Earthnuker
-
Posts
9 -
Joined
-
Last visited
Posts posted by Earthnuker
-
-
1. i just ran a modified version of my backdoor through Virustotal and it got a detection ratio of 1/45 (modified because Virustotal redistributes samples :P )
https://www.virustot...sis/1355243778/
2. I'm don't have any malicious intents, i just want to see if it would be possible
-Earthnuker
-
Hey everyone,
i am currently writing a backdoor in Autoit3 and i was wondering if it would be possible to execute shellcode using Dll-Calls
this is the sourcecode of my test file: http://pastebin.com/3bXdBjC3
but it doesn't work
if anyone has an ide what might be wrong please reply
-Earthnuker
-
Hi everyone,
some weeks ago a friend of mine told me that he wanted to write a program similar to metasploit's meterpreter, but in Delphi
so i picked the idea up and told him I'd try to do it in python since I'm quite good with python
after a few days of work i had the first prototype up and running and continued to work on it and fix bugs
so now i present to you:
Project Infinity: Ragnarok backdoor 0.3b
Features:
-bind and reverse mode
-can be easily compiled with pyinstaller or py2exe
-no additional python modules required
-easily extensible
-password protected access
-undetected by AV
-can execute shellcode without writing to disk
-can delete itself from disk
-doesn't need an external client(yet), you can connect using netcat
-can execute python snippets on the fly
-file up and download(download writes hex'd file to socket)
ToDo:
-make it run on windows without crashing
-implement encrypted communication and write a client program
-add an option to define functions on the fly
if you have questions or ideas feel free to post them
-
yeah, i think it should be possible, at the moment i'm working on a python script that takes raw metasploit payloads/shellcode and wraps them into an autohotkeys script , i think i could edit it to work for the usb rubber ducky, too
if you want technical details about the script feel free to ask
-
yeah, the title pretty much says it,
is it possible to convert and exe file to shellcode that can be run in memory/inserted into a metasploit executable template?
here's he python code i use to load and run the shellcode
WARNING! IT CAN CRASH YOUR SYSTEM ( 64-bit ) ONLY WORKS ON 32-bit:
from ctypes import * #load ctypes module import sys,binascii # import binascii to decode shellcode o=open(sys.argv[1],"r") # open file to read encoded shellcode from shellcode=binascii.unhexlify(o.read()) # write decoded shellcode to variable cast(create_string_buffer(shellcode, len(shellcode)), CFUNCTYPE(c_void_p))() # run it
now i want to use an exe file as payload to run it from RAM
here's the code of the encoder:
import sys,binascii i=open(sys.argv[1],"rb") o=open(sys.argv[1]+".hex","w") o.write(binascii.hexlify(i.read()))
the problem is when i feed it an encoded exe file it won't work:
C:\Dokumente und Einstellungen\User\Desktop>test.py out.txt Traceback (most recent call last): File "C:\Dokumente und Einstellungen\User\Desktop\test.py", line 5, in <module> cast(create_string_buffer(shellcode, len(shellcode)), CFUNCTYPE(c_void_p))() WindowsError: exception: access violation writing 0x00001101i also checked if it was possible to use metasploit to convert an exe to shellcode, but i didn't find anything :(
so i'd like to convert the exe to "real" shellcode that can be run from RAM
any ideas?
-
hey evryone
i wrote a multi hash cracker in python and thought i'd share it with you guys :)
features:
-can crack md5,sha1,sha224,sha256,sha384 and sha512
-dynamically changes charset while bruteforcing(faster in some cases)
-can do rounds e.g. md5(md5('test'))
-wordlist and bruteforce support
-automatically does bruteforce when wordlist fails
-autodetects hash-type
-multi rounds support (first hash pw with 1 round, then check against hash, then with 2 rounds, etc...)
-maximum password lenghth with bruteforce is 20
-cross platform, only needs python 2.7
-written by me and my brother(mostly by me)
planned features:
-multithreading
-
In my hakpack is (depending on where i'm going):
asus eeepc with backtrack4 R2
asus laptop wiht win7
Alfa USB-wlan adapter + 2m piggytail+ big antenna+small antenna :D
usb-mouse
headset
ethernet cable
and in my pockets i have:
16GB usbstick with live linux
1TB samsung S2 external HDD with/for backups
archos 3 vision 8gb mp3 player with lots of music(mostly metal)
senheiser earbuds(currently broken)
gp2x caanoo game console(also broken)
wallet+keys
-
Hi everyone
Name: Daniel aka Earthnuker
Fav. Game: minecraft :P
Fav. OS: Linux and Windows
Nationallity: German
Sex: male
Fav. Band: everything that's Metal \m/, Buckethead
Hobbies: listening to music,programming,chatting,minecraft...
Languages:German,English,Spanish(not so good),Python
if you have question just ask me :)
[Python] XOR stream cipher
in Applications & Coding
Posted
hey everyone,
last weekend i started learning assembler for writing shellcode encoders (and shellcode itself)
at the moment i'm trying to write an XOR based stream encoder (kinda like RC4 but much simpler)
the prototype is written in python and it's supposed to work as follows:
encoding:
1. take IV xor with first block of data to encode, store result in array
2. take last block from array xor with next block of data, append result to array
3. repeat step 2 until end of data
decoding:
1. take IV xor with first block of encoded data , store result
2. take result xor with next block of data, store result
3. repeat step 2 until end of data
http://pastebin.com/X9TKcLMm this is the source code
"test" is the IV
and "targets" is the data to encode
now my problem is that the decoding function is not working as intended, it fails to properly decode the encoded data
anyone got an idea where the error might be?
Thanks in advance,
Earthnuker