Jump to content


Active Members
  • Content Count

  • Joined

  • Last visited

About thecreator

  • Rank
    Hak5 Fan

Recent Profile Visitors

794 profile views
  1. The only rules in the internet are the RFC's (and not even hehe)
  2. Tru say. Well anyways the fact remains that their/there/theyre irc server can't contact my port 113
  3. My university blocks all incoming connection (because of NAT) so I guess that is the problem.
  4. I would like to do that stuff that Steve @ grc did. Everytime i join the #ubuntu channel (for example) i get kicked+banned. Like automatically. So i think they are doing a "VERSION" check and if client-x dosnt have a particular version reply then they get kickbanned. So i tried /ctcp evilbot VERSION on one of the bots but they dont reply to my version request so i have no clue. Once i can figure out what criteria they are using to ban i can get around it...then just chill in the channel and log. I know with some bot programs you have to message the bot ".login my_password" before you can u
  5. sorry about being such a dick before... ya i tried reading intels documentation but i was confused. I also tried reading other links from the ##asm channel with no luck. so i decided that i would do a binary edit on the D3EEBF83 value to see how it affected that address that it would be jumped to. the magic formula when using the E9 instruction turns out to be: 0xffffffff - current_address- 4 + dest_address we do this because we can ONLY JMP forward. So to jump backward we pass a large enough number to overflow the value and go back to 0 the -4 is there because a whole JMP instructio
  6. And I quote: "The only thing I understand is that E9 is the 'JMP rel32' instruction". Meaning I dont need help understanding the E9 part I need to get the "D3EEBF83" part.
  7. Hi guys I'm sorry I'm such a noob and always have to ask these questions. I've been messing around with Olly Debugger to modify a programs execution flow. I want to be able to automate this process so I will need to understand this thing... I use a JMP instruction to go from the called function to mine. In ollydbg all i have to do is go to the function and enter "JMP 0040131A" and it will modify the memory accordingly for it to work. It turns out that in hex "JMP 0040131A" became "E9 D3EEBF83". I don't get how they get this. The only thing I understand is that E9 is the 'JMP rel32' ins
  8. Hey, I didnt do anything. I dont actually have the technical skills to do a botnet "takeover". I wish I did! If I did have those skills I wouldnt post what I found in the forums for other people to try to take it over too.
  9. I know on the hak5 zine there was interest in botnets and I'm sure some of the fans of the show may be interested in the topic also. I was just browsing some irc servers and i found irc.geekpanties.com ... when i do a /list i get #hakr 2 #help 1860 Geek Panties Support Channel - Public Network Services NickServ / ChanServ / HostServ / BotServ * 2 #chess 2 Geek Panties chess community where you can play chess, learn strategies and tactics. #girls 88 #politics 1717 History Politics and Phil
  10. nvm http://hak5.org/forums/index.php?showtopic...st&p=109267 has a nice list of AV's in the thread.
  11. Hey "Hacklings", I am trying to compile a list of antivirus and firewall "exe names". I am willing to download the programs, install them, then note what executable are new in taskmanager but that seem like it will take too long. So I tried googeling for this but only lists of viruses or lists for the antivirus programs(without the exe names) came up. So I was wondering if anyone out there on/in the tubes has a list of these exe names... If this list cannot be found we could always make a list of our own. Ill start. My school laptop comes with F-Secure AV and Anti-spyware the exes that
  12. I like to use the ssh tunnel solution. The setup of putty for a socks5 proxy is easy. The server is the "hard" part. I would go over to irc.hackthisbox.org and ask for a shell #hackthisbox if you feel anxious about tunneling your traffic through that server there is a SICK deal at dreamhost...if you get a year off hosting and use the promo code "MAX2009" the year only comes out to 20 something dollars. And you can get shell access with that. Hopes this helps. theCreator3
  13. Ok, so I had a test app that I got from codeproject.com that uses raw sockets. Dosn't work in XP but works in my windows server 2003 VM. So I thought of copying the server 2003 dlls (mswsock.dll, ws2_32.dll, ws2help.dll and wshtcpip.dll) to my xp box. I did this but had no luck. I think I'm going to go with the driver idea. It would have been a lot easier with raw sockets than writing a NDIS driver (ive never used NDIS). Thanks for the suggestions :) Julzmb
  14. Thats why i said _MY_ code needs to only be userland. I want to use raw sockets in windows, which is only userland code.
  • Create New...