[RST] Darky Binder v2.0 ( Linux )

[Nytro]

Name: Darky Binder

Version: 2.0

Author: Nytro

Released: 15 December 2009

Powered by: Romanian Security Team

Screenshot:

Download:

http://rapidshare.com/files/321218697/Darky_Binder_v2.0.tar.gz
http://www.megaupload.com/?d=I3B5OVLL
http://www.netdrive.ws/264723.html
http://uploads.ws/ewXy8i
http://www.2shared.com/file/11418613/dcfdd65f/Darky_Binder_v20tar.html

[+] What is this shit?

- It is a Binder, a program that binds/joins multiple files into a single one, executable, that at runtime will write your files to the disk and, as you selected the options and will do what you want. You can just copy a file, or copy and run it.

[+] What can I do with this shit?

- Example #1: If a program needs some libraries, you can bind that program with that libraries, and when someone will run the binded file, the libraries will be automaticaly copied to their destination, and the program will run perfectly.

- Example #2: You can bind a "good" file, a simple program with an "evil" script, or program.

[+] Information:

- Stub size: 6.5 KB

- Binder size: 461 KB

[+] New features:

- GUI

- posibility to melt binded file after run

- start message

- non-root message

- end message

- exit if non-root

- posibility to use arguments for files

- posibility to encrypt file

- posibility to remove or not an existing file

- posibility to melt file after run

[+] Required data:

- First, you must select a file using browse button

- Then you may select where to drop the file. I recommend you the /tmp directory because it is writeable for all users ( Ex. "/tmp/filename" )

- Then you may select the execution command where you can use arguments for the executed file ( Ex. "/tmp/filename -args" ). Tip: If you want to drop the file to the current directory, if yo,u don't use an absolute path ( "file" instead of "/tmp/file" ) you must add a "./" to the command before the file name.

- The you can choose if to run the file or not, to encrypt it or not, to replace an existing file with same name or not and to melt ( delete ) the file after it is executed.

- After you add all your files, you may select general settings: if you want to melt ( delete ) the binded file after it is executed or not and if you want to stop the program if the user isn't root ( if you need a root account to run the binded file ).

- Also you can set some messages ( for command line ): a start message, a message that will appear only if the user is not root, and an end message.

[+] Source Code included

- Written in: C++

- Binder ( GUI ) - using QT

- Stub ( compiled with size optimizations: -s ( strip symbols ) and -Os ( size optimizations )

- Stub comments are in romanian and GUI comments in english

- It is not extremly fast but it works well

- The encryption is a simple xor, the key is defined in "functions.h"

[+] This is a Beta version, it could be problems. Please report any problems or errors. Of course, I'm opened to any suggestion.

[+] Should I port this to Windows? The files are not loaded into memory, so it'll work like a scantime binder/crypter.

[+] Sorry for my english

Thanks, Nytro @ RST ( nytro_rst[at]yahoo[dot]com )

PS: Nu l-am incercat decat eu, nu am gasit pe nimeni sa il testeze. Astept orice problema, eroare sau sugestie. Thanks.

Edited February 16, 2010 by Nytro

[DetoX]

Pana la urma ai facut cu Qt?

[Nytro]

Da, imi place, dar nu l-as folosi decat pentru Linux.

[daatdraqq]

Felicitari ! Totusi ..de ce trebuia ca cineva sa il testeze ? Daca era un RAT intelegeam ,trebuia sa testezi conexiunea ..etc ,dar la un binder ce trebuia testat ?

[Nytro]

Pur si simplu sa ma asigur ca functioneaza bine si practic, nu doar teoretic.

[ROFL]

Felicitari, daca ai inlatura banner-ul ala ar arata intradevar profesional.

[DetoX]

^E user-friendly

[rsteam]

Nu merge aproape pe toate fisierele si este si vazut de antivirus...oricum codul este scris frumos incearca sa il dezvolti.

[Nytro]

ROFL: Ar arata urat fara banner, in plus imi place acel Tux.

rsteam: In sfarsit l-a incercat cineva. Dar as avea nevoie de mai multe detalii. Pe ce fisiere nu merge? Te referi la faptul ca deschide doar executabile? Si de ce AV e vazut?

[wildchild]

you've got the tested and approved stamp from me.good job dude