Tools & sources
Jan 28th, 2009 by carrumba
In this section you find a collection of tools with its source codes ready to download. The tools generally are related to the two trojan horses Minipanzer and Megapanzer (which you find at the bottom of this section) to footprint a system, collect sensitive data, malware slef defense mechanisms and so on.
All sourcecode is available under the GPL so please do whatever legal stuff you want with it but keep the source open.
In case you find bugs, know a better way how to solve a specific problem I solved with one of my tools, you have an opinion, criticism or any kind of feedback, drop me a message.
Browser
| IEBrowserHistory | |||
| IEBrowserFavorites | binary | | source | |
| FFLogDump | |||
| Unsecurity.php | |||
Security
| Firewall bypassing – FWB | |||
| Firewall bypassing – FWB++ | |||
| IEPasswordRecovery | |||
| FFPasswordRecovery | |||
| TCPSniffer | |||
Crypto
| RC4Encryption |
System
| HandleProcesses | |||
| HandleServices | |||
| Slumber | |||
| ShutDown |
Uncategorized tools
| Keylogger (hook) | |||
| Keylogger2 (raw input) | |||
| PrintScreen | |||
| CollectVictimInformation | |||
| DropzoneSMTP | |||
| DropperStub | |||
| SecureDelete | |||
| SelfDelete | |||
| Skype4LogAnalyzer | |||
| SkypeDLLInjector | |||
| Text2Speech | |||
| WebCamStillImage | |||
| WhoIsLoggedIn | |||
| WhoIs |
A Superintendent trojan/Bundestrojan variant
Jul 14th, 2009 by carrumba |
| This trojan horse is a Megapanzer variant in its ealiest days branched in 2006. First Megapanzers purpose was to connect back to its client through all kind of firewalls and proxy servers and offering an attacker a simple command shell. The feature eavesdropping Skype conversations was added a little later and after proving its feasibility it became the new main focus. It injects function calls into the Skype process to intercept all audio data coming and going to the Skype process. It extracts the PCM audio data, converts it to MP3 and sends it to the attacker after encrypting it. |
|||
| SkypeTrojan | source | ||
| SkypeTap plugin | (Aug. 2009) | source | |
| (Dez. 2009) | source | ||
| SkypeTap loader | binary | | source | |
| SkypeTrojan Rootkit | source | ||
| Pictures |
 
|
||
  
|
|||
SafeSide
Aug 14th, 2009 by carrumba |
| An attempt to combat malware. Tool will be published soon. | |||
Minipanzer trojan
Jul 13th, 2009 by carrumba |
| Minipanzer is a trojan horse that disguises as any kind of file type and when executed on a victims system it collects all sensitive data like account information etc. and sends it to an email address owned by the attacker. It is a one-shot-trojan. It doesn’t install on a target system but only executes its payload and removes itself afterwards. | |||
| Minipanzer 0.1 | binary | | source | |
| Minipanzer 0.1 video | |||
Megapanzer trojan
Jan 28th, 2009 by carrumba |
| Megapanzer is a trojan horse that disguises as any kind of file type and when executed on a victims system it installs itself that way it is started automatically after each reboot. Once the trojan is started it connects back to its client to receive further instructions. Megapanzer is programmed that way the owner can send his orders manually or via script containing all commands to execute as soon as a victim system establishes a reverse connection.
Megapanzers main purpose is extracting sensitive information (like username and passwords) from a victim system and SSL Man-in-the-middle-attacks for browser based ebanking sessions. Also the regular features you know from other RAT’s like a remote command line, process and service handling etc. are supported but are rather secondary. Watch the video bellow if you are curious and want to see how Megapanzer takes over an ebanking session via an MITM attack. |
|||
| Megapanzer 0.1 video |
|
||
| Screenshots |  |
 |
 |
