Any news yet herm1t?
Rules, karma and other interesting topics on this forum
Latest update on VX Heavens: 2011-12-23 + LIB/EN: Billy Belcebú "32 bit optimization" (more)
Pages 1
You are not logged in. Please login or register.
Search options
VX Heavens forum » Posts by d_p
Posts found [ 10 ]
1 Yesterday 04:10:27
Re: Virus Collection 2011 (Announcement) updated 2011-11-30 (84 replies, posted in vxheavens.com (aka vx.netlux.org))
2 2011-12-23 06:51:40
Re: d_p's collections [daily updates] (9 replies, posted in Virus eXchange)
If you like my posts, please feel free to donate me some karma 
3 2011-12-23 04:35:01
Re: d_p's collections [daily updates] (9 replies, posted in Virus eXchange)
Hi,
I've couple busy days. Here're the archived samples:
collection-17.08.2011-p3.rar
57.0 MB
[Register or log in to view the URL]
collection-17.08.2011-p4.rar
66.9 MB
[Register or log in to view the URL]
4 2011-12-17 04:38:07
Re: idea about create facebook phishing virus (7 replies, posted in Thoughts)
The logic question:
If you can even put the executable backdoor on your victim, why don't you use simpler method: formgrabber, keylogger?
5 2011-12-17 04:33:53
Re: [Help] Global hooks under windows (6 replies, posted in Thoughts)
Yep, he's looking for a solution to just inject the code inside another process to intercept/hook the creation of another process.
Speaking about hiding from rk unhookers, hiding the hooks from kernel-mode from ring3 is 100% impossible due to the fact there's no way to neither forging memory nor forge false file content for a ring3 application. The only way to prevent kernel mode based antirootkit from usermode based app is to prohibit them to load their drivers ( via hooking, monitoring creating file/writing file and some other hardcore methods but it will take too long to mention them there ).
crim, do you have ICQ?
6 2011-12-15 04:49:13
Re: d_p's collections [daily updates] (9 replies, posted in Virus eXchange)
Hi,
This is today samples archive. Enjoy.
[Register or log in to view the URL]
7 2011-12-14 06:49:17
Re: [Help] Global hooks under windows (6 replies, posted in Thoughts)
There're tons of ways to globally hook processes and newly created process. Which mode do ur process prefer to run? Kernelmode or usermode?
From kernelmode, one could use process notification callback routine to monitor which processes is created/terminated so he could inject code into those. Several topic related to this has been discussed for years. You can google for "process notification callback" and "Apc usermode injection". Or you can use 3rd party app to simplify the development such as madCodeHook.
From usermode, you can use DLL injection ( via many ways ). Again, just google for that term.
8 2011-12-14 06:35:04
Re: Virus Collection 2011 (Announcement) updated 2011-11-30 (84 replies, posted in vxheavens.com (aka vx.netlux.org))
I'm willing to seed the collection 365/24/7. Will it be our Xmas presents @herm1t?
9 2011-12-14 06:32:04
Re: d_p's collections [daily updates] (9 replies, posted in Virus eXchange)
Hi,
Thanks a lot for your support. Here's today archive:
[Register or log in to view the URL]
10 2011-12-12 10:03:46
Topic: d_p's collections [daily updates] (9 replies, posted in Virus eXchange)
Hi,
I will try to upload samples in my collection. I hope you guys will enjoy it.
Today: (150 samples - from Aug 2011)
[Register or log in to view the URL]
Posts found [ 10 ]
Pages 1
VX Heavens forum » Posts by d_p