brainkill Posted December 6, 2006 Share Posted December 6, 2006 After continued emails to my business account and more thought on the matter, i have decided to continue support on the Hacksaw. My colleague Spektormax has released script and working PoC to the self-replicating HS. Howeve, many of the files have began to be flagged by Antiviruses. Normally, this would not be a problem as i can recode the source if i have it or encrypt files to make them harded to diagnose, but the problem lays in the fact that too many files are being detected and the package would be bloated as a result to enormous size. I think the one ICBM (self-replicating) was nearly 30 megs, too big by anyones standards. This lead me to look for other potential ways of retrieving the information. Could we use nc reverse connect??? no, too dirty. Could i use ftp???? Sure, but where could i host an FTP for such purposes? Could I make it an IRC-Based transfer mechanism? The answers of these questions fall back on your morals. Where do we draw the line between trojan and well, whatever this is. There is no definitive line because I think we all want to believe that we are using this technology for a good purpose. When i get emails in the middle of the night asking me how to dump nt hashes out of a 2k3 server, I am lead otherwise. So, its all cool that we push ourselves to see what we can do but remember, gaining access to a foreign computer or network without permission is a crime no matter what. So before you begin further development with this technology, I ask you to evaluate your intentions with a clear mind and heart. And remember, I ain't bailing your ass out when you get raided by the po-po 8) 8) 8) 8) 8) 8) 8) 8) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.