[24177] in bugtraq
Re: Infecting the KaZaA network?
daemon@ATHENA.MIT.EDU (Brad Maloney)
Thu Feb 7 17:00:51 2002
Message-ID: <007101c1afac$5a251560$0200a8c0@yuengling>
From: "Brad Maloney" <kicker@psu.edu>
To: <bugtraq@securityfocus.com>
Date: Thu, 7 Feb 2002 02:42:23 -0500
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
KaZaA downloads the installation executable in chunks from different
clients.
When peiced back together in the end to make the final executable, you'd
have
a corrupt executable due to the inconsistent filesizes of an infected exe
and
clean exe.
- Brad
From: "Andrew McClymont" <andrewmcclymont@d-link.net>
Sent: Wednesday, February 06, 2002 3:10 PM
Subject: Infecting the KaZaA network?
> I just found out a folder named "My shared folder" under the KaZaA
> installation folder.
[snip]
> What happens if I infect the files under "My shared folder" with a virii
> or some trojan, every user that gets their KaZaA client from my computer
> gets screwed, right? And then, the victim himself will be sharing the
> KaZaA client infected to new victims.
