Morpheus Hack

[JackSpratts]

Note: This thread ran originally in the Underground and contained previously posted material from Peer-To-Peer.


i received the details momments ago and tested it.

1. it's real.

2. it pulls up your entire drive.

3. it's not the netstat -n 1214 IE hack.

4. it's dangerous.

5. it's easy.

at this point i'm suspending file sharing with this app and recomending all users do the same at least temporarily. more later.

- js.


edit: it's beginning to look like full hd access is intermittent - don't know why yet but it may be from incorrect user settings - similar to nestat -n. it's the first good news i've had in an hour. however when access is granted the resulting barrage of files is so huge it can crash morpheus!

[TankGirl]

Thanks for your vigilance and the heads-up, Jack!

- tg

[Dawn]

Is it ok to just leave the program off?

[TankGirl]

Quote:

Originally posted by Dawn
Is it ok to just leave the program off?

When you close Morpheus, see that it has really closed (no icon in systray). If you still have the icon in systray, right-click it and choose Exit. You are at risk only if you have Morpheus running.

- tg

[Dawn]

That's what I thought, but I wanted to make sure.

Thanks for the info you guys!



(P.S. I've been using iMesh more than Morph, I like the speeds I get from iMesh)

[Periwinkle Shadow]

i never share files...too damn risky...just like this!

[fblaguy]

Good thing I stopped using morpheous about a month ago then

[sunshine3922]

me had a virus from morpheus...no more for me.

[goldie]

Is this all being performed thru :1214?

Is there a way we can monitor (using netstat or other) these activities such as strangely sloooooooow downloads?

Does a firewall have any effect or is it's protection negated due to the user giving Morpheus server rights?

Does this particular weakness apply to all file sharing applications?

Need more info JS...........will wait to hear what you come up with!!

GR

[JackSpratts]

Q.Is this all being performed thru :1214?
A. Inasmuch as Morpheus trades on 1214, probably, but it's different from the well known netstat -n hack.

Q.Is there a way we can monitor (using netstat or other) these activities such as strangely sloooooooow downloads?
A.Undoubtedly. However if you're sophisticated enough to do that then this is not a hack you'll have to worry about.

Q.Does a firewall have any effect or is its protection negated due to the user giving Morpheus server rights?
A.Firewalls have no effect against this as long as morpheus works.

Q.Does this particular weakness apply to all file sharing applications?
A. Not that I'm aware of. For instance it has no effect on WinMx 2.6 but expect to hear more in coming days. As always with all clients including Morpheus make absolutely sure you and your familly are only sharing exactly what you want to share.

- js.

[theknife]

..so would all this apply to Grokster?

[cornflakeboyee]

Quote:

Originally posted by a BeRrY StiNgY GuRL
i never share files...

[Maze]

*bump*

As usual, I'm trying to keep important stuff or anything else I don't care for someone to possibly have acess to on CD's ...but of course this is not always possible, and can also be a bit of a chore ...however, it does sort of force you to be organized.

hehe...yes Peri...20 lashes for you for not sharing. lol
try to find some interesting stuff you think people might like to have and share only that folder ...then just limit your uploads to say one or two at a time ...especially if your 56k and don't want to be swamped with traffic.

[RDixon]

Shouldn't this be in the peer to peer area?

[Dawn]

I figured he posted it here for the benefit of us dummies who don't look in the peer to peer section much.

[BuzzB2K]

Quote:

Originally posted by Dawn
I figured he posted it here for the benefit of us dummies who don't look in the peer to peer section much.

Some more News on the ever popular subject of Morpheus Security.

For some interesting discussion and opinions on what is "News" you might want to take a look here:
Rumors of a Morpheus security hole

Also I noticed that the "Infamous" -Paul Sarsfield, Technical Support posting
MORPHEUS SECURITY HOLE. -PAUL SARSFIELD- has made it's way here as well.

