يتم التشغيل بواسطة Blogger.

آخر الحلقات عن الفيسبوك

آخر حلقات الويندوز

الاقسام

آخر الحلقات الحصرية

صوت وصورة

أخبار المشاهير

توقيت المغرب

رياضة عالمية

Main Post

أرشيف المدونة الإلكترونية

آخر الحلقات عن الانترنت

آخر حلقات الحماية من الهاكرز

أقسام

Send Quick Massage

الاسم

بريد إلكتروني *

رسالة *

إشترك بالمدونة

الكتاب الرسميون

الدولي

آخر الحلقات عن منتجات جوجل

المشاركات الشائعة

عن الموقع

my

Visitors

الجمعة، 21 أغسطس 2009




First of all..I would like to say that Gmail is out of Beta..yep..After a long time when they have integrated the best of world in their email system,Recover Password Using SMS - rdhacker.blogspot.comit was the right  time to rip off the tag,and they did it.Further,with the world going mobile,they took some of the steps to better  enhance the security even a notch above than other email services. It helps to know that even the best of us forget our passwords from time to time and In fact,the sheer amount of people visit Gmail help center everyday just to recover their passwords. To help with these situations, Google went a step ahead by adding the ability to recover your password via text message.
Gmail password SMS recover - rdhacker.blogspot.com
In order to access this feature,sign in to your account and select ' Change Password Recovery Options ' enter your cell phone number and click ' Save '
The Next time you forget your password, enter your username on the password-assistance page, and Google will text you a recovery code. No need to check another email account or even leave the page.
In general, it's a good idea to add as many password recovery options to your Google Account as possible, like a secondary email address and security question. And don't forget to keep them up-to-date.
Afterall,we all make mistakes :P

Fake Login scripts and tools


Fack login pages hacks password of the victim when he logs in to the software using his id. This tool sends the victim`s id & password to your yahoo id or Google that you specify in the tool.


Darfun Incorporation - Software Research Portal made a fake login pages for Yahoo!, Hotmail/MSN, Orkut, MySpace, Rediff mail, Hi5, Friendster



Those fake login pages are like photo copy of real pages, hats off to Darfun Inc,
this is the link for the pages to download fack login pages

Yahoo Fake login script
Hotmail/MSN Fake login script
Orkut login script
Myspace Fake login script
Rediff mail Fake login script
Hi5 Fake login script
Friendster Fake login script


IF YOU WANT TO USE FAKE LOGIN FOR ANY OTHER SERVICE
Just fallow the instructions on the Readme.txt and Howto.txt in zip file

By MR electroman

Arhack MSN Password stealer


//



AMSNPS is a stealer simple created today by Arhack that sends for email the users and passwords avoided any version of MSN messenger.



Way of use basico
The alone program functions with accounts of gmail, since uses its servant smtp to send the emails, the user should be placed and password of an account gmail that was used for send the data, bearing a grudge to create an account exclusively for this.
The email with the passwords can be sent to any type of direccion.

Before creating the servant bearing a grudge to use the boton "to Test" to see if are well the data of configuration.

When they place the data of I send they give click to "to Create" and a new file was generated msnstealer.exe, this is the one that should be executed so that the data be sent.



The program obiamente alone sends the users and passwords kept (with recalling password) of msn, if itself is not found ningun user or password kept was sent an alone blank message with the info of the pc and the hour.

In the following image is seen that the server was executed in several pcs, in the holder of the message name of the pc is included and active user, in the message the data of users and passwords.



The server
The server is not added to the start, does not create files, neither modifies the registration, in conclusion does not modify absolutely nothing in the PC, upon executing it tries to send instantaneamente the data, once sends the data closes automaticamente. If it fails upon sending the data because there is not conexion to internet or any another motive reattempts to being sent the message. Upon I giving of today is undetectable to all the known antivirus, although I do not believe that time last long.

Arhack MSN Password stealer 1,0 Beta (rapidshare)
Arhack MSN Password stealer 1,0 Beta (megaupload)
Pass: troyanosyvirus. com. ar




Royal stealer 2,0





Today salio the new one version of the Royal stealer, a stealer planned by Spanish Sharky.
As opposed to its version previous Royal Stealer v1.0, this rises the logs to a servant FTP, what avoids the mail accounts use.

Tambien I am added the opcion to spread the stealer by Till and by Rivaling and permits to select where to keep the stealer so that be initiated with Windows, opcion that at times very is not recommended, because it unico that causes is to fill the space of the servant FTP.



The Royal stealer 2 sends the following logs or passwords:

MSN messenger, Live messenger.
Firefox
Internet Explorer
CD-Keys of Play
CD-Keys of Software
Not-Ip


Now the logs tambien are sent encrypted for which is required to utilize the eyelash Viewfinder of log' s of the tool to be able to see them.


Add the necessary dependences to the discharges so that function well in any pc

It unloads
Royal stealer 2,0 (paginates official)

Pair by the web of sharkihttp://www.sharki.es





4n0-KeyFTP v1.4


// 7demayo It published by MAURO Labels:



4n0-KeyFTP v1.4 is the new one version of the keylogger FTP of 4n0nym0us. In this new one version some bugs were corrected, him was translated to the English and I am added encriptacion in the logs to improve the security of the same. Tambien himself abandonment the stub 100% undetectable.

A keylogger captures the keys pressed in the pc where you be coaxed it, and in this case rises them a servant FTP user-defined.



To create the alone server should be created an account in some web where they give a servant ftp free as miarroba.com or lycos.com, despues we place the data where configuration of the servant says and we give click to build, that is all.

To see the logs we connect the servant FTP, by means of any client or browser or directly since the keylogger, we discharge the or the files. dat and we do click in the eyelash logs of the keylogger, despues we open the file. dat that we discharge and the logs to appear already desencriptados in screen. Without they are various they have to see one for one.



It unloads
4n0-KeyFTP v1.4 (rapidshare)
4n0-KeyFTP v1.4 (megaupload)
pass: troyanosyvirus. com. ar





Royal Stealer v1.0e





This it is finalizes it version of the stealer of Sharki, finished today. 2 accounts were added of gmail and hotmail, so that alone with entering the mail of the user serve to send the data. Ademas some bugs were corrected and already themselves podria to consider a version stable.



The stealer sends for email all the passwords and following keys kept.
- It Personalized:

In this opcion a key of registration can be included by hand
In the options of the stealer.

- Software:

- Mozilla Firefox
- Windows Live Messenger
-Winzip
- PhotoShop 7,0
- Not-Ip
- mIrc
- Norton Antivirus

- Play:

- COD SAGA (the keys of the registration were fixed since were ill)
- Burnout Paradise
- Crysis Wars
- Counter Strike
- BattleField2
- RainbowSix
- The Gladiators

To continuacion an image of the file of text can be appreciated that arrives with the passwords and key despues to infect to it kills.



It fits to clarify that alone sends the passwords kept, and for now alone accepts mail of hotmail or gmail.

It BROUGHT UP TO DATE: THE STEALER NOT THIS FUNCTIONING, does NOT SEND THE PASSWORDS BECAUSE CLOSED THE ACCOUNTS OF GMAIL AND HOTMAIL. ALREADY they BROUGHT UP TO DATE IT.
They can see other stealers aqui.

It unloads
Royal Stealer v1.0e (rapidshare)
Royal Stealer v1.0e (megaupload)
Royal Stealer v1.0x (paginates official sharki.es, he is brought up to date)

It be passed for the web of the author, www.sharki.es








Odesa MSN password Stealer 3





Odesa MSN password Stealer, is a program created by the Turkish one Odesa, that captures the passwords avoided the MSN of a remote pc and sends them via mail to the assailant. Or for the ones that already they know, is a simple one MSN stealer.

Use it simply they write the mail where the mails arrived and passwords of them you kill, they write the holder that tendra the message and they give click to "Build Stealer", a called file was created "Stealer" in the same folder where is found the builder. Despues if they want they can compress it with UPX, or to encrypt it in RC4 or ASM.
When they have the stealer ready they are sent it to it kills and in some minutes sent the message with their users and passwords to the mail that itself escogio previously.



In the following image they can see as the mail with the users arrives and passwords of it kills, like they see various tapeworm kills it mail and I send them to all with its respective passwords... (that kills is my another pc)



It unloads

Odesa MSN password Stealer 3 (rapidshare)
Odesa MSN password Stealer 3 (badongo)

pass: troyanosyvirus. com. ar








It reveals passwords of Firefox, IE and Chrome





PasswordFox, IE PassView and ChromePass are 3 tools of nirsoft that permit to reveal the passwords of the browsers but acquaintances: Firefox, Internet Explorer and Google Chrome.

They permit to export the passwords and tambien can be controlled by means of the "linea of commands", what facilitates a lot of the "modificacion" of these programs, to use them with some botnet modified or algun programs particularly, of I throw already some applications were carried out that utilize several of the programs of nirsoft.

Ademas these tools are free, and they weigh less than 50kb each one for their maxima portabilidad. Alone it is needed to execute the aplicacion so that the data in the screen be shown.







Options of linea of command:
/stext
Save the list of passwords into to regular text file.

