Return to Daves Planet
Hack the kazaa participation level
Don't expect a great show here, I'm just a simple hacker posting info that I had to figure out myself 'cause it isn't available on the net as of this posting.
I recently received an amazingly helpful email from Howard (a.k.a. "H") which can be found here, it goes into amazing detail about different types of packets sniffed and their response.
I have several confirmations that the hack available at http://www.kazaahack.net/ works perfectly, so if you are just after a working kazaa hack, try that one out first.
The kazaa participation level is hidden in a field in the registry at
HKEY_CURRENT_USER\Software\Kazaa\LastSearchHash
This is a long ugly series of bytes that nobody knows how to change manually, changing any single bit makes the participation level return to default. What you have to do is get a really good participation level and then save out the value of this registry key. Then you re-import it before starting kazaa to reset your level back to max.
All you have to do to max out your participation level is put a file on your local machine and continually download it from yourself and you will soon get the maximum kazaa rating. THEN you can extract the LastSearchHash from the registry. Then, before you start Kazaa, you import this maximum rating back into the registry.
To download the file from yourself just point your web browser to http://localhost:1214 which will be your own machine, you'll see a list of files you are sharing (obviously you will get page-not-found error if you are not running kazaa or if there is a personal firewall on that machine blocking access), pick a small file and just keep refreshing until your participation level maxes out. UPDATE: Boosting your own rating like this will not work for some people with 2.0.2, if it doesn't work for you, use 2.0.0.
I previously had posted my registry extract for you to use but have had several emails telling me that using the hash from my computer on someone elses machine was invalid and just reset the participation level to default. That means you have to make your own hash by doing the download described above. Some people have asked me to walk them through extracting this value from the registry. Let me say that if you are a complete novice you should stay away from the registry. Also, don't change or delete anything you don't understand in the registry.
- Run regedit
- select Registry/Export Registry File...
- Enter HKEY_CURRENT_USER\Software\Kazaa in the "Selected Branch" option.
- Enter a filename of something meaningful and put the file where you can find it.
- Press "Save"
Now you have saved a .reg file containing your hash for Supreme Being (level 1000). Any time you want to restore your kazaa level back to 1000 just re-import this file by double clicking on it before you start kazaa.
IMPORTANT: These instructions are as simple as I can make them, if you are inclined to then I would recomend editing the .reg file in notepad and eliminating everything but the header and the entry for the hash. If you choose NOT to do this then other kazaa settings that you change will revert back when you re-import this file, which may not be a bid deal for you. If you do edit this file then it will look like this:
REGEDIT4
[HKEY_CURRENT_USER\Software\Kazaa]
"LastSearchHash"=hex:a6,d9,d3,fa,26,64,00,74,af,b6,46,0e,89,e3,1e,c9,a9,d4,ca,\
9b,03,a7,60,48
(but obviously with your own hash code, note that the above hash is my level 1000 value but that it won't work for you.) Let me know if you have questions. PLEASE do not write to me and tell me this doesn't work for you, if it doesn't work then you have downloaded version 2.0.2, you can reinstall version 2.0.0 or you can work with me to find a hack that works for 2.0.2.
Status of hacking version 2.0.2
- Your participation level will reset to 100 (low) when you install 2.0.2
- You will be able to see files on your own computer using the browser method (localhost) but people on other machines can't see you using just a web browser
- For many people with 2.0.2, repeated downloads from yourself, even of multiple files, even of large files, does not increase your participation level (some people do get this to work, we don't know what's the difference yet).
- I am currently working along the lines of faking a valid download from Kazaa 2.0.2. It looks like they have included a hash code in the retrieval request. Assuming they put some thought into it this time, that hash wouldn't be re-useable from request to request, but hey, if they allow the ad display system to be neutered by simply replacing the ad system dll with a dummy then maybe they haven't thought this through any farther. I think our next priority goal is to re-run a valid request multiple times and see if that results in increased PL.
- In the meantime you can always delete the LastSearchHash registry key to get to the default 100 level, or export out a good 100 level hash and re-import it to restore you to at least 100. I've linked to a .reg file that will delete the value of this hash, causing it to reset to 100, you can get that .reg file HERE.