I am still confused as to the the level of risk with this "Morpheus Hack"

If someone scans my computer and finds the Morpheus webserver on port 1214, can they access my hard disk outside of my shared Morpheus directory through some form of directory traversal attack ?

Streamcast are claiming that there is no security hole, and that there have been forged postings about the alleged problem.

You claim that there is a real weakness, but it does not seem to be on Bugtraq or Vuln-Dev etc

Is this a security hole on all platforms or only on some ?

What is going on ? Is this all RIAA FUD ?

[JackSpratts]

welcome to nu confused i hope your stay here is long and enjoyable.

for answers to your questions, members can view the "Morpheus Update Final" thread in The Underground. (it will be placed here soon

- js.

[multi]

they were good links there buzz!i liked the post by YAZ(a little quote)"
So, to sum up, the "experts," who were not even sure how they could view files on some machines and not others, were able to view personal files on the computers of a seemingly random assortment of users, most of whom were not very computer-literate. Hopefully, being the astute readers you are, many of you would guess that the personal files in question were unknowingly shared by random users when they were choosing their shared files directories, and you would probably be correct.

So what of this "security exploit?" Most likely it is the same "exploit" that has been posted on the Internet for a while now. The behavior in question is due to the fact that Morpheus, Grokster, and KaZaA accept HTTP connections on port 1214. By connecting to users through port 1214, you can see a listing of their shared files. Note that only files chosen to be shared and otherwise available for download will be shown; no access is granted to the entire partition or drive.

I'm very disappointed by this unprofessional article from the BBC and will maintain my skepticism until a specific security hole is revealed. I'll stop short of any conspiracy theories involving the RIAA scaring people into abandoning peer-to-peer applications, but an anonymous source combined with the statement "This is very dangerous" should at least raise a few eyebrows.

[This message was edited by Yaz on February 03, 2002 at 02:20.]

and i agree with assorted about some corporate brainwash (FUD?)
someone posted this at gamers witch i thought was a good bit of piss-take:
A security hole has been discovered in one of the world's most popular file-swapping programs which allows anyone to gain private information about its millions of users.
Go on...

Security experts have found a way to gain access to the computer hard drives of users of Morpheus, which has taken over from Napster as the leading internet song-swapping service.
Oh really?

It means that the personal details, such as bank account numbers and internet cookies, of up to two million people are exposed to prying eyes.
Depending

Using the Morpheus file-sharing program, people can swap music, videos or movies with other users of the software.
Umm... So whats this have to do with the security hole?


Users 'vulnerable'
Security experts have been investigating this problem since coming across it on Friday.
...

Using the Morpheus program, they found a way of getting a random list of people using the service.
Called scanning a range of IP's to see if 1214 is open.

They could then obtain details of the content of a user's hard drive and make copies of any file.
Only the files which are shared, although some people are stupid and share their entire HD

"We're not sure what it is that makes some Morpheus members vulnerable to this," said one, who asked to remain anonymous.
Vulnerable my ass

"Potentially this could make every user's computer available to anyone who wants to have a look at it.
Define computer in this. Only those files SHARED can be seen

"All we know is that there's a major gap that's allowing certain users to become vulnerable."
How many times you gonna say that?

The group contacted BBC News Online out of concern about the privacy implications of the security hole.
ok....

"It's definitely an accident from Morpheus' side, probably a worm. This is very dangerous."
You're definately an idiot.

Napster was shut down by an American court last July for breaching music copyright.
Where the hell did that statement come from?

Morpheus is at present legal because there is no server storing the digital files.
No shit, but still off topic

Music fans swapping MP3 files are put in direct contact with each other.
what the fuck do you think p2p is?

The Recording Industry Association of America, which spearheaded the fight against Napster, is reportedly looking at ways it can tackle these new methods of file-sharing.
Of course, the fucking greedy bastards


Click here to go to the original BBC article.
Update: They have obviously noticed how stupid they are. Link goes to a blank page..



Remember kiddies, just because your an idiot doesnt mean you're getting "hacked"

sorry to those that have allready read that^
~multi~