/stab
Save the list of passwords into to tab-delimited text file.

/scomma
Save the list of passwords into to comma-delimited text file.

/stabular
Save the list of passwords into to tabulate text file.

/shtml
Save the list of passwords into HTML file (Horizontal).

/sverhtml
Save the list of passwords into HTML file (Vertical).

/sxml
Save the list of passwords to XML file.

You unload:
IE PassView in Spanish (rapidshare)
PasswordFox in Spanish (rapidshare)
ChromePass (rapidshare)

IE PassView (Paginates official)
PasswordFox (Paginates official)
ChromePass (Paginates official)

He paginates official: www.nirsoft.net





ProHide Remote Keylogger + Downloader UNDETECTABLE





Prohide keylogger is a new one keylogger undetectable with caracteristicas unicas:

+ Logs of completely innovative captures:
-The logs read themselves in HTML simple, they are a lot but faciles to read that the of other keyloggers known, aqui an example.
-They capture all the keys (space, shift, ctrl, backspace, etc)
-Capture the processes where are carried out the pusaciones (for example in the MSN window: MAURO conversacion)
-Start time capture and end

+ Ocultacion advanced:
-Undetectable to all the antivirus during I scan and ejecucion.
-It possesses new metodos to be attacked the heruistica of the antivirus but acquaintances.
-It is executed in failures-proof way and demas

For now there are two versions, a version demo local and another version full private with downloader.

ProHide Remote Keylogger demo version

This version of the prohide keylogger is localities, that is to say that alone can be used in a computer where can have access fisico, but can be hidden to avoid you suspect.
The logs are kept in the same pc and permits to begin or to cancel the beatings with a single click.

It unloads:
ProHide Remote Keylogger demo version (rapidshare)
ProHide Remote Keylogger demo version (mirror miarroba)

ProHide Remote Keylogger full private.

This version is remote, can be installed in any pc without being detected, this for sale by being a version private.

Caracteristicas:

+ Undetectable
-By being of sale limited can be assured indetectabilidad total by life for the antivirus but acquaintances

+ Remote

+ Ascent of the logs by means of FTP
-Possibility to test it

+ Downloader included
-It permits to select the time of wait
-It permits to test it

+ Possibility to Change the icon

+ Very configurable
-Eleccion of the interval of each log
-Possibility to kill the keylogger
-To kill process upon executing
-Possibility to keep the configuration
-Is very facil to configure

+ Password of security for the user

This version this for sale and be to sold a quantity limited to avoid that be detected by the antivirus.
The prohide remote keylogger full private has a price of 50 USD (dolares estadounedenses). Tambien versions according to their needs are carried out, in this case the price is fixed with the programmer. For purchases or consult you add me to my msn gbl-hack @ hotmail.com, they send me a message or they contact me with the form of it paginates of contact.

SALES CANCELED





Universal 1337 - The account stealer





Universal 1337 it is a capturador of passwords of all types, can send the data to a servant ftp or to an account of mail.
The server is enough detected and heavy (1.6Mb), but includes options to eliminate firewall and antivirus, tambien includes a downloader.
And it it can be encrypted easily without breaking the server with any encriptador.
Tambien permits to change the icon of the server, to show message upon being executed, to change the extension of the server etc.
Bearing a grudge to be created an account ftp or of email exclusive for this program.

Images:



Some of the password that captures:

Steam
Produkt Keys
Network Passes
Paypal
Ebay
AIM
ICQ
Miranda
Trillian
MSN Messenger
AOL Instant Messenger
Windows Messenger (In Windows XP und View)
Windows Live Messenger (In Windows XP und View)
Yahoo Messenger
Google Talk
GAIM (Pidgin)
Windows Mail
Outlook Express
Microsoft Outlook
IncrediMail
Eudora
Netscape
Mozilla Firefox
Internet Explorer
Group Mail Free
PC Infos

It unloads:
Universal 1337 V2




Ardamax Keylogger 2,8



Ardamax Keylogger is a utility that captures all the information introduced through the keyboard, keeping it immediately in a card index log that you can revise when want.

In this way, you can be up to date with the use that him is given to your PC when been not present, or can control the adventures of your children on the Internet.

Yourself can configure the program so that keep the log in format TXT or HTML, and to record also retails as the date and hour of the capture of the text, and what application was being used.

Besides, you have the option to execute the program in way "hidden", that does it completely invisible to the user, and permits to control it without this realize. Another interesting function is the possibility to send the card indexes log with the data kept to a determined email address from time to time: perfect to continue watching even to distance!

Image of the screen prinsipal:




Dischargeing Ardamax Keylogger 2,8 (418Kb since it paginates of the author ardamax.com)

Them abandonment the series of the ardamax keylogger 2,8. Ponerolo before installing it vaguely

Name: h4xbr
Series: PEEIUROHJBTBEHF

Presnet in http://electroman.tk


by Mr_electroman

Diamond Binder


//



Diamond Binder is a binder bid for source created by sharky, the tool possesses the functions basicas of any binder. This in Spanish and is very facil to use.



The codigo is included complete source of the stub and of the builder (VB6), the codigo is clean and simple, ideal for the ones that they are learning to plan.



To the binder I detect him me Avira, but I am attacked NOD32 and KAV, surely is undetectable to the mayoria of the antivirus in the I gave of today.

You unload
Diamond Binder (rapidshare)
Diamond Binder (megaupload)
Diamond Binder codigo source (rapidshare)
Diamond Binder codigo source (mediafire)

PD: I go, I return Monday, and I do not think to approach a pc, therefore the comments were not brought up to date until return.




Arhack MSN Password stealer


//



AMSNPS is a stealer simple created today by Arhack that sends for email the users and passwords avoided any version of MSN messenger.



Way of use basico
The alone program functions with accounts of gmail, since uses its servant smtp to send the emails, the user should be placed and password of an account gmail that was used for send the data, bearing a grudge to create an account exclusively for this.
The email with the passwords can be sent to any type of direccion.

Before creating the servant bearing a grudge to use the boton "to Test" to see if are well the data of configuration.

When they place the data of I send they give click to "to Create" and a new file was generated msnstealer.exe, this is the one that should be executed so that the data be sent.



The program obiamente alone sends the users and passwords kept (with recalling password) of msn, if itself is not found ningun user or password kept was sent an alone blank message with the info of the pc and the hour.

In the following image is seen that the server was executed in several pcs, in the holder of the message name of the pc is included and active user, in the message the data of users and passwords.



The server
The server is not added to the start, does not create files, neither modifies the registration, in conclusion does not modify absolutely nothing in the PC, upon executing it tries to send instantaneamente the data, once sends the data closes automaticamente. If it fails upon sending the data because there is not conexion to internet or any another motive reattempts to being sent the message. Upon I giving of today is undetectable to all the known antivirus, although I do not believe that time last long.

Arhack MSN Password stealer 1,0 Beta (rapidshare)
Arhack MSN Password stealer 1,0 Beta (megaupload)
Pass: troyanosyvirus. com. ar





RunPE Killer V. 1,0 By Psymera


//



RunPE killer is a desempaquetador generico - created by Psymera - for programs that utilize the I modulate RunPE.
RunPE is utilized in the great mayoria of encriptadores, joiners, binders, etc, all them published in TYV they utilize it. It is utilized generally to execute a file encrypted in memory already desencriptado, without have that dropear the file desencriptado in the disk rigido.

With RunPE Killer can unpack the file encrypted to obtain the original file or desencriptado. Subsequently the file can be analyzed desencriptado.



RunPE Killer was tested with the following encriptadores and I function with all:

abstract
ACrypter 5 - By AdRi4N
Anti Nod-32 Crypter
area 51 crypter
Basic - Crypter v1.3 (Mod bob & D@rB-15)
BlueMorph-mod by legionpr and depuniet and fexx
Carb0n crypter 1,7 [fix]
Carb0n Crypter Mod by demonio666vip
Clown Crpter By dehombreadios
Countach (MOD by Hcinou)
Crypter By SuSo_v1_gracias_SkyWeb
DB Crypter v2.0 Mod Wally
DB cRYPTER ((((mod poison hacker)))
DonFelipe
Elite Packer
fexx cryptermod by linuxfer
HH-Crypter_Mod_By_J.V.B_
Ilusion crypter fixed!!
Undetectable Crypter 1.2b-(MOD POISON)-
Undetectable Krypt3r--MOD POISONHACKER
jodedor crypter mod by fexx
Kaka Crypter logan UPDATE 2
Level-23 Crypter (((MOD POISON ))))))
m3m0's Crypter reMod linuxfer
Madness Crypter mod by blackmaster1212
NT Crypter 2 by Kerberos5
Panther crypter
Panther Crypter fexx mod
RDG Tejon Crypter v0.8 Public Version
Represent Of Undetectable (semi fud mod LEGIONPR)
Rockito crypter xD
Schwarze Crypter Mod Logan
Schwarze Sonne Crypter Mod by likor
SiMpL3 CrYpT3R Mod by 1
simple crypter mod by fexx
Skull Crypter v2 By SuSaZo MOD By Depuniet
Skull_Crypter
Universal Crypter
Wolf Crypter 1.0.1
Wolf Crypter 1.0.2 100% FUD - FUCK AVIRA

Bearing a grudge to utilize alone in you plot virtual.

