Kazaa or Morpheus http server detection 1.3
 
Plugin ID22
Plugin nameKazaa or Morpheus http server detection
Plugin filenameKazaa or Morpheus http server detection.plugin
Plugin filesize2874 bytes
Plugin familyPeer-to-Peer
Plugin created nameMarc Ruef
Plugin created emailmarc dot ruef at computec dot ch
Plugin created webhttp://www.computec.ch
Plugin created companycomputec.ch
Plugin created date2003/11/13
Plugin updated nameMarc Ruef
Plugin updated emailmarc dot ruef at computec dot ch
Plugin updated webhttp://www.computec.ch
Plugin updated companycomputec.ch
Plugin updated date2004/11/13
Plugin version1.3
Plugin changelogCorrected the plugin structure and added the accuracy values in 1.3
Plugin protocoltcp
Plugin port1214
Plugin procedure detectionopen|send GET / HTTP/1.0\n\n|sleep|close|pattern_exists X-Kazaa-Username:
Plugin detection accuracy97
Plugin commentThis plugin was written with the ATK Attack Editor.
Bug advisoryhttp://www.securiteam.com/securitynews/5UP0L2K55W.html
Bug affectedKazaa and Morpheus peer-to-peer clients
Bug vulnerability classConfiguration
Bug descriptionKazaa and Morpheus are very popular peer-to-peer software to sharing files. An open http server on port tcp/1214 and the returning banner may indicate the existence web service. This kind of software may be illegal in the environment.
Bug solutionDisable the peer-to-peer software if not allowed nor needed. If it should run then filter incoming traffic on port tcp/1214 to prevent unwanted access to the web service.
Bug fixing time15 minutes
Bug exploit availabilityYes
Bug exploit urlhttp://www.securiteam.com/securitynews/5UP0L2K55W.html
Bug remoteYes
Bug localYes
Bug severityMedium
Bug popularity6
Bug simplicity8
Bug impact4
Bug risk5
Bug Nessus riskSerious
Bug check toolsNessus is able to do the same check. The check is also possible with a telnet client or the NetCat utility.
Source Nessus ID10751
Source LiteratureHacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427
Source Misc.http://www.computec.ch

This file was generated by the Attack Tool Kit (ATK), the open-sourced security scanner and exploiting framework.