Bugtraq mailing list archives

Sending exact replicas of Distributed.net's worked OGR project files could increase individual's stats.

From: spoilt.jesus () gmail com
Date: 15 Feb 2006 01:44:30 -0000


Vulnerable: All Dnet clients when working on OGR project

Distributed.net was the Internet's first general-purpose distributed computing project. 
Founded in 1997, the network has grown to include thousands of users around the world donating the power of their home 
computers to academic research and public-interest projects.
There is a possibilty to send exact replicas of worked OGR (Optimal Golomb Ruler) project files several times. 
Therefore, an individual could gain fake stats.

Bug Discovered by UHAGr team on 07-Dec-2002 - www.UHAGr.org


--------- START OF DNETC-OWNAGE.sh ------------
# Proof-of-concept script for
# "Sending exact replicas of Distributed.net's worked OGR project files
#  could increase individual's stats" 
# Bug Discovered by UHAGr team on 07-Dec-2002 www.UHAGr.org
# Published 14-Feb-2006 some things take time u know... :)
##########################################################
#Vulnerable: All Dnet clients when working on OGR project
#There is a possibilty to send exact replicas of worked OGR (Optimal Golomb Ruler) 
#project files several times. Therefore, an individual could increase his stats with fake worked files
##########################################################
##########################################################
# When your OGR work is finished
# copy the script into the dnetc directory
# sh dnetc-ownage.sh &
# cd NEW/
# copy the mpe.sh script in the NEW directory and run it
# and that's all
# when you're bored, just kill the appropriate pid
##########################################################
# Distributed.net server isn't checking the result files...
# WHY? Shame on u...
##########################################################
mkdir NEW
cp * NEW/
while spoilt=true;do
cp buff-* NEW/
done
---------------- END --------------------
------------ START OF MPE.sh -----------
#LAME LAME LAME 
while spoilt=true;do
./dnetc -flush
sleep 1
done
---------------- END --------------------

Current thread:

Sending exact replicas of Distributed.net's worked OGR project files could increase individual's stats. spoilt . jesus (Feb 17)