Jump to content

High Explosive Payload

Spartain X

By Spartain X
in USB Hacks

 Share

Recommended Posts

VaKo Newbie

VaKo

Posted
Posted
Even if he posts the source code to the file, how do we know that the source is what matches the encrypted executable?

We don't, but we have a choice if we have the source.

I think it's good to post encrypted files since that's the only way around AV and it's the responsibility of the person downloading to load on a test box with FileMon, RegMon, TCPMon, Wireshark, Snort .. etc. to see if it's malicious. Surely no one expects a file they're downloading to hack other systems to not be coded in such a way that it gives the author a back door also. :)

Seriously, the USB hacks are attracting a boat load of traffic here, lots of people who won't have even heard of those programs, let along know how to use them. We're not saying this is a Bad Program, we're just saying that some of the mods are paranoid so you don't have to be.

I know other people have posted encrypted files before and no one has really complained about it.

No, we haven't done anything before. Lets just say we were lax.

I think someone needs to post HOW they're encrypting these files so we can all do it. I know there are a ton of howtos on bypassing AV by using a hex editor and IDApro (or was it Ollydbg). I know this kind of stuff takes a pretty in-depth knowledge of assembly, which I don't have.

Bingo, thats my main point. This as a damn cool hack, so why not use peoples desire to use this to encouraging them to start learning about coding.

Do a Google search for "Hexing your malware" and you'll find the article I'm referring to.

Will do.

Link to comment
Share on other sites
Spartain X Newbie

Spartain X

Posted
  • Author
Posted

i am all for open source and freedom of knowledge but spektormax does have some point, if his encrypting methods are publicly disclosed av's a re going to find a signature for it and soon the source code will be obsolete because of the fact it no longer has the ability to defect the av's. was wondering if there can be a compromise can be made, like details into how the packer works (no source code) or a trusted person can check the packer if it does anything malicious.

i would like to say again that i am for the sharing of source code and knowledge but there can be side affects as well, hope a compromise can happen, i mean isn't just sandboxing and logging all details of the program enough i.e. what burn said

the dource is the keylogger source, the encription is sadly a private packer. You are more than happy to sandbox it and test it, but unfrochunatly I cannot relise the packer as only liek 10 people have it
Link to comment
Share on other sites
moonlit Newbie

moonlit

Posted
Posted

I know for a fact that the packer he used is currently impossible to unpack.

It might be great for defeating AVs and protecting sensitive files from being decompiled and such but the problem is that it takes more effort to find out what a program packed this way actually does than most people are willing to put in to making sure they're about to run a safe application or tool.

This means that someone could in theory pack almost anything in to an almost perfectly packed exe and no-one would know. In a project like this with as many potential users as we have here, this could be disasterous.

Anyone who needs to know can find packers that do this just at the click of a button, those who don't need to know where to find this strength of packer don't need to know where to find it.

So in short; sure, encrypt and pack your exes 'till your heart's content but don't post them here because no-one knows what's in them.

Link to comment
Share on other sites
Spartain X Newbie

Spartain X

Posted
  • Author
Posted
I know for a fact that the packer he used is currently impossible to unpack.

It might be great for defeating AVs and protecting sensitive files from being decompiled and such but the problem is that it takes more effort to find out what a program packed this way actually does than most people are willing to put in to making sure they're about to run a safe application or tool.

This means that someone could in theory pack almost anything in to an almost perfectly packed exe and no-one would know. In a project like this with as many potential users as we have here, this could be disasterous.

Anyone who needs to know can find packers that do this just at the click of a button, those who don't need to know where to find this strength of packer don't need to know where to find it.

So in short; sure, encrypt and pack your exes 'till your heart's content but don't post them here because no-one knows what's in them.

i guess we could compromise and not post packed exes

and for the most part avkilll will do most of the work and stop av's picking up on what's being run again don't remove the link to the keylogger's source as anyone can easly see how itopperates

Link to comment
Share on other sites
spektormax Newbie

spektormax

Posted
Posted

heres a nice compromise, that solves everyones problem, skidies, packed exe's, and need to get over AV's; PM me if you want the packed secured, non avable exe, since I know every non skidde here prity much, I know who U can send it, and they will know its ben tested by other people and its safe, everyonecool with that?

Link to comment
Share on other sites
DLSS Newbie

DLSS

Posted
Posted
heres a nice compromise, that solves everyones problem, skidies, packed exe's, and need to get over AV's; PM me if you want the packed secured, non avable exe, since I know every non skidde here prity much, I know who U can send it, and they will know its ben tested by other people and its safe, everyonecool with that?
sure ...
Link to comment
Share on other sites
moonlit Newbie

moonlit

Posted
Posted
maybe I'm not understanding the problem, but why can't we get the programs that would be packed, and the packing program? This way we would be able to see that programs and make sure they are safe, and then pack them on our own?

That's what I was aiming for, but the objection to that is that the packer used might become a skiddie tool and due to its strength it's considered too much to let a skiddie get hold of.

Link to comment
Share on other sites
moonlit Newbie

moonlit

Posted
Posted

Well if you do get someone else to pack things for you then do so at your own risk. What you guys do via PM is none of our business but just try to act responsibly.

Think about it; if the packed exe you find on a forum somewhere is no different to a random packed exe from a member of that forum... do you trust either of them?

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...