alexthedrifter Posted November 30, 2008 Share Posted November 30, 2008 I mean does it email it to you or next time its plugged in it copys it or what? Quote Link to comment Share on other sites More sharing options...
DingleBerries Posted November 30, 2008 Author Share Posted November 30, 2008 No non of that, you are going to either have to transfer it via telnet of install a mailer.. haven't really gotten that far. The keylogger source isnt available, Im kinda of wary of releasing it. Quote Link to comment Share on other sites More sharing options...
DMilton Posted December 4, 2008 Share Posted December 4, 2008 System.exe detected by NOD32 antivirus as NewHeur_PE (Virus)... When downloading the .rar. With the payload.exe, I get another advice with b2e.dll as Win32/Qhost.NFV (Trojan) with NOD32. Is the b2e.dll part of the backdoor? I think the payload.exe does the payload.bat stuff with the AdminGroup variable given by 1.vbs, installing all the keylogger and backdoor, opening ports, adding reg keys, etc...? Are all the needed programs packed in the payload.exe? The medicine continues going wrong with not conventional paths, It can be done by using a similar way as for installing the payload. I like the easy and effective way the keylogger works but it doesn't work with combination of [ALT]. When a combination is pressed (as [CTRL]+something) the [CTRL] is printed many times... I assume no clicks are saved to the keylogger log... I will be testing some of the functionalities in a few days. Too many things? Good job and many thanks for the credits! Quote Link to comment Share on other sites More sharing options...
DingleBerries Posted December 4, 2008 Author Share Posted December 4, 2008 I think the whole bat to exe is whats doing it, so thats not going to work.. I just had a chance to try this out on a computer, and i was only able to get it to work it it was in a folder on the desk top.. so ill get some time and work on that part :/ Quote Link to comment Share on other sites More sharing options...
DMilton Posted December 5, 2008 Share Posted December 5, 2008 I think the whole bat to exe is whats doing it, so thats not going to work.. I just had a chance to try this out on a computer, and i was only able to get it to work it it was in a folder on the desk top.. so ill get some time and work on that part :/ I feel you didn't understand me (sorry, probabily it's my poor english). The question was if the payload.exe is a compilation of all the needed files (included keylogger and backdoor) or if payload.exe needs the batches, the 1.vbs and the other exes to go? Quote Link to comment Share on other sites More sharing options...
DingleBerries Posted December 5, 2008 Author Share Posted December 5, 2008 yeah "payload.exe" is just the bats. So you run the vbs, which runs payload.exe, which does its bat thing, and copies the keylogger and BD from the same directory.. Sorry should have included that in the readme. Quote Link to comment Share on other sites More sharing options...
DMilton Posted December 5, 2008 Share Posted December 5, 2008 Then I will be testing the reason of not running almost it is in a desktop folder. The code seems to be ok, but... Hummm.... :Edit Issues with Telnet: By the way, there's some problems with the Telnet Service. The TlntSvr doesn't start with sc config TlntSvr start= boot but with sc config TlntSvr start= auto In other hand, Telnet Service is disabled with XP SP2 and we can launch it but is not available in XP Home. Then we must to check what OS we have to do the task or creating the entire service to use correctly (can do it by vbs). Another thing to check for assure the service start is that TlntSvr is installed in the machine. For doing so, we can check for the correct branch in reg (HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr) and operate accordingly with adding the service or not. It only will take a few lines to check it and if is not installed, we can add easily the needed keys to the registry with the batch or the vbs to operate the Service correctly. Before of enabling the Telnet Service, I think is better option to stop the NtLmSsp Service (NT LM Security Support Provider) before enabling telnet. net stop NtLmSsp The final code would be... tlntsvr /service net stop NtLmSsp sc config TlntSvr start= auto But definitively, Telnet has problems in Windows XPSP2... What about using nc? Quote Link to comment Share on other sites More sharing options...
Infinity0 Posted December 14, 2008 Share Posted December 14, 2008 One quick question. What are you using to convert the batch file to an executable? Quote Link to comment Share on other sites More sharing options...
alexthedrifter Posted December 19, 2008 Share Posted December 19, 2008 All links=down Quote Link to comment Share on other sites More sharing options...
Jen Posted December 23, 2008 Share Posted December 23, 2008 Any new updates on this project? Quote Link to comment Share on other sites More sharing options...
Deathknight93 Posted February 3, 2009 Share Posted February 3, 2009 Any News is this project down??? Quote Link to comment Share on other sites More sharing options...
DingleBerries Posted February 3, 2009 Author Share Posted February 3, 2009 yeah I reformatted and it deleted everything in my drop box. I have been playing with pod slurping a bit. These things are not by any means hard to make. If you can get a list together of things you want i will be more than happy to make it happen, with a little help from the community of course. Quote Link to comment Share on other sites More sharing options...
Jen Posted February 6, 2009 Share Posted February 6, 2009 So right now does the keylogger work and does the remote control work? Quote Link to comment Share on other sites More sharing options...
DingleBerries Posted February 6, 2009 Author Share Posted February 6, 2009 Keylogger works. Adding an account works, But i never got around to adding the vnc dll. Quote Link to comment Share on other sites More sharing options...
Jen Posted February 7, 2009 Share Posted February 7, 2009 how do we get the keylogger's logs? Quote Link to comment Share on other sites More sharing options...
DingleBerries Posted February 7, 2009 Author Share Posted February 7, 2009 In the Slurp thread below there is a new payload to slurp documents. You can modify ls's python to instead slurp just the keyloggers file. ATM i cant remember what the file name it, however putting it inside a empty folder and running it will produce a file, open that in note pad and there is your logtxt. Quote Link to comment Share on other sites More sharing options...
brfield Posted February 7, 2009 Share Posted February 7, 2009 Links are all still down. When will you have them back up? Quote Link to comment Share on other sites More sharing options...
DingleBerries Posted February 7, 2009 Author Share Posted February 7, 2009 Dont think I am. To me, payloads are meant for a specific systems so there is not always 1 payload that will get the job done. I may go about making another one when I get a bit of time, or money, but atm slurp is accomplishing many of my needs. If there is a specific payload that you need made just pm me. Depending on what coding is necessary the individual payload(special to each user) will be 20USD I may get together with a few members and start up another payload however this thread should be closed as I will not be reupping this or supporting this payload anymore. Quote Link to comment Share on other sites More sharing options...
DMilton Posted February 9, 2009 Share Posted February 9, 2009 Specific payload to an specific system? Hummm... I think that with the correct programming issues, It'll be factible to have one payload for all systems, the question is that you have to check many things before doing the work as os version, installation language, good checking of paths, checking for privileges, vulnerabilities, bypassing av, etc. It's why I was writting a new payload, of course Quote Link to comment Share on other sites More sharing options...
DingleBerries Posted February 9, 2009 Author Share Posted February 9, 2009 It's why I was writting a new payload, of course Well hopefully we can get together on this next release. pretty sick stuff in store. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.