this...

I'm a little reluctant too document this for the following reasons:

A)I want to better the user's experience with Fasttrack....open sourcing would be the BEST WAY to do that...until then all we have our independent studies (like those being made by me and others who will share their findings with others) by doing this it helps to furthur the research and would be considered a form of "reversing" the network (reverse-engineering) only because the fasttrack protocols have not been made known and are kept a tightly guarded secret from the world in general. :(


the downside of documenting discoveries made is:

B)The RIAA now has information which they need to track down offenders and do exactly what you said

and or

C)people will misuse these findings for harmful intents and purposes(defrauding the network, other clients, peers, etcetera) such as compromising a vulnerable client ran by a naive user. :(

However knowledge in the right hands his power in the wrong hands it can be a very lethal and destructive force. Its sad that my research is the only research that is currently being made available.

Harb,

I think I may be qualified ;) As I've said b4, my p2p app will include fasttrak support. Once again I'm sorry (and quite frustrated) I can't spill the beans on everything I have planned, but for legal reasons I need to wait until I have a company set up so I am not personally liable. If it is as xplosive as I anticipate it will b, legal concerns are an issue :D So I'd be happy to help. There is not much I can offer at the moment bcoz I am in the middle of exams, aside from answers to any questions you may have about: x86 assembly, win32 API, C++, C#, java, disassembling :RS: you can direct those to mospum@hotmail.com . In a week's time tho, when my exams are over, I will have nothing better to do all day xcept code my p2p app and hack FT :)

Thats really good to hear AYB.

Hopeflly it wont be too long till everyone can try your p2p app.

Setting up a small comapny to take any legal fall out is also a smart move.

The name alone should make RIAA want to wring our necks, and u guys pee urselves ;)

Bored of revision so I'm going to try my hand at removing cydoor. First time I've ever touched kazaa (have adaware waiting on standby :)) and immediately I'm struck by wat a bad idea to have the installer download the program via the actual network, far too slow and fickle in comparison to a good website.

Yeah round up that cydoor and put it through a head splitter.

I think Fast Tracks cloud load is a total joke. Not the best way to get version of a program.

But if I was able to plug in any file name into cloud load, such as tmd-whatever-cam(part 1 of 2).avi then it would be a neat tool.

Low on system resources too.

Then you could also distrubute the fuct cloud load to friends etc, or from a site and they would also be able to get the movie.

Thanks, AYB....good luck on those exams!

and hopefully we can collaborate some in the future here, shortly.

now then a note for h@xor

h@xor do you remember what we discussed on the "PM" about the hidden resources inside of a bitmap?

well here is some interesting reading for you...

i hope it helps ;)

http://www.tnm.de/dbulletin/bu09rw.htm

Oh and update on the tools I'm using.

right now Resource Hacker is very user-friendly and helpful

although I've noticed that there are some bitmap (mainly icons)

that I can replace without getting an error message from

"kazaa" about a "missing dll" being required....this made me

wonder if fasttrack was somehow hiding dll files in their bitmap

images or "resources" within the compiled KaZaA executable?

There are a few other items that when a change is attempted

to be made will also crash the Resource Hacker program.

Another note. I WAS WRONG when I mentioned earlier that

Kazaa.exe is compressed using PECompact 1.67 (this information was not based on my own first hand experience but on that of a cracker by the name of ReaLiStry.)

When I tried using various different "unpacking" tools on it like unpecompact , etcetera...i got the message that "this executable is not packed using PECompact...so either ReaLisTry was mistaken OR this was a different version he was unpacking but

I was unsuccessful with using unpecompact to uncompress the executable.

ANOTHER *NOTE*

There is some check made by the kazaa.exe that looks for the prescence of SoFtICE being run on your system and if it detects it then it will refuse to open or run the executable...


anyone know anyways around this.


and of course their is the cydoor dependency which hopefully the Cydoor Developer's kit will provide some answers and or solutions for it.

This is also another example of what happens when too much is known about a work in progress....the people who are protecting their software are able to learn as well and put safeguards like the one's mentioned above into affect.

Anyone remember RefoSearch?

Now THERE was a CLIENT!

MiRRoRman, where are you!?!

;)

any feedback on the icons for the system tray and My Shared Folder?

here are the samples so far:

Are u for real timmy? Those are the most ugly icons i have seen.