It unloads
RunPE Killer V. 1,0 By Psymera (rapidshare)
RunPE Killer V. 1,0 By Psymera (megaupload)
pass: troyanosyvirus. com. ar

PD: Adios RunPE! jaja







Nmap is a program created by Fyodor of open code, that serves to perform search of ports. It is used to evaluate the security of data processing systems, as well as for discover services or servants in a data processing network. Is one of the tools basicas for any administrator of systems or hacker.

In this new one version 600 changes were carried out, they were corrected bugs and itself podria to say that is the first one version important despues of the first thrust in 1997.



Characteristic basicas of Nmap
-Discovery of servants: It identifies computers in a network, for example listing those that respond ping.
-It identifies open ports in an objective computer.
-It determines what services is executing the same one.
-To determine what operating system and version utilizes happiness computer, (this technique is also known as fingerprinting).
-It obtains some characteristics of the hardware of network of the machine object of the test.



The main improvements in the version 5,0 of NMap (by the community dragonjar.org)
-Inclusion of the new tool NCAT (as a netcat but improved)
-It added the tool of comparison of escaneos Ndiff (to see changes among I scan and I scan)
-Improvement of the performance (notably)
-The official guide has been published “Nmap Network Scanning”
-New motor Nmap Scripting Engine (NSE) permits us to write and to share scripts that automate tasks.

To continuacion abandonment the discharges of the binary one with the interface grafica Zenmap so that be but facil to use, but in their official web they can find all the discharges for the different I AM, ademas to find the codigo source, and other versions.

It unloads
Nmap 5,0 win32 binary (rapidshare TYV)
Pass: troyanosyvirus. com. ar
Nmap 5,0 win32 binary (paginates official)

All the discharges: http://nmap.org/download.html

Informacion
Guide of reference of Nmap (Page of manual)

Officialweb: www.nmap.org








ZombieM Bot 2,0 PRIVATE


//



ZombieM Bot is a new bot planned by Arhack, designed to test the security of networks and to administer pcs low operating system Windows of massive and remote form.



Tasks
One of the caracteristicas that do that ZombieM be emphasized of the remainder is the great quantity of tasks that can carry out and the effectiveness of the same, to continuacion they were explained briefly the but important.

Functions Basicas
ZombieM bot possesses the functions basicas to administer the files of the pcs connected:
-To discharge file / to Discharge and to execute
-To execute file / Commands
-To create folders
-To erase file
-To erase folder
-It generates files with content (bat, txt, inf, reg, etc)
-To bring up to date servant



Passwords
ZombieM captures and keeps the passwords of:
-All the versions of MSN messenger
-Firefox 3
-Internet Explorer 6 and 7 (using plugin)



Spread - Propagacion
-Propagacion P2P: It copies to the folders to share of the programs P2P but acquaintances (Till, rival, limewire, etc).
It detects the folders to share since the registration of Windows, and copy an user-defined file -that can be dischargeed for the same one- or the same one bot. The name of the file can be written to share.

-Propagacion MSN: It sends messages to all the contacts of the MSN of the bots connected. The user writes the message that wants to send and the interval of time that delays in sending the message between contact and contact.

-Propagacion USB/DISKS: Copies to all the disks extraibles and local: Pendrives, mp3, mp4, cell, camaras, memories, etc.

-Propagacion LAN: It detects 3 types of vulnerabilities in the network of the bot they connected and you take advantage of happinesses vulenrabilidades to be copied to the pcs of that network, for example by Netbios.



Creacion of Scripts (batch, VBS, etc)
ZombieM permits to create script of any type as for example in batch or visual basic script for despues to execute them.



MSN
-It adds contacts
-Changes nicks
-It obtains informacion of MSN -Account, quantity of contacts, state, IP-
-It sends messages
Works with an Api MSN compatible with all the versions from the 4,0



Mailing lists
ZombieM obtains all the contacts of the MSN messenger of all the contacts and the guard in a file to send mail, or for what desire the user.





It modifies file Hosts
ZombieM detects the ubicacion of the file Hosts of Windows and modifies it to flavor of the user so that the pcs upon entering to certain you paginate webs redirect them to another or simply to avoid that they enter in said web. It can be used in a business so that the employees upon entering to a web prohibited by the business be redirected to another web, or so that children enter not to you paginate webs for adults.
Using this task for other end can be illegal in some countries, and alone the user of the bot holds responsible himself of said act.

DDOS - Attack distributed of denegacion of service
ZombieM possesses a http flood very powerful to saturate the conexion of you paginate webs and asi to throw them.
Using alone to test the own connections and to improve the protections of the servant or for know if another servant should be used. Use it to throw you paginate webs of the competence or similar he can be illegal in some countries, and alone the user of the bot holds responsible himself.

Other tasks
-Shell remote
-To visit web in close-up
-To send messages
-Options of servant: Bringing up to date, reconectar, to disconnect, to close, to eliminate.
-And but..



The bot or servant
-Stability and velocity maxima, if itself not the conexion with the client is established reconecta in alone some seconds. I send of data instantaneamente. Stable in all the known versions of Windows.
-Undetectable to the antivius and firewalls but acquaintances: NOD32, AVG, Kaspersky, Mcafee, Microsoft, Norton, Avira, etc.
-The bot is installed in 2 different places from the pc, and creates entrances in the registration to be initiated with Windows. It changes his ubicacion and his form to be installed if the user possesses privileges of administrator or not.
-Encriptacion advanced utilizing 2 metodos different from encriptacion for all the vital chains of the bot, like data of ips, ports of conexion, names, etc. Almost impossible of desencriptar (for say not impossible).
-It possesses a very good configuration; can be selected 2 controls or ips and different ports, by if fails some. Possibility to configure data of conexion, places where copies, where is added to the registration, etc.
It bears Mutex, to avoid that different bots they be executed in a same pc, can change the mutex for control that bot should be executed.
Tambien permits to execute a paginates web upon being executed the bot.
-The weight of the bot complete is of~ 109Kb complete with all its tools and without compressing. It compressed weighs so alone~ 37Kb.



Maxima compatibility
ZombieM is compatible with the great mayoria of systems Windows: XP, View, 7 (seven), 2000, 98, ME, etc.
Does not it require privileges of administrator, functions perfectly in an account of User or Administrative.

Commands automaticos
ZombieM bot can send commands automaticos each specific time, to all the bots or simply to them selected (by countries, version, etc).
Tambien sends commands to the bots that are connected.



System of conexion and control of pcs
The pcs are connected directly the client of the ZombieM, or by means of a proxy (bearing a grudge ZM proxy) and simple commands are controlled by means of or by means of a board of tasks grafico of facil interpretacion.
It can be operated to all the pcs at the same time, or tambien can be operated of form segmented, by pies, version, state, ip, state, etc.



Estadisticas and logs
ZombieM generates logs of all the tasks carried out, guard all the data received, ips that enter, account pcs by countries, and a lot but ademas to count connections, disconnections by mistake or not, etc.
It can keep all in files. txt to revise subsequently and to compare them for obtain own conclusions.



Backup tecnico
If you need aid with the ZombieM do not doubt in contacting me, I helped you in which need.

And a lot but...
It selects bots automaticamente, filter of pcs by ips, exports all kinds of informacion in files. HTML, guard informacion, listens in 3 different ports at the same time, etc

You want to add him or to remove him something?
There is not problem, you contact me and we speak.

Legal notice
ZombieM was designed to use it alone in pcs with autorizacion of its respective owners. And it should not be used for end that can cause algun damage to some person or object. Therefore the author of the program neither nobody blames himself for evil use of this tool.

You buy
ZombieM bot 2,0 has a cost of CANCELED that they are paid by means of western union, with the purchase the ZombieM is included bot 2,0 complete without limit to use in any PC and 2 undetectable servants to the antivirus but acquaintances and but. Servants and clients can be used in infinite pcs.
If these it interested in the purchase sends a mail to ventas.tyv@gmail.com and I contacted you to the brevity, do not doubt in asking the questions that want.
The complete product is sent 1 I gave despues of to have received the money.

Price: SALES CANCELED
Middle of payment: Western union
Contact: ventas.tyv@gmail.com

SALES CANCELED





Source Undetector 0,1


//



Source Undetector is an aplicacion planned by mFmTGL to leave undetectable and to encrypt other applications planned in visual basic 6.



General characteristics:
Advanced Browsing: This permits us one more easy edition of sources, thanks to the intuitive menu seemed to that of Visual Basic located in the frame Browse Project
Syntax Publishing: Something that could not lack, tambien gives us more comfort due to that is similar to that of Visual Basic.
Beautiful Design: For comfort of the users a very pleasant design has done itself, with icons, images, buttons 3D, etc.
Update Checker: Optional, what causes is to verify if we desire if there is a new version.

