Kmdb.html search for it on your computer - P2P-Zone

butterfly_kisses · 23-04-02, 07:51 PM

Hi everyone..I remember reading one of numerous security notices concerning Microsoft and Internet Explorer Browsers about a malicious website operator being able to read the contents of a)your cookies or b)your entire harddrive

and in some instances to have as much control over your computer as you have.

But the key to the exploit was knowing the exact name of a file located on the victim's computer...

Well i've known about the existence of kmdb.html for sometime now and am just now becoming concerned with the security implications of this file being created no matter which fasttrack client you use (I'm uncertain about the Imesh client whichever Gnutella client that was or is that also accesses fasttrack...i hope i named the right one)

So my question to the board is what is the file used for....Looking at the source code revealed it loaded ads and usually depending on the client the ads came from different sources...

They seem to "project" the ad into the client (Grokster/Kazaa) window at the bottom left of the screen...Even with a hacked Cd_clint.dll the kmdb.html file still gets created.

Could the KaZaA and or Grokster websites use this knowledge of the kmdb.html file to exploit its users? I'm certain of it and in most cases they probably already have.

I just wanted to bring this to the attention of others because as far as I know I'm the only who noticed this and cared to say anything about it.

On another note the KaZaA executable is packed or compressed with an executable compactor called PeCompact v1.67 I hope this infor will help you alls out there who use SoftIce or Windasm in some small way. : )

"...a world without spyware....hmmm now there's a pleasant thought."

"Harby"

23-04-02, 07:51 PM	#1
butterfly_kisses Napsterite Join Date: Apr 2002 Posts: 138	Kmdb.html search for it on your computer Hi everyone..I remember reading one of numerous security notices concerning Microsoft and Internet Explorer Browsers about a malicious website operator being able to read the contents of a)your cookies or b)your entire harddrive and in some instances to have as much control over your computer as you have. But the key to the exploit was knowing the exact name of a file located on the victim's computer... Well i've known about the existence of kmdb.html for sometime now and am just now becoming concerned with the security implications of this file being created no matter which fasttrack client you use (I'm uncertain about the Imesh client whichever Gnutella client that was or is that also accesses fasttrack...i hope i named the right one) So my question to the board is what is the file used for....Looking at the source code revealed it loaded ads and usually depending on the client the ads came from different sources... They seem to "project" the ad into the client (Grokster/Kazaa) window at the bottom left of the screen...Even with a hacked Cd_clint.dll the kmdb.html file still gets created. Could the KaZaA and or Grokster websites use this knowledge of the kmdb.html file to exploit its users? I'm certain of it and in most cases they probably already have. I just wanted to bring this to the attention of others because as far as I know I'm the only who noticed this and cared to say anything about it. On another note the KaZaA executable is packed or compressed with an executable compactor called PeCompact v1.67 I hope this infor will help you alls out there who use SoftIce or Windasm in some small way. : ) "...a world without spyware....hmmm now there's a pleasant thought." "Harby"

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Switch to Linear Mode Switch to Hybrid Mode Threaded Mode