Aside from KaZaA's original ones. Please understand Pink, is one color that doesnt blend well with everyones color schemes.

Use something more neutral.

Are you looking at any of the old gift source code?

re: ssj4_android

yes, anything I can get my hands on would be helpful. If you have any info please post it here or in a link and if necessary you may email me at harbynger1901@hotmail.com

and thank-you.

re: ethen

if you have something you'd like to submit please do so via one of the methods mentioned above.

thank-you all

:tu:

More Icons to Vote For

please vote for your favourites or if none of these suit you

submit your own! :D

BTW I'm using MicroAngelo 5.0 to make my icons and here

is a website I'm getting information from:

http://www.favicon.com/#1-11

You have me curious timmy.
From your little drawings, u look to be about 3.
How old are you any way?

I guess there is only one way to find out.

Also, try http://www.deviantart.com for tips on designing icons, etc.

Harb,

I can't begin to remove cydoor without unpacking kazaa. I tried unsuccessfully all of last nite, then once you identified PECompact I had another go using specific tools but still no joy. Where did you get the info from ReaLiStry? :)

Programs are able to check for debuggers such as SI by checking for INT3 (interrupt 3) which is a breakpoint. i.e. stops program execution so you can examine registers, memory etc. Kazaa is one of those which will not run if it detects it. I will read up more on this to see if there is a way around it.

Harb,

I can't begin to remove cydoor without unpacking kazaa. I tried unsuccessfully all of last nite, then once you identified PECompact I had another go using specific tools but still no joy. Where did you get the info from ReaLiStry?

I found out about ReaLiStry from reading a post to the original message boards for kaZaALite under the developer's forum someone suggested...why not remove the dependency for the cd_clint.dll file altogether?

And they pointed to a crack's site called Cracks.AM (be warned upon accessing this page you are prompted to download and executable that tells you it will help you look for mp3's this "program" that loads when you access this page is nothing more than a "browser hijacker" and it attempts to put an automated dialer on your 'puter either for an irc channel or for some porn thingy in europe it also does other nasty things like add porno links to your favourites and put tons of shortcuts on yourdesktop and also changes you default desktop background as well as adding extra desktop "skins" or bmp's to the directory where background images for you desktop are stored)

Now then the gentleperson whom suggested this crack may have mentioned several different programs. I went to astalavista.com and did a search for the word "kazaa" (try it with each of the different search engines they have there and see what you get)

Anyways to shorten this story. The crack by realistry was supposed to set up an automatic loader for the Kazaa program that bypasses the need for cydoor so this interested me. If you need the link to the program or want me to email it to you let me know.

My friend h@xor says all it does is just replace the dummy cd_clint file...however its been a while since I actually tested it (this was for version 1.51 of kazaa) and if i remember correctly...I think it actually did create an uncompressed copy of kazaa...

Now then as far as compression/uncompression goes. You are right it needs to be either A)decompressed or B)unencrypted (whichever is the case...maybe even both)

I've had a lot of success using Hview (hacker's view) it gives me no problem looking at the full dissembly and also Borland C++ is good and I love the windows Spylog (it's phenomenal)

*disclaimer* although I have Borland C++ and Hview does not mean I know what I am doing or how to use either one* hence my "disability" is concerned but remember:

"...my only disability is your perception of my ability. ;) "

Programs are able to check for debuggers such as SI by checking for INT3 (interrupt 3) which is a breakpoint. i.e. stops program execution so you can examine registers, memory etc. Kazaa is one of those which will not run if it detects it. I will read up more on this to see if there is a way around it.

Programs are able to check for debuggers such as SI by checking for INT3 (interrupt 3) which is a breakpoint. i.e. stops program execution so you can examine registers, memory etc. Kazaa is one of those which will not run if it detects it. I will read up more on this to see if there is a way around it.