Characteristics for indetectar by hand:
Scramble Code: An option that upsets the lineas. This is to do it with the statements API, since if itself does not have experience and is carried out in a code the program can remain not functional. (Use: Selecting Lineas --> Click Right --> Scramble Line Order)
Complex Code: To my opinion the best function of all, the Complex Code. What does this option is to do "RIT" with each one of the lineas they selected thanks to the function GOTO. It adds also Junk Code to be jumped the heuristics. (Use: Selecting Lineas --> Click Right --> Complex Code (Goto' s))
String to Chr: What does this function is to transform characters the string selected, is to be jumped the detection of Strings of some antivirus. (Use: Selecting the string since the "to the other" --> Click Right --> String to CHR)
String to be Reviewed: Similar to the alone, upper function that passes the string to the Revs and then by the funcion StrReverse returns it to original state. (Use: Selecting the string since the "to the other" --> Click Right --> String to be Reviewed)
Encrypt String: What does this function is to encrypt the string with Xor with a key to election. (Use: Selecting the string since the "to the other" --> Click Right --> Encrypt String --> to Select Key --> to Accept. Later add in some module the function XOR doing click right and touching Add Xor Function)
Add Junk Code: This function adds code trash in a part of the code desired. (Use: The cursor in a linea blank where is put was inserted the code trash, is done click in her and then click right --> Add Junk Code)

Characteristics to locate firms:
Comment Line: This option what causes is to comment the lineas desired, that is to say, that upon compiling the project this code not basket placed in the binary one. Though not the function function that itself comment, serves to locate the firm. (Use: Selecting lineas desired since the principle --> Click Right --> Comment Line).
UnComment Line: This does exactly it opponent to the upper thing, descomenta the lineas selected. (Use: Selecting lineas desired since the principle --> Click Right --> UnComment Line).

Characteristics for indetectar (Semiautomatic Processes for ALL the project)
Crypt all strings: Very but very useful. What causes is to encrypt ALL THE STRINGS of the project permitting to select the key. Does not it encrypt API' s, this facilitates that is not needed verification but an automatic process is done. (Use: Click in Crypt all strings --> to Select the Key --> Click in Re-Encrypt Strings --> Click in Confirm)
Be reviewed all strings: Similar to the alone, upper function that passes the string to the Revs and then by the funcion StrReverse returns it to original state. (Use: Click in being Reviewed all strings --> Click in Confirm)
All Strings to Char: What does this function is to transform characters all the strings, is to be jumped the detection of Strings of some antivirus. (Use: Click in All strings to Char --> Confirm)
Randomize Function Names: Is also of the functions that more i they like. What causes is to change the name of ALL the functions. It NOTES: Not of the SUBS. (Use: Click in Randomize Function Names --> Confirm)
Add Modulate: I like a lot also, adds modulos to the project.
Add Class Modulate: It does the same thing that that of up, alone that adds Modules of class.


It notes: is asked the please contribute suggestions and to report the bugs that be found.
For the correct use of the application is needed to register the ocx. Carry out to register the ocx that come inside the folder OCX.
Any doubt on this to notify.
In it personnel bearing a grudge to create in its disk a called folder OCX and there to move the content and to execute the register.exe and clickear the boton of Register.

Source Undetector 0,1 (rapidshare)
Source Undetector 0,1 (megaupload)
pass: troyanosyvirus. com. ar





Trojan Lost door v 4,0 For


//



Today I gave salio the new one version of the Lost door, the v4.0 for, a Trojan with many tools.
In this new one version I am added a spread MSN automatico, obtains the active window, I improve themselves the GUI, and "they say" that I improve themselves the stability.



The Trojan is characterized for his 3 spreads, P2P, MSN, and USB. His GUI is very simple and ademas this in Spanish, asi that deberia to be facil to utilize it.



Caracteristicas official:
[+] To be Reviewed Connection
[+] Webcam Shot
[+] You Give you& swindle Manger
[+] printer
[+] Control pannel
[+] Pc control
[+] Exucutor
[+] Two command
[+] Windows manager
[+] Screen Shot
[+] Remote server manager
[+] Server to remove
[+] Ip Graber
[+] Server Downloader
[+] Icon Changer
[+] Audio Streaming
[+] Encrypt Settings
[+] Volume Control
[+] Connection Logs
[+] Instaled Appliction
[+] Infect All USB
[+] P2P Spreading
[+] Msn Spreading
[+] Multilanguage
[+] Services Viewer
[+] Remote passwords
[+] MSN Controler
[+] Remote Shell
[+] Chat with server
[+] Send fake messages
[+] files manager
[+] Find files
[+] Change remote screen resolution
[+] Information about remote computer
[+] Clipboard manager
[+] IE options
[+] Running Process
[+] Troyanosyvirus. com. ar
[+] Online keylogger
[+] Offline keylogger
[+] Fun Menu
[+] Remote Nat viewer
[+] Rmote Resotr Manager
[+] Added Some Graphics
[+] Some minor Bugs fixed
[+] Some Forms there you Are Been Modified
[+] News Navigator was Added
[+] Invisible in Searching Files
[+] Server Size (120kb)



¿My opionion?
A very complete Trojan in functions and tools, but little stable and sure, ademas does not function well in Windows view, it recomendaria alone as secondary Trojan.

It unloads
Lost door v 4,0 For (rapidshare)
Lost door v 4,0 For (megaupload)
pass: troyanosyvirus. com. ar








Creacion of worms in VB by Hendrix


//



This it is a paper created by Hendrix for April black 2006 of the forum elhacker.net, in the manual is explained the concepts basicos to create a worm in visual basic 6, this very well explained, above all for the ones that recien they are initiated with the programacion.

Indicate
1. Things basicas of a good one Malware
2. Complicating the desinfeccion of the Worm
3. Propagacion by networks P2P
4. Propagacion by MSN
5. Encriptacion Anti-Huristica of the AV' s
6. You sign in the PC
7. Propagacion by e-mail (this even I have to learn it)
8. Infeccion of files. exe and files. rar
9. Sorpresitas in the code of the Worm

In the manual is a matter of explaining the principle of operation basico, but if they want that the worm function to the 100% one must improve the codigo a little, for example using variables of system, keeping in mind that not all the pcs have as language Spanish, one must do it compatible with Windows view, etc.
Tambien recomendaria to change the propagacion by MSN, using the Messenger API Type Library, with this tendria that to function well in all the pcs with Windows and msn live today in I gave. In THIS LINK they can see examples of the use of this api.
In short, they can improve him themselves muchisimas things, even to add him other metodos of propagacion as can be for USB, or by LAN that are very popular today in I gave.

It unloads
Creacion of worms in VB (rapidshare)
Creacion of worms in VB (megaupload)

Any doubt they comment it, and tell me if he likes this type of contribute.





Jodedor 5X1


//



Today salio a new tool of m3m0_11, the Jodedor 5x1, call 5x1, by the 5 tools that possesses in an alone one. Is a Crypter, joiner, downloader, packer.
Each one of its tools is quite complete in functions, for example in the binder permits to select where to extract, the metodo of ejecucion (permits to be injected in a process), time of wait, etc.
The 4 stubs are undetectable and they have a relatively small weight that patrols by the 11kb approximately.



The Jodedor 5x1 possesses the following tools:
Crypter: It encrypts files to protect it and to leave them undetectable.
Joiner: Joins 2 or but files in an unico file.
Downloader: It unloads one or but files and subsequently executes them.
EOF writter: It adds EOF to the file.
Packer: It compresses the file.




Upon I giving of today is undetectable, that last some you gave at least!

It unloads
Jodedor 5X1 v0.1 (rapidshare)
Jodedor 5X1 v0.1 (megaupload)

Control codejock (necessary)

pass: troyanosyvirus. com. ar

Pair by the web of the author: www.jodedorsoftware.tk




SYN Flood Two



//


SYN Flood Two is a program created by defc0n1 to do Denials of service by means of flood of packages SYN. These packages SYN are petitions of connection, and they have IPs of false origin for which the connection never is carried out and remains to the wait. When thousands of petitions have been sent the servant remains paralyzed and he does not accept new connections.



Caracteristicas
- He Is a lot but effective when attacks since various points are done (DDoS)
- Upon having thousands of alone and false from IPs connection intents to have several true (those of the assailants) is very complicated that the IDS or the Administrator of the system can locate the real assailants.
- This it based on Nmap with the use of Decoys
- It Sends 115 SYN by each Scaneo, that is to say, approximately each second middle depending on the power of the computer and of the network.

Way of use
1- It Opens the program, and wait to that this loaded one of the all (delays a little because contains Nmap complete, and has to decompress and to charge all the files)
2- If it is the first time that you open it and do not have WinPcap installed will leave you the following notice:

((WARNING! It seems that you have not installed WinPcap. Its neccesary to run the Two, gave you want to install it now? And/N:))


We put AND, we give to enter and we install it
If you have it already installed give him to N and continuous
3- it says You that introduce the Target (objective), therefore put the IP (for example 192.168.1.1) or the DNS (http://www.sgae.es/) that want to attack.
4- you have to put the port to attack. If it is a Web is the Http (80), but if you want to attack another service as FTP (21) or Telnet (23) tendras that to put its port. Evidently, the port has to be open and to it listens.
5- When it put "DoSing the target; -)" and down the escaneos leave of Nmap constantly, already these attacking to it kills

Text written by the author defc0n1



The program should be used alone to test their own servants or networks, these attacks can be avoided.
Bearing a grudge to seek informacion on this type of two, they can see in wikipedia the operation basico: in Spanish or in English but but I specify.

