Why not simply use random ports (like Freenet)? The port information is carried with search results anyway (which is why it's possible to change the port at all), so it shouldn't be necessary to be able to extract/generate the port information from other information.
I wish I was more familiar with the Freenet and how it works. I have tried this though with KaZaA by modifying manually the port numbers (default 1214) in the partially downloading .DAT files and for whatever reason the KaZaA program rejected the modifications to the .dat file (used Ultraedit version 9.x)...wait actually i tried modifying the file's path from the default path that it uses which is generally
/http://someipaddress:1214/012345/somefile.gif
I tried modifying it to grab /http://someipaddress:1214/c:/windows/temporary%20internet%20files/kmdb.html
just to see if the kazaa protocol/service was or would be vulnerable to this type of exploit...I may need to go back and test that theory again...only doing as you suggested with trying a different port.
I have been successful using KaZaA while running a socks server and KaZaA did use Non-standard ports (other than 1214) it's been awhile since i did this but I may still have my notes on it.
What alphabeater is suggesting letting the clients communication configure the port number on-the-fly based on a certain calculation is I think GENIUS....from using Packet capturing programs such as Ethereal you can see pretty much in real time how the dhcp servers communicate requests for ip addresses like 'you who had this ipaddress please tell suchandsuch ipaddress'. So it's quite possible this could be done with a p2p program.
|