Cool, AYB in the meantime check all the tutorials on this page:

http://rstone.cablebg.net/Cr_encrypt.htm

[you too h@xor please check it out and http://rstone.cablebg.net/Cr_tut.htm these too <- ]

p.s. I heard you get something called either Icedump and or Frogice that works either with SoftIce or in place of it that was made just for this very reason [to get around protections like these--i post this info for the people who know how to do these things and use these programs I myself have no knowledge of any of this activity whatsover :| ]

The issue about cydoor is presumably it is calling the WinAPI function LoadLibrary and if it fails, complaining and exiting. So our job is to make it think the LoadLibrary call has succeeded, which my involve quite a lot of work filling in certain variables and forcing certain functions to return "correct" values. This can either be done at load time by editing the actual EXE file or at run time, by patching the call to LoadLibrary which causes it to first perform some of our code ( such as if( trying_to_load_cydoor ){ return success } else { call LoadLibrary } )

I will have a go with Hview, but surely all it gives you is the packed executable code?

Actually, Kazaa does something a little more tricky than this. Specifically it does something along the lines of (in C-like pseudo-code):

When not under a debugger, the breakpoint exception caused by the INT3 is caught by the program before ExitProcess is called. Under a debugger, the debugger catches the breakpoint exception. When execution is resumed, it continues at the next statement which causes the program to terminate.

You can get around this by patching changing four bytes in the latest executable begining at offset DD052h to 31-C9-F7-F1. This causes a divide by zero exeception to be thrown rather than a breakpoint exception. A debugger shouldn't catch divide by zero exceptions without first giving the program a chance to handle them.

Of course, that'll only let you debugger the loader section of the executable. You'll still have to get around the compression/encryption being used. Good luck with that.

Is it not possible to simply replace the INT3 with a JMP to the rest of the code? In order to debug the unpacked executable that is.

You could, but first you'd have to do some cleaning up of the stack.

By the way, the debugger detection routine is in the unpacker/loader section of the executable. I've yet to succeed in unpacking it.

When you do, let us know ;)

I'm not sure if I'll be able to. Reverse engineering isn't really my thing.

Timmy,

1) A modded morpheus, that presents the best UI change I have seen, Incorporating tabs, and a always present search box.

screenshot... http://home.attbi.com/~darkstar559/stuff/morpheus2.jpg

2) Old kazaa builds
http://ftp.pu.edu.tw/Cpatch/other/kazaa/source/

and here

http://ftp.nchu.edu.tw/Winsock/other/kazaa/source/

3) For refrence to those who want the original Disassembly of Kaza listing...

http://www.new-wave.net/gift/dis/rlandor.html

:AP:

re: Ethen thank-you that was some really helpful info. :)

a)concerning the jpg of morpheus (preview edition)

[i]if i could make my client look that for you.....i probably would. I like the idea of the constant search button btw

i have a semi-quasi archive of your old geocities p2ptech site do you mind if i post those 3 jpg's of the KaZaA (xp-ish) version that you once had worked on?

and also I really loved your comments on what the "client" should be like (that was an execellent article) mind if i repost those (here to Napsterites?) for the benefit of and the enjoyment of the "community"? thanks (hoping you will say yes, in advance ;)

the older versions of the client links were cool and may be useful.

The sourcode or (dissasembly was excellent) for you cats on dial-up like me ....try downloading it (the webpage) with getright (select "No" if it asks you if you want to open the page in the getright browser window...just download it to your harddrive and view it from there with the webbrowser of your choice)

:D

Nope. Please dont post my P2P stuff.

Its all enjoying retirement. Thanx in advanced.

I shall respect your wishes, then, mistar.

p.s or rather "btw" did you know

that this site http://communities.msn.com/P2PTech was online

and "operational" again...only this time it has been made a private closed to the community republic in an effort

to keep out the "frank rizzo's" of the world ;)

Yeah I know. I can see the hits from MSN stats.

Just dont be putting up any of my old things. The name I dont own, but the material I do.

;)

okay, ethen we are cool then :)

i will respect your wishes....

now then an update for all on "what is taking you guys so long to do this? (p2p development and enhancement projects)"

First off, I'd like to say that it is NOT EASY to do what we are

trying to do. It is also NOT IMPOSSIBLE

what are some of the stumbling blocks in MY way?

a)i'm not a programmer

b)kazaa.exe has some seriously good protection schemes going on with it...please check out posts by "snowman" and "scyth" for more details.

