[24199] in bugtraq
Re: Infecting the KaZaA network?
daemon@ATHENA.MIT.EDU (Alun Jones)
Fri Feb 8 17:05:50 2002
Message-Id: <4.3.2.7.2.20020208135648.00cdc2c0@208.55.91.110>
Date: Fri, 08 Feb 2002 13:58:52 -0600
To: GertJan de Leeuw <dataholic@punkass.com>
From: Alun Jones <alun@texis.com>
Cc: bugtraq@securityfocus.com
In-Reply-To: <20020208145158.677.qmail@mail.securityfocus.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
At 08:51 AM 2/8/2002, GertJan de Leeuw wrote:
>So the only way somebody can infect the network is ,
>injecting the first compiled version of a new
>distibution (but that is hardly impossible)
Not necessarily, one could simply find a portion of the original program
that is overspecified, or a feature that most people don't use, and write
your code into that space. If the code you replace is small enough, it'll
likely fit into a convenient block boundary, such that your code will
either be downloaded or not, and you really don't necessarily care about
infecting the whole network.
Alun.
~~~~
--
Texas Imperial Software | Try WFTPD, the Windows FTP Server. Find us at
1602 Harvest Moon Place | http://www.wftpd.com or email alun@texis.com
Cedar Park TX 78613-1419 | VISA/MC accepted. NT-based sites, be sure to
Fax/Voice +1(512)258-9858 | read details of WFTPD Pro for NT.