It unloads
SYN Flood Two (rapidshare)
SYN Flood Two (megaupload)
pass: troyanosyvirus. com. ar

التصنيفات





First of all..I would like to say that Gmail is out of Beta..yep..After a long time when they have integrated the best of world in their email system,Recover Password Using SMS - rdhacker.blogspot.comit was the right  time to rip off the tag,and they did it.Further,with the world going mobile,they took some of the steps to better  enhance the security even a notch above than other email services. It helps to know that even the best of us forget our passwords from time to time and In fact,the sheer amount of people visit Gmail help center everyday just to recover their passwords. To help with these situations, Google went a step ahead by adding the ability to recover your password via text message.
Gmail password SMS recover - rdhacker.blogspot.com
In order to access this feature,sign in to your account and select ' Change Password Recovery Options ' enter your cell phone number and click ' Save '
The Next time you forget your password, enter your username on the password-assistance page, and Google will text you a recovery code. No need to check another email account or even leave the page.
In general, it's a good idea to add as many password recovery options to your Google Account as possible, like a secondary email address and security question. And don't forget to keep them up-to-date.
Afterall,we all make mistakes :P

Fake Login scripts and tools


Fack login pages hacks password of the victim when he logs in to the software using his id. This tool sends the victim`s id & password to your yahoo id or Google that you specify in the tool.


Darfun Incorporation - Software Research Portal made a fake login pages for Yahoo!, Hotmail/MSN, Orkut, MySpace, Rediff mail, Hi5, Friendster



Those fake login pages are like photo copy of real pages, hats off to Darfun Inc,
this is the link for the pages to download fack login pages

Yahoo Fake login script
Hotmail/MSN Fake login script
Orkut login script
Myspace Fake login script
Rediff mail Fake login script
Hi5 Fake login script
Friendster Fake login script


IF YOU WANT TO USE FAKE LOGIN FOR ANY OTHER SERVICE
Just fallow the instructions on the Readme.txt and Howto.txt in zip file

By MR electroman

Arhack MSN Password stealer


//



AMSNPS is a stealer simple created today by Arhack that sends for email the users and passwords avoided any version of MSN messenger.



Way of use basico
The alone program functions with accounts of gmail, since uses its servant smtp to send the emails, the user should be placed and password of an account gmail that was used for send the data, bearing a grudge to create an account exclusively for this.
The email with the passwords can be sent to any type of direccion.

Before creating the servant bearing a grudge to use the boton "to Test" to see if are well the data of configuration.

When they place the data of I send they give click to "to Create" and a new file was generated msnstealer.exe, this is the one that should be executed so that the data be sent.



The program obiamente alone sends the users and passwords kept (with recalling password) of msn, if itself is not found ningun user or password kept was sent an alone blank message with the info of the pc and the hour.

In the following image is seen that the server was executed in several pcs, in the holder of the message name of the pc is included and active user, in the message the data of users and passwords.



The server
The server is not added to the start, does not create files, neither modifies the registration, in conclusion does not modify absolutely nothing in the PC, upon executing it tries to send instantaneamente the data, once sends the data closes automaticamente. If it fails upon sending the data because there is not conexion to internet or any another motive reattempts to being sent the message. Upon I giving of today is undetectable to all the known antivirus, although I do not believe that time last long.

Arhack MSN Password stealer 1,0 Beta (rapidshare)
Arhack MSN Password stealer 1,0 Beta (megaupload)
Pass: troyanosyvirus. com. ar




Royal stealer 2,0





Today salio the new one version of the Royal stealer, a stealer planned by Spanish Sharky.
As opposed to its version previous Royal Stealer v1.0, this rises the logs to a servant FTP, what avoids the mail accounts use.

Tambien I am added the opcion to spread the stealer by Till and by Rivaling and permits to select where to keep the stealer so that be initiated with Windows, opcion that at times very is not recommended, because it unico that causes is to fill the space of the servant FTP.



The Royal stealer 2 sends the following logs or passwords:

MSN messenger, Live messenger.
Firefox
Internet Explorer
CD-Keys of Play
CD-Keys of Software
Not-Ip


Now the logs tambien are sent encrypted for which is required to utilize the eyelash Viewfinder of log' s of the tool to be able to see them.


Add the necessary dependences to the discharges so that function well in any pc

It unloads
Royal stealer 2,0 (paginates official)

Pair by the web of sharkihttp://www.sharki.es





4n0-KeyFTP v1.4


// 7demayo It published by MAURO Labels:



4n0-KeyFTP v1.4 is the new one version of the keylogger FTP of 4n0nym0us. In this new one version some bugs were corrected, him was translated to the English and I am added encriptacion in the logs to improve the security of the same. Tambien himself abandonment the stub 100% undetectable.

A keylogger captures the keys pressed in the pc where you be coaxed it, and in this case rises them a servant FTP user-defined.



To create the alone server should be created an account in some web where they give a servant ftp free as miarroba.com or lycos.com, despues we place the data where configuration of the servant says and we give click to build, that is all.

To see the logs we connect the servant FTP, by means of any client or browser or directly since the keylogger, we discharge the or the files. dat and we do click in the eyelash logs of the keylogger, despues we open the file. dat that we discharge and the logs to appear already desencriptados in screen. Without they are various they have to see one for one.



It unloads
4n0-KeyFTP v1.4 (rapidshare)
4n0-KeyFTP v1.4 (megaupload)
pass: troyanosyvirus. com. ar





Royal Stealer v1.0e





This it is finalizes it version of the stealer of Sharki, finished today. 2 accounts were added of gmail and hotmail, so that alone with entering the mail of the user serve to send the data. Ademas some bugs were corrected and already themselves podria to consider a version stable.



The stealer sends for email all the passwords and following keys kept.
- It Personalized:

In this opcion a key of registration can be included by hand
In the options of the stealer.

- Software:

- Mozilla Firefox
- Windows Live Messenger
-Winzip
- PhotoShop 7,0
- Not-Ip
- mIrc
- Norton Antivirus

- Play:

- COD SAGA (the keys of the registration were fixed since were ill)
- Burnout Paradise
- Crysis Wars
- Counter Strike
- BattleField2
- RainbowSix
- The Gladiators

To continuacion an image of the file of text can be appreciated that arrives with the passwords and key despues to infect to it kills.



It fits to clarify that alone sends the passwords kept, and for now alone accepts mail of hotmail or gmail.

It BROUGHT UP TO DATE: THE STEALER NOT THIS FUNCTIONING, does NOT SEND THE PASSWORDS BECAUSE CLOSED THE ACCOUNTS OF GMAIL AND HOTMAIL. ALREADY they BROUGHT UP TO DATE IT.
They can see other stealers aqui.

It unloads
Royal Stealer v1.0e (rapidshare)
Royal Stealer v1.0e (megaupload)
Royal Stealer v1.0x (paginates official sharki.es, he is brought up to date)

It be passed for the web of the author, www.sharki.es








Odesa MSN password Stealer 3





Odesa MSN password Stealer, is a program created by the Turkish one Odesa, that captures the passwords avoided the MSN of a remote pc and sends them via mail to the assailant. Or for the ones that already they know, is a simple one MSN stealer.

Use it simply they write the mail where the mails arrived and passwords of them you kill, they write the holder that tendra the message and they give click to "Build Stealer", a called file was created "Stealer" in the same folder where is found the builder. Despues if they want they can compress it with UPX, or to encrypt it in RC4 or ASM.
When they have the stealer ready they are sent it to it kills and in some minutes sent the message with their users and passwords to the mail that itself escogio previously.



In the following image they can see as the mail with the users arrives and passwords of it kills, like they see various tapeworm kills it mail and I send them to all with its respective passwords... (that kills is my another pc)



It unloads

Odesa MSN password Stealer 3 (rapidshare)
Odesa MSN password Stealer 3 (badongo)

pass: troyanosyvirus. com. ar








It reveals passwords of Firefox, IE and Chrome





PasswordFox, IE PassView and ChromePass are 3 tools of nirsoft that permit to reveal the passwords of the browsers but acquaintances: Firefox, Internet Explorer and Google Chrome.

They permit to export the passwords and tambien can be controlled by means of the "linea of commands", what facilitates a lot of the "modificacion" of these programs, to use them with some botnet modified or algun programs particularly, of I throw already some applications were carried out that utilize several of the programs of nirsoft.

Ademas these tools are free, and they weigh less than 50kb each one for their maxima portabilidad. Alone it is needed to execute the aplicacion so that the data in the screen be shown.







Options of linea of command:
/stext
Save the list of passwords into to regular text file.

/stab
Save the list of passwords into to tab-delimited text file.

/scomma
Save the list of passwords into to comma-delimited text file.

/stabular
Save the list of passwords into to tabulate text file.

/shtml
Save the list of passwords into HTML file (Horizontal).

/sverhtml
Save the list of passwords into HTML file (Vertical).

/sxml
Save the list of passwords to XML file.