1)encrypted processes which prevent tampering (removing of and changing icons, bitmaps, etcetera

2)protections (unknown file compression for an executable file similiar to the way you'd zip a regular file only this type of encryption is done to compress (make smaller) executable files with the extensions .EXE) it also prevents a Debugger or and uncompressing agent from unzipping it so that it can be broken down into a simpler form (uncompressed and "unpacked" with an unpacking tool like windasm8.93 or similiar)

3)some type of protection that detects softice (a program used by programer's for "debugging" problems with programs and can also be used by "us" hopefull to remove the dependency on having a cd_clint.dll in the first place as well as providing us with furthur insight into the wonderful program known as kazaa


what else is slowing me down?

c)While using Resource Hacker (a wonderful program invented by a genius programmer that allows you to customise most any 32bit windows executable program) I've encountered problems with the kazaa program that will either hang or crash the resource hacker program (its like walking through a landmine you never know which change will set off the bomb) so while i've been extremely close to getting things just right (remember i'm being brief and leaving out a few details for the sake of brevity here) Whenever one of these "bombs" would be triggered i would lose all the previous work i'd done on the client and have to begin again each time all over...This has happened to me 3 or 4 times already.

d)sometimes I get sick of trying to figure it out and need a break.

e)My main biggest problem which I consider (for me only) to be my biggest setback is making the application compatible with windows XP...i can get it to run perfectly on a Windows 9x machine but XP is in my humble opinion "so different" from windows 9x...the locations for the files...logins for multiple users..etecetera


f)My program will come with an uninstaller which WILL work (i think it was either Twinspan or Buzzbk who mentioned something about this in another post about how they hated having "leftovers" in the kitchen (window's registry) after a program was removed from their system)

Gentlemen, SO DO I


well, these are some of the reasons its taking me a while to complete this endeavor.

The last reason is this:

Do y'all want any form of "cookie" control or the ability to block websites from showing up inside the client window (metamorphesis or "whatever the final name will be") of the client?

I personally like the idea of cookie control but what are your thoughts?

Please some comments are DESIRED

feedback is important to this project and so too will betatesters

Goldenrod you are already on my list for one of the first to receive

a beta when its ready...


i could use a few more volunteers?

alright...who wants some?

hehe

:)

"kazaa.exe has some seriously good protection schemes going on with it..."

Yeah thats why its taking you so long. Your not making a P2P app.

Your just ripping code from fasttrack, and reg editing it with your own icons etc, web browsing etc.

AYB and others I presume are building P2P apps based on kazaa maybe? But from code they developed, or prehaps making a program from scratch.

I would bet for that reason on the others being finished first.

As for editing kazaa to be spyware free and include other features, one like that is already done and its very good. Its called KaZaALite.

Gift tried orignally reverse enginering KaZaA and the Fast track network, and even though they met with sucess, they decided it was far better to switch the mindset over into developing thier own app.

Why not use your skills to do the same?

hi, ethen

you almost make that sound like a bad thing (trying to reverse

the kazaa app) and while gift did change their focus i think it

was due more to frustration over not being able to understand

the mechanisms behind the updated software (i'm sure this was

a dissapointment and major setback for them) I look forward

to their new independent project and wish them much success

with it.


To answer you briefly as to why not make my own p2p app?

I do not think i am talented enough or have the necessary

specific skills (e.g., programming understanding networks

especially packet based and how they work, encryption/decrption

etcetera, etcetera)

so i do what all good "programmers" people do...I piggyback "much like ALTnet" on the back of kazaa

or rather I take an already existing idea and try to make it better

and TRUE very TRUE kazaalite is GREAT i do not give Shaun

enough credit (i think he and "yuri" are one in the same) His websites (the one shutdown that contained the info i needed on Xml "skinning" for windows XP and the kazaalite app....darn that Sharman") and his new site the tk one with the "nuke" was a great idea. I won't say much more about it except that i admire him and his site.

i can't remember the exact quote i wanted to make but i'll try to give you something anyway ...here goes:

shoot i can't remember...maybe tomorrow i will have a "snappy" comeback for you but tonight i am tired and in need of rest (deserved or not....i need some)

:)

p.s. thanks for implying that i have skills or talents that was nice. :)

Okay then. Enjoy your Kazaa clone.

I didnt realize your not into programming. Always thought you were.

moving right along then.....
 

first my apologies to all who rely on me for their information concerning fasttrack and the continuing events at kazaa.

what you read here...a lot of it will be unpolished meaning you won't always find fancy words or descriptions here...sometimes you will just see me "doodling" or "taking notes" this thread is kind of like a repository for my ideas and hopefully for the ideas of others of you too.

