I know Kazaa allows other people to DOWNload from one's My Shared
Documents directory.

Can I UPload a file to someone's My Shared Documents directory?

(I see lots of confusion about UP and DOWN loading on these groups, so
....) Here's an example of what I want to do:

1) I have "pix1.jpg" on my computer.
2) I want a Kazaa user to have it on their hard drive.
3) I want to "push" it into their shared directory.

I do NOT want them to download it from me ... I want to upload it to
them.

Is this possible? Thanks in advance.

StupidScript wrote:
concerned about computer security. Of course there are better ways...to
get viruses or other deviant behavior, but I sure can't think of any.

Winged

StupidScript <stupidscript@hotmail.com> wrote:
Well, I'm pretty certain this would require breaking in; there's no
reason the two computers would 'see' each other at all via Kazaa's
networks, because of their distributed nature. And, if I remember
correctly from a single passing experience with Kazaa some time ago (and
not on any machine of mine!), it does not offer upload opportunities
anyway (those p2p networks are all about downloading).

If you know the other party, tell him/her to run an FTP, WebDAV or
similar server. If not, well, there's no legal way to do it...

Joachim

Joachim Schipper wrote:
Take a lot at some of the viruses that used to infect that network. I
haven't looked at it in recent years, I know there have been some
changes since I looked, however the method utilized the same mechanism
that showed what files were available on other machines. They didn't
require overt user action for the virus to spread. This may be changed
now, shrugs, Our users are not allowed to use these file sharing
networks these days.

Winged

From: "Winged" <Winged@nofollow.com>


|
| Take a lot at some of the viruses that used to infect that network. I
| haven't looked at it in recent years, I know there have been some
| changes since I looked, however the method utilized the same mechanism
| that showed what files were available on other machines. They didn't
| require overt user action for the virus to spread. This may be changed
| now, shrugs, Our users are not allowed to use these file sharing
| networks these days.
|
| Winged

Definitely there has to be a ban on P2P software on corp and gov computer systems.
They are a strong vector of infection and data collection.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

Thanks for the input.

I want to assure you all that I'm nearly pure white hat. I have no
intention of doing anything evil.

I'm simply wondering how a file I did not download ended up in my
sister's Kazaa shared folder.

I know there must be dozens of exploits for breaking into a Windows XP
system and depositing files, heck, I've seen rogue FTP directories set
up and running on office production WinNT boxes, so I know it is
possible, Kazaa or not.

Since the IP address of Kazaa users and a route to their shared folder
is clearly part of the Kazaa system, albeit running on the hosts's port
80, then anyone armed with that info has a head start.

This is not about viruses and worms that are disguised as/in media
files that launch after the client downloads them from a Kazaa host and
launches them.

I'm simply wondering if there exist any common exploit to cause a Kazaa
host to accept incoming files whose transfers have not been initiated
by the client.

i.e. How did that unrequested file get into my sister's shared folder?

StupidScript wrote:

I see several methods that are mentioned on that page. Yes, there are
ways to do this.

Of note read the directory transversal flaw (unfixed) that allows files
to be modified or created, just about anywhere on the computer,
attackers choice (depending on permissions etc.). All someone would
need to do is click on a specially crafted link. If you run Kazaa as
admin, expect to lose control of your system.

I hope while you visit the page you note the number of viruses that you
are exposed to. These are the known ones.

Winged

Winged <Winged@nofollow.com> wrote:
That's why the word 'legal' is in there. ;-)

Joachim

Thanks a lot for the info, everyone. And thanks for the Secunia link,
Winged. Just what the doctor ordered.