"Hackemate.com.ar" <hackemate@softhome.net> wrote: <snip> > But they are not linked like that, they are: > > http://24.232.8.x:1214/16206/Sting+-+All+ThisTime+%28unplugged%29.mp3 > instead of: > http://24.232.8.x:1214/Sting+-+All+ThisTime+%28unplugged%29.mp3 > The number (16206 here) is probably an index into an internal table which contains all the shared files. This is actually a Good Thing because it means that you can only download files that are in the table in the first place. If implemented correctly it makes directory traversal attacks impossible. Another thing that bothers me about KaZaA is that it downloads its updates not from a central server but from other peers on the network. If the client doesn't perform any integrity checks on the file it would be trivial to serve a trojan as update which would be automatically executed after the users permission to update KaZaA. -- Markus Kern