I know that there are quite a few of you who possess some firsthand knowledge of these clients (kazaa/oldMorpheus/Grokster) some of you helped to work on the applications themselves performing different tasks..some of you were also put out of work by the morpheus shutdown. it would be nice if some of you PM me with information on the network you'd now like to share as a form of "revenge"

Now a little rant:

Okay we(we here represents "the people") have cracked DeCsS (the encryption for DVD's) we've cracked the RS5 (damn i get the version wrong...all the time) encryption....but when it comes to kazaa, [sarcasm]nope, that's WAY TO HARD![/sarcasm]

lol, fancier encryption algorithyms have been cracked, DeCss has been cracked so why not KaZaA? we just need a few motivated and talented/interested people to do it who will share their knowledge.

Remember to these elite few who possess the knowledge and abilities above those of their "fellow men" this task is nothing to most of them and to some of them they could care less about changing the icons in kazaa the true joy for them comes in opening up the protection on a "locked box" (in this case the lock is the protection scheme on a program) for them they take pleasure in outsmarting someone else...their motto "if it can be encrypted it can be unencrypted" to these people i salute you.

I just managed to unpack the Kazaa installer. I won't be posting it as that would be illegal. Instead, I'll write an automated unpacker and post that. Look for it later today.

The Kazaa executable itself appears to use the same packing/protection system. Unpacking it should be easy enough now.

with the above in mind....i found this thread located on the new
kazaalite forums:

http://www.kazaalite.com/nuked/modul...thread&tid=240

i've been trying unsuccessfully to download this for about 20 minutes....if its a hoax then that sucks if its for real then it would be a breakthrough....if its a trap....then oh well

but right now i/we can't afford to pass up any chance at anything that will be helpful or useful to us.

Thanks for the support i have here in the Napsterites forum and thank-you to the programmer's here who offer their insights and some who even don't mind compiling the raw source code for a few apps i have.

I've got some information attained from astalavista.com and i believe bugtraq for a program that would allow you to send an instant message to anyone on the kazaa network based on their username@KaZaA

someone has asked me about the newer versions of KaZaA and the way the DNS works...i will try to do an indepth tutorial on this soon (hopefully no longer than a week's time from this post today)

Short answer to (your question) Yes, you can change your username at well and yes the DNS is updated in realtime by the supernode(s) you are connected to.

:AP: :beer: :AP:

God(deity of your choice inserted here) bless you Scyth!

Excellent work my friend. I knew you could do it!

:D

some helpful tools can be found here

The PEexplorer is very useful and comes with the upx uncompressors also the resource tuner allows you to see a lot more of those "forbidden" bmp's than resource hacker would let you see....both of these programs are shareware (free to evaluate for 30-days)

Scyth I look forward to your utility soon as well. :)

you know you could post something like:

http://www.angelfire.com/super2/kazaa and that way you are only posting the link to angelfire...and people can copy and paste the ending in their webbrowser...that way you'd not be violating any TOS on napsterites ;)

:tu:

Done. The attached file will unpack kmd.exe. Run it from the same directory kmd.exe is in.

edit: Changed the attachment. Works under XP now.

hot damn!@Xyctnam
 

Fee Facking Fan!

how'd you figure this out, Scyth?

please do tell because I find that the "journey to discovery" is

almost as great as the final arrival to the destination.

If you will please tell us a little about some of the things you

tried that didn't work and what finally got you on the right track?

this is remarkable and quite amazing. thanks for including your

source (again i should remind my "brothers-in-arms" that i'm

not a programmer) but i do appreciate "commenting" on their

source code (that's how I learn) and this great :BGS:

:AP: :AP: :AP:

Scyth, i could not get your unpacker to work for me...all it

would do is launch the kmd.exe but as far as "unpacking" it

didn't do anything for me....is there anything else special i

need to do besides run the unpacker in the same directory

as the kmd.exe?

