napster.path-disclosure.txt

2000-09-19T00:00:00
ID PACKETSTORM:23143
Type packetstorm
Reporter Wade Lewis
Modified 2000-09-19T00:00:00

Description

                                        
                                            `--------------------------------------------------  
time 1:30 am   
date 9-18-00   
affected systems: any system running napster client  
(hasn't been tested for the gnapster client)  
--------------------------------------------------  
  
ADVISORY:  
  
here goes...... ( hi lindsay, pat, jason , and t-rex)  
  
After running a test capture using the latest version of ethereal,   
i noticed that when i did a search on napster that the packets received revealed the full path of the stored file  
  
Now i know what your thinking, big deal so napster reveals the full path.  
well hey, i agree its not the eeye iis hole but its something ,   
and as any hacker knows any little bit of information helps.   
  
----- heres a sample of some captured data: -----   
(SHARED FOLDER)   
  
0 9300 c900 2243 3a5c 6d70 3327 735c 4375 ...."C:\mp3's\Cu ----FULL PATH  
10 7272 656e 7420 4661 766f 7269 7465 735c rrent Favorites\ -------------  
20 726f 6220 6420 2d20 636c 7562 6265 6420 rob d - clubbed   
30 746f 2064 6561 7468 2e6d 7033 2220 3737 to death.mp3" 77   
40 3361 3563 6231 3933 6465 3432 6166 3265 3a5cb193de42af2e   
50 3763 6238 3964 3334 3238 3932 3265 2d31 7cb89d3428922e-1   
60 3036 3839 3537 3620 3130 3638 3937 3734 0689576 10689774   
70 2031 3932 2034 3431 3030 2034 3430 2049 192 44100 440 I   
80 4c75 7655 524d 6f6d 3220 3637 3330 3539 LuvURMom2 673059   
  
  
  
When looking at the napster returned results we see (\current favorites\rob d -clubbed to death.mp3) as being the folder,   
Now lets say the person behind the cheezy napster username (in this case LuvURMom2)is the admin of a web site with sensitive info  
and lets say he or she is a real idiot and makes the default folder to store shared mp3s the root folder of the web server,  
well now we would know what that is , so while in napster click the file and download it ,run netstat and get the target's ip address,  
and so on and so on ............. use your imagination.   
  
Regards, <whl1999@hotmail.com>  
MR W.  
  
  
`