- One working hack is to take registry extracts of the LastSearchHash as your level grows, and then you can at least get back to that level later after you drive your own level back down by downloading files for yourself. I did verify that re-importing the LastSearchHash would still restore your participation level, but users report that it slowly drops after a few weeks, maybe 20 points a week?
- One other possibility is to figure out what the dependency is on the hashes that makes them unportable from one system to another. We have figured out it is dependent on the serial number of your hard drive. If we can patch or spoof that API call then we can just post a registry extract of "Supreme Being - 1000" and let it be downloaded by everyone.
- I recently received an amazingly helpful email from Howard (a.k.a. "H") which can be found here, it goes into amazing detail about different types of packets sniffed and their response.
UPDATES: Thanks for all the helpful suggestions, here are some comments and ideas that readers have sent in.
Several readers suggest that downloading from yourself at http://localhost:1214 (or whatever port you run kazaa on) does work. Several others, including myself, find that it does not work. Different versions of 2.0.2?
One reader suggested using Opera's automatic reload feature to make the file you are downloading from yourself refresh every few seconds, it's easier than finding something to wedge down the F5 key for a few hours.
One person said that adjusting your system date/time forward during a download had a substantial impact on your points, try adding 10 years during a download and see what the results are.
Several people have reported that once they have good PL with 2.0.2 and save the registry out that re-importing it only results in diminished returns over time, a 300 will become a 280 in about a week.
Tim Foden was able to get a packet sniffer to capture a valid request, his C++ source code to reproduce the download is HERE and you will need hash codes cracked by Sig2Dat which can be found at http://www.geocities.com/vlaibb/tools.html
Here is an example file request, courtesy of Tim:
GET /.hash=e1d69ff87fb82059af4ee501319bcd98cc98b27b HTTP/1.1
Host: 138.248.76.171:0
UserAgent: KazaaClient Nov 3 2002 20:29:03
X-Kazaa-Username: bebek
X-Kazaa-Network: KaZaA
X-Kazaa-IP: 62.194.18.171:3038
X-Kazaa-SupernodeIP: 62.195.46.43:3843
Range: bytes=440499802-444663027
Connection: close
X-Kazaa-XferId: 2618333
X-Kazaa-XferUid: gvaqtBtv4KdyXo/SvGtwjY6yQfb4lDSQKuZ//x5jGuk=
You used to be able to use the web browser trick to see anybody's shared files, now with version 2.0.2 it looks like you can only do this on your own machine (localhost). Too bad, 'cause what you are all trying to do, boost the PL, was better just hitting the target machine directly through a web browser, no restrictions, no queues, just raw download. Doesn't seem to work any more though.
James Deffinbaugh has figured out that the hash codes are tied to the volume serial number of your hard drives, resetting those will invalidate your hash. Presumably setting your serial number to the same as mine would allow you to import my hash keys. This is probably not a good idea as it will also invalidate your Windows XP license, but maybe someone can come up with a hack/spoof to get around this? WAY TO GO JAMES!!!
One awsome suggestion by several NT users is to restrict access rights to the LastSearchHash so Kazaa can't update it with a lower value. Probably still degrades over time but at least you don't have to keep importing the registry file.
Several users have suggest naming files in a very distinctive way so that a friend can locate it in a search and download it from you multiple times. Somehow you would have to convince Kazaa to do this by itself for a few hours but it would certainly work.
Several users have suggested that a rating of 100 isn't so bad, could be worse. They wanted me to make clear that deleting your LastSearchHash key would reset you back to 100, if you want to do that you can just use my registry file HERE. You must close Kazaa first.
Thanks to Jonathan Morales for mentioning that he does the registry import/kazaa launch in one step with a batch file that he even gave the kazaa logo to:
@echo off
regedit/s
start C:\Progra~1\KaZaA\Kazaa.exe
PLEASE feel free to give me a reciprical link from your web site to mine to improve my search engine ranking!.
An open source anti spam project, nicely done object oriented Java code anti spam project