Tutorial #2
 

Unanonymity and KaZaA

special thanks to Scyth for his help with this tutorial

How to find someone's ip address from their Username@KaZaA

In order to successfully complete this tutorial it is first necessary to read the KaZaA Out of The Underworld thread particuliar the tutorial section dealing with the kazaadebug.log

I will touch briefly on this method once again (credit to Scyth for this info). First go into the directory where your kazaa.exe program is located. Next create an empty plain-text (ascii) text file
called kazaadebug.log

Next double-click on the kazaa.exe to run it (note that the log will not record debugging information if the kazaa.exe is started in another manner e.g., through a "shortcut" key or a link on the desktop or "quicklaunch" it has to manually be double-clicked for the debug log to record sucessfully.)

Then just search for whatever you are looking for. In this example the file "spiderman" + "gonutz" were the key words used under video files >All to search for. Once I found what I wanted I just double-clicked on the filename that showed up in the search results to begin my download.

After you download a portion or for however long you wish to download for when you are down downloading close kazaa.

Now go into the folder where you made the empty text file called kazaadebug.log

Open it up with a text-editor like Notepad or the very excellent EditPadClassic. Now look for something

similiar to the examples below:

Download: (smr)Spiderman.avi New connection t_dog@KaZaA 0-174180352/174180352 to 187f471c:1214

Download: (smr)Spiderman.avi New connection xnylived@KaZaA 0-174180352/174180352 to 4123d055:1214


Download: (smr)Spiderman.avi source xnylived@KaZaA 4123d055:1214 overloaded, retry 300

Download: (smr)Spiderman.avi source zerosmarts@KaZaA c0a80164:1214 overloaded, retry 300

In the first example #1 we see a username of t_dog@KaZaA followed by a series of numbers

0-174180352/174180352 to 187f471c:1214

the part that says to 187f471c:1214

is the part we want. The 1214 identifies it to us as being an ip address. The ip address that
corresponds to that particuliar username.

But you say: "I typed that into my browser window and nothing happened." Exactly nothing will
happen until you decode the ip address.

Right now what you are looking at the 187f471c is called a "hexadecimal value" to convert it to a
form that you and i can understand it is necessary to change it from a "hexadecimal value" to a
Dword or (double-word) value.

To do this we will need windows calculator. Goto Start>Programs>Accessories>Calculator

While in Calculator choose View>Scientic which will look like this:

http://www.napsterites.net/undergrou...&postid=130407

Make sure that "hex" is selected and enter the value for ip address (in hexadecimal form) that you wish
to "decode".

Now all you have to do to get the Dword value is just to check the circle that says "Dec" which
stands for Decimal.

Do it and you should have something that looks like this now:

http://www.napsterites.net/undergrou...&postid=130408

This should give you the following value 410994460

[so the d-word value of 187f471c is 410994460]

Next step:

Goto this address:

http://www.fichtner.net/tools/ip2dword/

and type 410994460 into the box that says Dword value Then press <Enter> and
it will translate the d-word value into an ip address for you that you can now enter into
a webbrowser formatted like this http://xxx.xxx.xxx.xxx:1214 where "xxx.xxx.xxx.xxx" is an ip address or
the result returned from following the instructions in this text.

In this example the 410994460 turned out to be this ip address: 24.127.71.28

Buh-buh- bhwah , i can change my username to anything i want to right? yep and your ip address gets updated in realtime by the supernodes you are connected to.

End of Tutorial.

Don't abuse this (try the other three for yourselves and let me know what you get)

Cheers,

-Harbynger (of D00m)

jeez harb, you can scan an ip address in real-time with none of the gymnastics by nestating your target. while it's nice to know you can do things the hard way, what am i missing? :) or can this be used without ever seeing the user, as when you leave kazaa running and unattended with a ton of files queued and the ones it eventually completes are from multi-sourced users different than the ones from "search results"?

- js.

Why is this an important discovery?

A couple of uses that I'm aware of include:

1)somebody has a rare file you really want and they wait until you've downloaded almost 90% of a file then they cut you off. If you are a h@><or you can get the ip and use a port scanner to scan the last octet in their ip address...making note of files they are sharing and if they change their username@kazaa all you gotta do is run your portscanner looking for port 1214 and bingo you can find him/her again (there are futher advanced techniques i'm not gonna go into for obvious reasons]

2)People trying to reverse engineer the fasttrack network and understand how the supernodes/clients communicate with one another may find this inforamtion useful. The key here is that KaZaA associates an ip address with the username. This is how file searches and queries are done.

