Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Audiogalaxy.com mp3 sharing software
From: Michael Merhej <michael () AUDIOGALAXY COM>
Date: Wed, 10 Jan 2001 00:11:30 -0000


While its true if a user got a hold of your 
password they could send you mp3 files - or at 
least files with an mp3 extension.   The satellite 
will only name files with a .temp or .mp3 
extension.  Even if the filename is really an 
executable it will have a .mp3 extension.  To 
actually run the file you would then need to 
purposely rename the file with a .exe extension.

Hope this helps - if you have any other security 
related questions I will be glad to answer.

2. Problem?
While this problem will not stop the world or 
allow the script kiddies
to ./wu their way through us, its a problem none 
the less.  Versions of
Audiogalaxy Satelite software pre .601W for 
windows held the username and
password for a users account in a plain text file 
within the audiogalaxy
directory on their system.  While if an intruder 
gained this information only
the list of songs in the download que (which is 
stored on the server) would
be compromised, this could have other effects.

2a.  theory one 1.  Gain the username and 
password for a users acct. Intruder
modies the download que so that when the 
user comes online they will download
a "mp3" from the intruders system.   The mp3 is 
actually something else. ie.
virus or back orifice or similar program.  If the 
user ran the mp3 directly
then of course the infection would start. --lets 
examine this a little
further. Evil intruder steals password and 
username. Edits download que.
User runs fake mp3 which is back orifice. User 
gets keylogged.  User is
goverment employee who telnets  (telnet bad) 
into secure goverment system.
Goverment system not secure anymore.  Web 
site gets defaced. Oh no the
kiddies can use this.

2b. theory two. 2.  Many users use a common 
password and this is the point
that i brought to Audiogalaxy.  While its not their 
problem if a user does
this, why not help out.  If the user had their 
Audiogalaxy username and
password compromised then its possible other 
things get compromised.

3. Solution

Upgrade to the newest version which has been 
out for sometime, and in general
use different passwords.

Note- I have not checked the Linux version for 
any problems, if someone gets
to it before I do pleae let me know.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]