tag archive 'sourcecode'

The new code that extracts the Firefox account data out of the SQLite database is more or less done. If everything goes well I’ll upload the new sourcecode tonight (Swiss time) in a new version of the FFPasswordRecovery tool. During spring I plan to conduct some tests with the SkypeTap plugin and other instant messengers. [...]

read full post »

FBI RAT source code.

      Name FBI RAT   Type RAT     Author Albinoskunk     Written in C     Description After calling for your submissions this is the first RAT source that reached me. It was coded by Albinoskunk. The source is based on Aryan v0.5, it was improved at some places and contains [...]

read full post »

      Name Win32/Blaster/Worm (Lovsan, Lovesan)   Type Spreader, Worm     Author Unknown     Written in C     Description This worm was very active in 2003. It spreaded via an RPC vulnerability and executed a DoS attack on a specific date. It’s a well structured code, easy to read and understand. [...]

read full post »

      Name Win32/ogw0rm   Type Spreader, Worm     Author Unknown     Written in C     Description Ogw0rm is a good example how malware propagates itself via Instant Messaging apps. It checks the process list for running IM applications and propagates itself by sending messages to new victims. It shows how [...]

read full post »

      Name Win32/Rbot   Malware type RAT, Worm     Author Unknown     Written in C     Description Rbot is an IRC controlled backdoor (or “bot”) that can be used to gain unauthorized access to a victim’s machine. It can also exhibit worm-like functionality by exploiting weak passwords on administrative shares [...]

read full post »

Below, you can find a link to the example source code to bypass a desktop firewall with the OLE Automation technique. The principle is to start a hidden instance of the Internet Explorer and to control it via the OLE Automation technique. ole_automation.cpp

read full post »

Below, you can find a link to the source code with the function(s) to make a binary delete itself. Under Microsoft Windows it’s not possible to make an executable delete itself. That’s the reason why the function first creates a batch script that deletes the binary file and afterwards itself. panzer_selfdelete.cpp

read full post »

Below, you can find a link to the source code with the function(s) to add and remove entries in the Windows hosts file. panzer_modifyhostsfile.cpp

read full post »

Below, you can find a link to the source code with the function(s) to modify the DNS server settings on a Windows system. panzer_setdnsserver.cpp

read full post »