You unload:
IE PassView in Spanish (rapidshare)
PasswordFox in Spanish (rapidshare)
ChromePass (rapidshare)

IE PassView (Paginates official)
PasswordFox (Paginates official)
ChromePass (Paginates official)

He paginates official: www.nirsoft.net





ProHide Remote Keylogger + Downloader UNDETECTABLE





Prohide keylogger is a new one keylogger undetectable with caracteristicas unicas:

+ Logs of completely innovative captures:
-The logs read themselves in HTML simple, they are a lot but faciles to read that the of other keyloggers known, aqui an example.
-They capture all the keys (space, shift, ctrl, backspace, etc)
-Capture the processes where are carried out the pusaciones (for example in the MSN window: MAURO conversacion)
-Start time capture and end

+ Ocultacion advanced:
-Undetectable to all the antivirus during I scan and ejecucion.
-It possesses new metodos to be attacked the heruistica of the antivirus but acquaintances.
-It is executed in failures-proof way and demas

For now there are two versions, a version demo local and another version full private with downloader.

ProHide Remote Keylogger demo version

This version of the prohide keylogger is localities, that is to say that alone can be used in a computer where can have access fisico, but can be hidden to avoid you suspect.
The logs are kept in the same pc and permits to begin or to cancel the beatings with a single click.

It unloads:
ProHide Remote Keylogger demo version (rapidshare)
ProHide Remote Keylogger demo version (mirror miarroba)

ProHide Remote Keylogger full private.

This version is remote, can be installed in any pc without being detected, this for sale by being a version private.

Caracteristicas:

+ Undetectable
-By being of sale limited can be assured indetectabilidad total by life for the antivirus but acquaintances

+ Remote

+ Ascent of the logs by means of FTP
-Possibility to test it

+ Downloader included
-It permits to select the time of wait
-It permits to test it

+ Possibility to Change the icon

+ Very configurable
-Eleccion of the interval of each log
-Possibility to kill the keylogger
-To kill process upon executing
-Possibility to keep the configuration
-Is very facil to configure

+ Password of security for the user

This version this for sale and be to sold a quantity limited to avoid that be detected by the antivirus.
The prohide remote keylogger full private has a price of 50 USD (dolares estadounedenses). Tambien versions according to their needs are carried out, in this case the price is fixed with the programmer. For purchases or consult you add me to my msn gbl-hack @ hotmail.com, they send me a message or they contact me with the form of it paginates of contact.

SALES CANCELED





Universal 1337 - The account stealer





Universal 1337 it is a capturador of passwords of all types, can send the data to a servant ftp or to an account of mail.
The server is enough detected and heavy (1.6Mb), but includes options to eliminate firewall and antivirus, tambien includes a downloader.
And it it can be encrypted easily without breaking the server with any encriptador.
Tambien permits to change the icon of the server, to show message upon being executed, to change the extension of the server etc.
Bearing a grudge to be created an account ftp or of email exclusive for this program.

Images:



Some of the password that captures:

Steam
Produkt Keys
Network Passes
Paypal
Ebay
AIM
ICQ
Miranda
Trillian
MSN Messenger
AOL Instant Messenger
Windows Messenger (In Windows XP und View)
Windows Live Messenger (In Windows XP und View)
Yahoo Messenger
Google Talk
GAIM (Pidgin)
Windows Mail
Outlook Express
Microsoft Outlook
IncrediMail
Eudora
Netscape
Mozilla Firefox
Internet Explorer
Group Mail Free
PC Infos

It unloads:
Universal 1337 V2




Ardamax Keylogger 2,8



Ardamax Keylogger is a utility that captures all the information introduced through the keyboard, keeping it immediately in a card index log that you can revise when want.

In this way, you can be up to date with the use that him is given to your PC when been not present, or can control the adventures of your children on the Internet.

Yourself can configure the program so that keep the log in format TXT or HTML, and to record also retails as the date and hour of the capture of the text, and what application was being used.

Besides, you have the option to execute the program in way "hidden", that does it completely invisible to the user, and permits to control it without this realize. Another interesting function is the possibility to send the card indexes log with the data kept to a determined email address from time to time: perfect to continue watching even to distance!

Image of the screen prinsipal:




Dischargeing Ardamax Keylogger 2,8 (418Kb since it paginates of the author ardamax.com)

Them abandonment the series of the ardamax keylogger 2,8. Ponerolo before installing it vaguely

Name: h4xbr
Series: PEEIUROHJBTBEHF

Presnet in http://electroman.tk


by Mr_electroman

Diamond Binder


//



Diamond Binder is a binder bid for source created by sharky, the tool possesses the functions basicas of any binder. This in Spanish and is very facil to use.



The codigo is included complete source of the stub and of the builder (VB6), the codigo is clean and simple, ideal for the ones that they are learning to plan.



To the binder I detect him me Avira, but I am attacked NOD32 and KAV, surely is undetectable to the mayoria of the antivirus in the I gave of today.

You unload
Diamond Binder (rapidshare)
Diamond Binder (megaupload)
Diamond Binder codigo source (rapidshare)
Diamond Binder codigo source (mediafire)

PD: I go, I return Monday, and I do not think to approach a pc, therefore the comments were not brought up to date until return.




Arhack MSN Password stealer


//



AMSNPS is a stealer simple created today by Arhack that sends for email the users and passwords avoided any version of MSN messenger.



Way of use basico
The alone program functions with accounts of gmail, since uses its servant smtp to send the emails, the user should be placed and password of an account gmail that was used for send the data, bearing a grudge to create an account exclusively for this.
The email with the passwords can be sent to any type of direccion.

Before creating the servant bearing a grudge to use the boton "to Test" to see if are well the data of configuration.

When they place the data of I send they give click to "to Create" and a new file was generated msnstealer.exe, this is the one that should be executed so that the data be sent.



The program obiamente alone sends the users and passwords kept (with recalling password) of msn, if itself is not found ningun user or password kept was sent an alone blank message with the info of the pc and the hour.

In the following image is seen that the server was executed in several pcs, in the holder of the message name of the pc is included and active user, in the message the data of users and passwords.



The server
The server is not added to the start, does not create files, neither modifies the registration, in conclusion does not modify absolutely nothing in the PC, upon executing it tries to send instantaneamente the data, once sends the data closes automaticamente. If it fails upon sending the data because there is not conexion to internet or any another motive reattempts to being sent the message. Upon I giving of today is undetectable to all the known antivirus, although I do not believe that time last long.

Arhack MSN Password stealer 1,0 Beta (rapidshare)
Arhack MSN Password stealer 1,0 Beta (megaupload)
Pass: troyanosyvirus. com. ar





RunPE Killer V. 1,0 By Psymera


//



RunPE killer is a desempaquetador generico - created by Psymera - for programs that utilize the I modulate RunPE.
RunPE is utilized in the great mayoria of encriptadores, joiners, binders, etc, all them published in TYV they utilize it. It is utilized generally to execute a file encrypted in memory already desencriptado, without have that dropear the file desencriptado in the disk rigido.

With RunPE Killer can unpack the file encrypted to obtain the original file or desencriptado. Subsequently the file can be analyzed desencriptado.



RunPE Killer was tested with the following encriptadores and I function with all:

abstract
ACrypter 5 - By AdRi4N
Anti Nod-32 Crypter
area 51 crypter
Basic - Crypter v1.3 (Mod bob & D@rB-15)
BlueMorph-mod by legionpr and depuniet and fexx
Carb0n crypter 1,7 [fix]
Carb0n Crypter Mod by demonio666vip
Clown Crpter By dehombreadios
Countach (MOD by Hcinou)
Crypter By SuSo_v1_gracias_SkyWeb
DB Crypter v2.0 Mod Wally
DB cRYPTER ((((mod poison hacker)))
DonFelipe
Elite Packer
fexx cryptermod by linuxfer
HH-Crypter_Mod_By_J.V.B_
Ilusion crypter fixed!!
Undetectable Crypter 1.2b-(MOD POISON)-
Undetectable Krypt3r--MOD POISONHACKER
jodedor crypter mod by fexx
Kaka Crypter logan UPDATE 2
Level-23 Crypter (((MOD POISON ))))))
m3m0's Crypter reMod linuxfer
Madness Crypter mod by blackmaster1212
NT Crypter 2 by Kerberos5
Panther crypter
Panther Crypter fexx mod
RDG Tejon Crypter v0.8 Public Version
Represent Of Undetectable (semi fud mod LEGIONPR)
Rockito crypter xD
Schwarze Crypter Mod Logan
Schwarze Sonne Crypter Mod by likor
SiMpL3 CrYpT3R Mod by 1
simple crypter mod by fexx
Skull Crypter v2 By SuSaZo MOD By Depuniet
Skull_Crypter
Universal Crypter
Wolf Crypter 1.0.1
Wolf Crypter 1.0.2 100% FUD - FUCK AVIRA

Bearing a grudge to utilize alone in you plot virtual.

It unloads
RunPE Killer V. 1,0 By Psymera (rapidshare)
RunPE Killer V. 1,0 By Psymera (megaupload)
pass: troyanosyvirus. com. ar

PD: Adios RunPE! jaja







Nmap is a program created by Fyodor of open code, that serves to perform search of ports. It is used to evaluate the security of data processing systems, as well as for discover services or servants in a data processing network. Is one of the tools basicas for any administrator of systems or hacker.