3)A program from Astalavista.com reportedly enables you to send instant messages to someone whose Username@KaZaA you know. This information might be helpful in further developing that application or to improve the messaging feature currently available on the fasttrack clients eg., [b]give you the ability to type in anyone's username@KaZaA and send them and instant message (regardless as to whether or not you were downloading from them).

4)R.I.A.A. and other copyright agencies or groups might find it helpful in tracking you down for prosecution.

I would like to submit a vote for harby, to be nominated Napsterite of the year. For finding IP addys, the hard way.

Aswell as being able to change peoples user names on the kazaa service, among other hijinx.

Congrats Timmy. (clap) (clap) (clap)

the log works also good with grokster :tu:

My mistake. It didn't work under Win XP/2000/NT. Fixed now.

re: scyth and unpacker

thanks, and yes i am using XP so that was probably it. :)

edited to add the following:

Pure, focken Genius!

that's all i got to say...for now. :D

:AP: :AP: :f:

"yes."

:)

over a year ago we were using scanned ip's to do port 1214 searches without even bothering to load a fasttrack client. we just used i.e., and we still can today. with ip #'s taken from active transfers you can always scan shared files - no matter how many times a users changes a screen name - as long as their ip address remains constant. so what's different? i'm asking because this at least sounds different, and if it's different it might mean a new weakness. if that's the case it brings up other issues.

- js.

so it's like an auto ip grabber. works even when you're sleeping and ties the ip to a specific file? o.k., that's new (and welcome). but it doesn't allow more harddrive access than the netstat way does it? in other words this technique does not compromise a fasttrack user further. or does it?

- js.

what's different now, jack?

Well, [i]its been my experience that the browser "hack" with http://xxx.xxx.xxx.xxx:1214 no longer works anymore

have you tried sucessfully downloading from someone in this manner?

(oh btw be sure to look at page two I updated some of the new uses for what you were asking me about)

shoot, I'll repost them here:

***note**** [i]there is a 5th item I'm not mentioning****

anybody else got any ideas?

Not at the moment, Jack however if successful in applying the

technique in the first tutorial (the other thread) you could

steal someone's "supercookie" and have access to all their

MSN sites or get credit card info anything that a person puts

on their computer that they think is "safe" really isn't if the other

"hack" is executed without making any errors. (i've only

tried it sucessfully on the example given in that thread...hence

the reason i removed the pic)

The real problem is in KaZaA's entire setup.

One girl did a site where she included everything she came up with, and a connection a comapny has in using KaZaA to mine personal info.

She even gained acess to files from an Ottwa rcmp detachment.

Was an intresting read. Not like that BBC garbage that spewed out all over the net a few months ago.

When people are running the equivlent of a web server, its bound to have every hole and exploit, and buffer over run sniffed out.

However it seems KaZaA has a zilch policy regarding the privacy or secuirty of its user base as a whole.

As for super cookies, thats a litttle more of a grey area.

In the past many secuirty groups and org's have reported about super cookies and how they can see all.

Since then a number of have realized short comings with the theory's, and downlisted the the super cookie to some type of other bug or secuirty hole.

Most noted was Gibson who went on a farce about how a main stream ISP was using a form of super cookies in its custom version of IE. Gibson, a leading secuirty expert later retracted his staements upon learning the super cookie was only tracking net settings or changes customers might make to theif band width.

It was not collecting personal info.

For the latest scare all, get off the net super cookie warning that has come out, see this very well crafted web site...

http://www.computerbytesman.com/priv...cookiedemo.htm

There is a fix provided aswell.

Bottem line is no super cookie has been found that gives anyone 100% history and in depth info on a user. One would be just breaking in the damn box, and dropping a key logger.

Alas, there are also other means aswell. Many, many other means to gleam personal info. Simply because programmers get lazy or bad code gets executed by the end user. Some where, out there, at this very minute 100 so people are leaking personal data due to stupidity, rather on there part for opening the email attachment "torjan.exe" or because of stupidity on microsofts part.

Regardless one should use common sense and not give the credit card numbers out on line, or keep your membership info to porn sites in your email box, or any other sensitive type of info.

If you wont post it on your front door, then dont put it on your computer.

sage advice.

Kinda like this tid bit from conf.
"Man who marries girl with no bust has right to feel low down."

lmao, that was funny, ethen. :D

and some good info. thanks for sharing. :beer: