h2oh4x!
-
Posts
32 -
Joined
-
Last visited
-
Days Won
1
Posts posted by h2oh4x!
-
-
I see what I was misunderstanding, I thought the divided value had something to do with the char. I understand what I did wrong now.
Glad I could help. By the way we are not dividing the absolute position we are using the Modulus calculation which is not the same.
% = Modulus or Mod
/ or รท = Divide
h2oh4x!
-
Can someone explain the layout of the file for me? Like there obviously cannot be characters stored in any of the first 400 bytes. I got some logs that I collected but am having trouble understanding this concept.
As an example
608 % 4 = 152 , % = 0
152, %=0 is the char "
All chars with the value of 152, or 0x98 would be "
Is that right?
Hi and welcome to hak5 forums. Im not quite sure what you mean by your question and I dont know what makes you think the first 400 bytes does not store any characters as this is incorrect, however I have created a tutorial explaining exactly how to use this key table, I hope that you find it helpful :)
h2oh4x!
Tutorial link: http://www.4shared.com/file/216272639/56f4...kdatabin_t.html
-
Hey guys heres the new version 0.2. This has the new algorithm for 7.4.1.4.
Please leave feedback :D
@pinkhathackers
As I do not have 7.4.1.4 could you send me an example lskdata.bin file so that I can test it please? Thanks :D
Screenshot:
Download Link: http://www.4shared.com/file/213882398/ac24...ryptor_v02.html PASS: hak5.h2oh4x
Have fun!
h2oh4x
-
Hey x-quisite I am running on Win XP and I haven't tested on Windows 7 so yes it will probably be because you are using Windows 7. As PinkHatHackers suggested try using XP mode that should work.
As for the new table for 7.4.1.4 I will add it to my program asap. Thanks PinkHatHackers for releasing it! :D
h2oh4x!
-
Hey guys. I have decided to release my LanSchool Keylogger decryptor! :)
Screenshot:
Again thank you PinkHatHackers for providing a decryption table it was very informative :) I would be happy to integrate the new decryption table for newer versions if you wish to release that.
PS: As this is a very early version of the program it is possible that you might find a few bugs if you do please post them here as I want to get it as reliable as possible.
Oh yeah any feedback would be much appreciated whether its about the GUI or maybe just a new improvement post it here! ;)
DOWNLOAD LINK: http://www.4shared.com/file/213148961/d2b5...ryptor_v01.html
PASSWORD: hak5.h2oh4x
Have Fun!
h2oh4x!
-
Good news guys. Ive successfully created a program which allows the contents of these files to be decrypted. I will upload asap im just making the final tweaks. ;)
Oh and a big thanks to PinkHatHackers for providing the decryption table and making all of this possible!
-
Most people who want to disable LanSchool will not have Admin rights on the machine or they wouldnt even have LanSchool on it lol. So deleting the files from C:\Program Files is out of the question. Not to mention that that would not work while LanSchol is running as Student.exe would be running locking the permissions to the file.
-
I have tried contacting PinkHatHackers about how to do this but I have not yet recieved a reply. As I am waiting would anybody who understands these instructions please tell me how to use it lol :) I know I sound like an idiot asking this but its getting me really frustrated :D
Thanks in advance! ;)
-
Hey x-quisite ive made a LanSchool disabler based on Lyzons LanSchool Manager it disables the software easily just click kill.
P.S To my knowledge this will not work on version 7.4 or above however i have tried it up to version 7.2 and it works fine. Also this was programmed in Visual Studio 2008 so it requires .net framework. Have fun ;)
-
Ive never been good at cryptography so I aint gotta clue how this works please would you give more clear instructions with the table? maybe im opening the file wrong I have tried notepad thats just useless and ive tried a hex editor... still useless lol? But by the way I am very impressed with this well done! ;)
-
protected processes cant be paused/suspended
Yes they can if you have admin privileges.
-
Definately ImgBurn ftw! :D
-
Oh yeh and btw do you really think I would just come here and post askin for help without trying to do it myself and having already searched google? If you do then you are wrong because I am not likely to post requests like that making me look n00bish just because I "cba" to search google ;)
-
Attitude like what? I was laughing along with him because of the link that he sent me.
-
Fuck you lmao
-
Ok guys I appriciate your humor but there has still been no real help apart from telling me to compile in *nix. Please can someone go into a little more detail than "this needs to be compiled in *nix" like what compiler in *nix should I use which version of *nix do you recommend?
Thanks alot.
-
OK Heres the errors:
--------------------Configuration: 432 - Win32 Debug--------------------
Compiling...
XxNativeFunctions.c
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(3) : error C2061: syntax error : identifier 'XxGetOSVersion'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(3) : error C2059: syntax error : ';'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(4) : error C2146: syntax error : missing ')' before identifier 'ULONG'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(4) : error C2061: syntax error : identifier 'ULONG'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(5) : error C2146: syntax error : missing ';' before identifier 'ULONG'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(5) : error C2143: syntax error : missing '{' before '*'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(6) : error C2146: syntax error : missing ';' before identifier 'USHORT'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(6) : error C2143: syntax error : missing '{' before '*'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(6) : error C2059: syntax error : ')'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(7) : error C2054: expected '(' to follow 'OSBuildNumber'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(30) : error C2061: syntax error : identifier 'XxAdjustPrivileges'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(30) : error C2059: syntax error : ';'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(31) : error C2146: syntax error : missing ')' before identifier 'ULONG'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(31) : error C2061: syntax error : identifier 'ULONG'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(31) : error C2059: syntax error : ')'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(32) : error C2054: expected '(' to follow 'Privilege'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(81) : error C2061: syntax error : identifier 'XxGetProcessHandle'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(81) : error C2059: syntax error : ';'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(82) : error C2146: syntax error : missing ')' before identifier 'PWCHAR'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(82) : error C2061: syntax error : identifier 'PWCHAR'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(83) : error C2146: syntax error : missing ';' before identifier 'HANDLE'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(83) : error C2143: syntax error : missing '{' before '*'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(84) : error C2146: syntax error : missing ';' before identifier 'HANDLE'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(84) : error C2143: syntax error : missing '{' before '*'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(84) : error C2059: syntax error : ')'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(85) : error C2054: expected '(' to follow 'UniqueProcess'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(208) : error C2061: syntax error : identifier 'XxDuplicateHandle'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(208) : error C2059: syntax error : ';'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(209) : error C2146: syntax error : missing ')' before identifier 'HANDLE'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(209) : error C2061: syntax error : identifier 'HANDLE'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(210) : error C2146: syntax error : missing ';' before identifier 'HANDLE'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(210) : error C2061: syntax error : identifier 'SourceProcessHandle'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(210) : error C2059: syntax error : ';'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(210) : error C2059: syntax error : ','
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(213) : error C2059: syntax error : ')'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(403) : error C2061: syntax error : identifier 'XxCreateThread'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(403) : error C2059: syntax error : ';'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(404) : error C2146: syntax error : missing ')' before identifier 'HANDLE'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(404) : error C2061: syntax error : identifier 'HANDLE'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(405) : error C2146: syntax error : missing ';' before identifier 'HANDLE'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(405) : error C2143: syntax error : missing '{' before '*'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(406) : error C2146: syntax error : missing ';' before identifier 'HANDLE'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(406) : error C2061: syntax error : identifier 'ProcessHandle'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(406) : error C2059: syntax error : ';'
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(406) : error C2059: syntax error : ','
C:\Documents and Settings\Administrator\Desktop\Exploit\XxNativeFunctions.c(409) : error C2059: syntax error : ')'
Error executing cl.exe.
432.exe - 46 error(s), 0 warning(s)
-
Erm I dno? Im getting about 42 errors lol.
Please can somebody compile it for me and tell me exactly how they did it?
Thanks alot!
-
Hey guys wats up. This is prolly a real real n00by question but I would greatly apprieciate it if somebody would tell me how to compile the following milw0rm exploit:
http://www.milw0rm.com/exploits/9301
Its the new Microsoft Windows XP (win32k.sys) Local Privilege Escalation Exploit
Basicly what happens is I put all of the files into VC++ 6.0 and when I try to compile the .exe it gives me errors and stuff. Will somebody be kind and compile it for me or tell me how to get it working?
Any help much appreciated thanks! ;)
-
Jesus christ kid... do you not check your email?
It would appear not :) Oh well its not a problem for me anyway cuz i dont use the same password everywhere :) It was just strange that they put all that in my signature and made my display picture a dead face lol.
-
yeh i have.. but what was all that about tho?
-
Im gonna delete my signature now when was this announced i never realised
-
I loged into my hak5 account today to find my signature is now a list of peoples accounts and passwords? including mine lol wtf? BTW i changed mine tho.
-
he did you guys thought of cleaning the whole .exe program with vba,vb or vbs. you can let your program check if the paths exists and than open the .exe and let it type something like "lol you just got hacked". then on next startup delete registery values and make a virus downloader. code looks like this.
MyFile = "C:\Program files\kaspersky 2009" & "kaspersky.exe"
fnum = FreeFile()
Open MyFile For Output As fnum
Print #fnum, "this doesn't work anymore"
Close #fnum
and before this code you could run a check code to check of the path exists.
no i am going back to gaming bye bye
Lol hows that gonna work when kaspersky.exe is already running?
By the way guys maybe look into ZwTerminateProcess? It should be able to close any process whenever you want :)
LanSchool Keylogger Vulnerability
in Security
Posted
Which formatting are you refering to? Are you refering to gaps which separate log entries like this:
Application: blabla.exe
Time: 11:11
fdksfjdajskljflk
Application: blabla.exe