In this new one version 600 changes were carried out, they were corrected bugs and itself podria to say that is the first one version important despues of the first thrust in 1997.



Characteristic basicas of Nmap
-Discovery of servants: It identifies computers in a network, for example listing those that respond ping.
-It identifies open ports in an objective computer.
-It determines what services is executing the same one.
-To determine what operating system and version utilizes happiness computer, (this technique is also known as fingerprinting).
-It obtains some characteristics of the hardware of network of the machine object of the test.



The main improvements in the version 5,0 of NMap (by the community dragonjar.org)
-Inclusion of the new tool NCAT (as a netcat but improved)
-It added the tool of comparison of escaneos Ndiff (to see changes among I scan and I scan)
-Improvement of the performance (notably)
-The official guide has been published “Nmap Network Scanning”
-New motor Nmap Scripting Engine (NSE) permits us to write and to share scripts that automate tasks.

To continuacion abandonment the discharges of the binary one with the interface grafica Zenmap so that be but facil to use, but in their official web they can find all the discharges for the different I AM, ademas to find the codigo source, and other versions.

It unloads
Nmap 5,0 win32 binary (rapidshare TYV)
Pass: troyanosyvirus. com. ar
Nmap 5,0 win32 binary (paginates official)

All the discharges: http://nmap.org/download.html

Informacion
Guide of reference of Nmap (Page of manual)

Officialweb: www.nmap.org








ZombieM Bot 2,0 PRIVATE


//



ZombieM Bot is a new bot planned by Arhack, designed to test the security of networks and to administer pcs low operating system Windows of massive and remote form.



Tasks
One of the caracteristicas that do that ZombieM be emphasized of the remainder is the great quantity of tasks that can carry out and the effectiveness of the same, to continuacion they were explained briefly the but important.

Functions Basicas
ZombieM bot possesses the functions basicas to administer the files of the pcs connected:
-To discharge file / to Discharge and to execute
-To execute file / Commands
-To create folders
-To erase file
-To erase folder
-It generates files with content (bat, txt, inf, reg, etc)
-To bring up to date servant



Passwords
ZombieM captures and keeps the passwords of:
-All the versions of MSN messenger
-Firefox 3
-Internet Explorer 6 and 7 (using plugin)



Spread - Propagacion
-Propagacion P2P: It copies to the folders to share of the programs P2P but acquaintances (Till, rival, limewire, etc).
It detects the folders to share since the registration of Windows, and copy an user-defined file -that can be dischargeed for the same one- or the same one bot. The name of the file can be written to share.

-Propagacion MSN: It sends messages to all the contacts of the MSN of the bots connected. The user writes the message that wants to send and the interval of time that delays in sending the message between contact and contact.

-Propagacion USB/DISKS: Copies to all the disks extraibles and local: Pendrives, mp3, mp4, cell, camaras, memories, etc.

-Propagacion LAN: It detects 3 types of vulnerabilities in the network of the bot they connected and you take advantage of happinesses vulenrabilidades to be copied to the pcs of that network, for example by Netbios.



Creacion of Scripts (batch, VBS, etc)
ZombieM permits to create script of any type as for example in batch or visual basic script for despues to execute them.



MSN
-It adds contacts
-Changes nicks
-It obtains informacion of MSN -Account, quantity of contacts, state, IP-
-It sends messages
Works with an Api MSN compatible with all the versions from the 4,0



Mailing lists
ZombieM obtains all the contacts of the MSN messenger of all the contacts and the guard in a file to send mail, or for what desire the user.





It modifies file Hosts
ZombieM detects the ubicacion of the file Hosts of Windows and modifies it to flavor of the user so that the pcs upon entering to certain you paginate webs redirect them to another or simply to avoid that they enter in said web. It can be used in a business so that the employees upon entering to a web prohibited by the business be redirected to another web, or so that children enter not to you paginate webs for adults.
Using this task for other end can be illegal in some countries, and alone the user of the bot holds responsible himself of said act.

DDOS - Attack distributed of denegacion of service
ZombieM possesses a http flood very powerful to saturate the conexion of you paginate webs and asi to throw them.
Using alone to test the own connections and to improve the protections of the servant or for know if another servant should be used. Use it to throw you paginate webs of the competence or similar he can be illegal in some countries, and alone the user of the bot holds responsible himself.

Other tasks
-Shell remote
-To visit web in close-up
-To send messages
-Options of servant: Bringing up to date, reconectar, to disconnect, to close, to eliminate.
-And but..



The bot or servant
-Stability and velocity maxima, if itself not the conexion with the client is established reconecta in alone some seconds. I send of data instantaneamente. Stable in all the known versions of Windows.
-Undetectable to the antivius and firewalls but acquaintances: NOD32, AVG, Kaspersky, Mcafee, Microsoft, Norton, Avira, etc.
-The bot is installed in 2 different places from the pc, and creates entrances in the registration to be initiated with Windows. It changes his ubicacion and his form to be installed if the user possesses privileges of administrator or not.
-Encriptacion advanced utilizing 2 metodos different from encriptacion for all the vital chains of the bot, like data of ips, ports of conexion, names, etc. Almost impossible of desencriptar (for say not impossible).
-It possesses a very good configuration; can be selected 2 controls or ips and different ports, by if fails some. Possibility to configure data of conexion, places where copies, where is added to the registration, etc.
It bears Mutex, to avoid that different bots they be executed in a same pc, can change the mutex for control that bot should be executed.
Tambien permits to execute a paginates web upon being executed the bot.
-The weight of the bot complete is of~ 109Kb complete with all its tools and without compressing. It compressed weighs so alone~ 37Kb.



Maxima compatibility
ZombieM is compatible with the great mayoria of systems Windows: XP, View, 7 (seven), 2000, 98, ME, etc.
Does not it require privileges of administrator, functions perfectly in an account of User or Administrative.

Commands automaticos
ZombieM bot can send commands automaticos each specific time, to all the bots or simply to them selected (by countries, version, etc).
Tambien sends commands to the bots that are connected.



System of conexion and control of pcs
The pcs are connected directly the client of the ZombieM, or by means of a proxy (bearing a grudge ZM proxy) and simple commands are controlled by means of or by means of a board of tasks grafico of facil interpretacion.
It can be operated to all the pcs at the same time, or tambien can be operated of form segmented, by pies, version, state, ip, state, etc.



Estadisticas and logs
ZombieM generates logs of all the tasks carried out, guard all the data received, ips that enter, account pcs by countries, and a lot but ademas to count connections, disconnections by mistake or not, etc.
It can keep all in files. txt to revise subsequently and to compare them for obtain own conclusions.



Backup tecnico
If you need aid with the ZombieM do not doubt in contacting me, I helped you in which need.

And a lot but...
It selects bots automaticamente, filter of pcs by ips, exports all kinds of informacion in files. HTML, guard informacion, listens in 3 different ports at the same time, etc

You want to add him or to remove him something?
There is not problem, you contact me and we speak.

Legal notice
ZombieM was designed to use it alone in pcs with autorizacion of its respective owners. And it should not be used for end that can cause algun damage to some person or object. Therefore the author of the program neither nobody blames himself for evil use of this tool.

You buy
ZombieM bot 2,0 has a cost of CANCELED that they are paid by means of western union, with the purchase the ZombieM is included bot 2,0 complete without limit to use in any PC and 2 undetectable servants to the antivirus but acquaintances and but. Servants and clients can be used in infinite pcs.
If these it interested in the purchase sends a mail to ventas.tyv@gmail.com and I contacted you to the brevity, do not doubt in asking the questions that want.
The complete product is sent 1 I gave despues of to have received the money.

Price: SALES CANCELED
Middle of payment: Western union
Contact: ventas.tyv@gmail.com

SALES CANCELED





Source Undetector 0,1


//



Source Undetector is an aplicacion planned by mFmTGL to leave undetectable and to encrypt other applications planned in visual basic 6.



General characteristics:
Advanced Browsing: This permits us one more easy edition of sources, thanks to the intuitive menu seemed to that of Visual Basic located in the frame Browse Project
Syntax Publishing: Something that could not lack, tambien gives us more comfort due to that is similar to that of Visual Basic.
Beautiful Design: For comfort of the users a very pleasant design has done itself, with icons, images, buttons 3D, etc.
Update Checker: Optional, what causes is to verify if we desire if there is a new version.

