Aerosol Posted March 5, 2015 Report Posted March 5, 2015 (edited) Hi to all,I want to share with you guys this piece of code RCEd from the chinese APT known as "NetTraveler" or "TravNet". Hope this knowledge will somehow be useful and interesting to you. The code isn't very complicated nor advanced, it is basically C code with a few C++ implementations.Google Code project:https://code.google.com/p/open-nettraveler/Git Command:git clone https://code.google.com/p/open-nettraveler/Kaspersky reports:http://kasperskycontenthub.com/wp-content/uploads/sites/43/vlpdfs/kaspersky-the-net-traveler-part1-final.pdf“NetTraveler is Running!” – Red Star APT Attacks Compromise High-Profile Victims - SecurelistNetTraveler is back with new tricks | Kaspersky LabMalware samples:DownloadMore about CVE-2012-0158:https://securelist.com/analysis/publications/37158/the-curious-case-of-a-cve-2012-0158-exploit/More about CVE-2010-3333:Targeted attacks against recently addressed Microsoft Office vulnerability (CVE-2010-3333/MS10-087) - Microsoft Malware Protection Center - Site Home - TechNet BlogsGood luck!All Link Download : http://pastebin.com/BM0X1i04Source Edited March 5, 2015 by Aerosol Quote