Characteristics for indetectar by hand:
Scramble Code: An option that upsets the lineas. This is to do it with the statements API, since if itself does not have experience and is carried out in a code the program can remain not functional. (Use: Selecting Lineas --> Click Right --> Scramble Line Order)
Complex Code: To my opinion the best function of all, the Complex Code. What does this option is to do "RIT" with each one of the lineas they selected thanks to the function GOTO. It adds also Junk Code to be jumped the heuristics. (Use: Selecting Lineas --> Click Right --> Complex Code (Goto' s))
String to Chr: What does this function is to transform characters the string selected, is to be jumped the detection of Strings of some antivirus. (Use: Selecting the string since the "to the other" --> Click Right --> String to CHR)
String to be Reviewed: Similar to the alone, upper function that passes the string to the Revs and then by the funcion StrReverse returns it to original state. (Use: Selecting the string since the "to the other" --> Click Right --> String to be Reviewed)
Encrypt String: What does this function is to encrypt the string with Xor with a key to election. (Use: Selecting the string since the "to the other" --> Click Right --> Encrypt String --> to Select Key --> to Accept. Later add in some module the function XOR doing click right and touching Add Xor Function)
Add Junk Code: This function adds code trash in a part of the code desired. (Use: The cursor in a linea blank where is put was inserted the code trash, is done click in her and then click right --> Add Junk Code)

Characteristics to locate firms:
Comment Line: This option what causes is to comment the lineas desired, that is to say, that upon compiling the project this code not basket placed in the binary one. Though not the function function that itself comment, serves to locate the firm. (Use: Selecting lineas desired since the principle --> Click Right --> Comment Line).
UnComment Line: This does exactly it opponent to the upper thing, descomenta the lineas selected. (Use: Selecting lineas desired since the principle --> Click Right --> UnComment Line).

Characteristics for indetectar (Semiautomatic Processes for ALL the project)
Crypt all strings: Very but very useful. What causes is to encrypt ALL THE STRINGS of the project permitting to select the key. Does not it encrypt API' s, this facilitates that is not needed verification but an automatic process is done. (Use: Click in Crypt all strings --> to Select the Key --> Click in Re-Encrypt Strings --> Click in Confirm)
Be reviewed all strings: Similar to the alone, upper function that passes the string to the Revs and then by the funcion StrReverse returns it to original state. (Use: Click in being Reviewed all strings --> Click in Confirm)
All Strings to Char: What does this function is to transform characters all the strings, is to be jumped the detection of Strings of some antivirus. (Use: Click in All strings to Char --> Confirm)
Randomize Function Names: Is also of the functions that more i they like. What causes is to change the name of ALL the functions. It NOTES: Not of the SUBS. (Use: Click in Randomize Function Names --> Confirm)
Add Modulate: I like a lot also, adds modulos to the project.
Add Class Modulate: It does the same thing that that of up, alone that adds Modules of class.


It notes: is asked the please contribute suggestions and to report the bugs that be found.
For the correct use of the application is needed to register the ocx. Carry out to register the ocx that come inside the folder OCX.
Any doubt on this to notify.
In it personnel bearing a grudge to create in its disk a called folder OCX and there to move the content and to execute the register.exe and clickear the boton of Register.

Source Undetector 0,1 (rapidshare)
Source Undetector 0,1 (megaupload)
pass: troyanosyvirus. com. ar





Trojan Lost door v 4,0 For


//



Today I gave salio the new one version of the Lost door, the v4.0 for, a Trojan with many tools.
In this new one version I am added a spread MSN automatico, obtains the active window, I improve themselves the GUI, and "they say" that I improve themselves the stability.



The Trojan is characterized for his 3 spreads, P2P, MSN, and USB. His GUI is very simple and ademas this in Spanish, asi that deberia to be facil to utilize it.



Caracteristicas official:
[+] To be Reviewed Connection
[+] Webcam Shot
[+] You Give you& swindle Manger
[+] printer
[+] Control pannel
[+] Pc control
[+] Exucutor
[+] Two command
[+] Windows manager
[+] Screen Shot
[+] Remote server manager
[+] Server to remove
[+] Ip Graber
[+] Server Downloader
[+] Icon Changer
[+] Audio Streaming
[+] Encrypt Settings
[+] Volume Control
[+] Connection Logs
[+] Instaled Appliction
[+] Infect All USB
[+] P2P Spreading
[+] Msn Spreading
[+] Multilanguage
[+] Services Viewer
[+] Remote passwords
[+] MSN Controler
[+] Remote Shell
[+] Chat with server
[+] Send fake messages
[+] files manager
[+] Find files
[+] Change remote screen resolution
[+] Information about remote computer
[+] Clipboard manager
[+] IE options
[+] Running Process
[+] Troyanosyvirus. com. ar
[+] Online keylogger
[+] Offline keylogger
[+] Fun Menu
[+] Remote Nat viewer
[+] Rmote Resotr Manager
[+] Added Some Graphics
[+] Some minor Bugs fixed
[+] Some Forms there you Are Been Modified
[+] News Navigator was Added
[+] Invisible in Searching Files
[+] Server Size (120kb)



¿My opionion?
A very complete Trojan in functions and tools, but little stable and sure, ademas does not function well in Windows view, it recomendaria alone as secondary Trojan.

It unloads
Lost door v 4,0 For (rapidshare)
Lost door v 4,0 For (megaupload)
pass: troyanosyvirus. com. ar








Creacion of worms in VB by Hendrix


//



This it is a paper created by Hendrix for April black 2006 of the forum elhacker.net, in the manual is explained the concepts basicos to create a worm in visual basic 6, this very well explained, above all for the ones that recien they are initiated with the programacion.

Indicate
1. Things basicas of a good one Malware
2. Complicating the desinfeccion of the Worm
3. Propagacion by networks P2P
4. Propagacion by MSN
5. Encriptacion Anti-Huristica of the AV' s
6. You sign in the PC
7. Propagacion by e-mail (this even I have to learn it)
8. Infeccion of files. exe and files. rar
9. Sorpresitas in the code of the Worm

In the manual is a matter of explaining the principle of operation basico, but if they want that the worm function to the 100% one must improve the codigo a little, for example using variables of system, keeping in mind that not all the pcs have as language Spanish, one must do it compatible with Windows view, etc.
Tambien recomendaria to change the propagacion by MSN, using the Messenger API Type Library, with this tendria that to function well in all the pcs with Windows and msn live today in I gave. In THIS LINK they can see examples of the use of this api.
In short, they can improve him themselves muchisimas things, even to add him other metodos of propagacion as can be for USB, or by LAN that are very popular today in I gave.

It unloads
Creacion of worms in VB (rapidshare)
Creacion of worms in VB (megaupload)

Any doubt they comment it, and tell me if he likes this type of contribute.





Jodedor 5X1


//



Today salio a new tool of m3m0_11, the Jodedor 5x1, call 5x1, by the 5 tools that possesses in an alone one. Is a Crypter, joiner, downloader, packer.
Each one of its tools is quite complete in functions, for example in the binder permits to select where to extract, the metodo of ejecucion (permits to be injected in a process), time of wait, etc.
The 4 stubs are undetectable and they have a relatively small weight that patrols by the 11kb approximately.



The Jodedor 5x1 possesses the following tools:
Crypter: It encrypts files to protect it and to leave them undetectable.
Joiner: Joins 2 or but files in an unico file.
Downloader: It unloads one or but files and subsequently executes them.
EOF writter: It adds EOF to the file.
Packer: It compresses the file.




Upon I giving of today is undetectable, that last some you gave at least!

It unloads
Jodedor 5X1 v0.1 (rapidshare)
Jodedor 5X1 v0.1 (megaupload)

Control codejock (necessary)

pass: troyanosyvirus. com. ar

Pair by the web of the author: www.jodedorsoftware.tk




SYN Flood Two



//


SYN Flood Two is a program created by defc0n1 to do Denials of service by means of flood of packages SYN. These packages SYN are petitions of connection, and they have IPs of false origin for which the connection never is carried out and remains to the wait. When thousands of petitions have been sent the servant remains paralyzed and he does not accept new connections.



Caracteristicas
- He Is a lot but effective when attacks since various points are done (DDoS)
- Upon having thousands of alone and false from IPs connection intents to have several true (those of the assailants) is very complicated that the IDS or the Administrator of the system can locate the real assailants.
- This it based on Nmap with the use of Decoys
- It Sends 115 SYN by each Scaneo, that is to say, approximately each second middle depending on the power of the computer and of the network.

Way of use
1- It Opens the program, and wait to that this loaded one of the all (delays a little because contains Nmap complete, and has to decompress and to charge all the files)
2- If it is the first time that you open it and do not have WinPcap installed will leave you the following notice:

((WARNING! It seems that you have not installed WinPcap. Its neccesary to run the Two, gave you want to install it now? And/N:))


We put AND, we give to enter and we install it
If you have it already installed give him to N and continuous
3- it says You that introduce the Target (objective), therefore put the IP (for example 192.168.1.1) or the DNS (http://www.sgae.es/) that want to attack.
4- you have to put the port to attack. If it is a Web is the Http (80), but if you want to attack another service as FTP (21) or Telnet (23) tendras that to put its port. Evidently, the port has to be open and to it listens.
5- When it put "DoSing the target; -)" and down the escaneos leave of Nmap constantly, already these attacking to it kills

Text written by the author defc0n1



The program should be used alone to test their own servants or networks, these attacks can be avoided.
Bearing a grudge to seek informacion on this type of two, they can see in wikipedia the operation basico: in Spanish or in English but but I specify.

It unloads
SYN Flood Two (rapidshare)
SYN Flood Two (megaupload)
pass: troyanosyvirus. com. ar

تطوير : مدونة حكمات