Our tool...
I got a question…
We (me and another hacker) created a tool, calles subrarine ^^
It can force any computer to download specific files…
So u say:
Target is the IP 237.128.96.57
File is “httpe://my-Virus.com/virus.exe”
Target dir is “C:\Windows\Autostart\”
click enter and a minute later the file will be in the autostart folder of the computer ^^
This tool works for any Operating System, windows 95 to Windows 8.1
It never failed until now ^^
we weren’t sure if we should publish it…
Because it would change so many things for little script kiddies just using tools…
anyone could do really much damage using this tool…
What would you do?
destroy it?
publish it?
Miep…
publish it but put for ales or a invite code like some programs only give invites to trusted friends and other ue that you think wouldnt use it badly
As life we are Created to die, as humans we are created to fight. Lets die fighting
It’s too dangerous…
think about sspreading a botnet…
only takes seconds to infect a computer and make it infecting others, too…
Could become one of teh fastest spreading botnets in the world… >.<
or spreading a zip-bomb by bruteforcing IP-adresses…
Think about it again, mentioning this… :/
still think we should publish it?
EDIT: And any invitation code or password can be cracked…
Evil hackers would spend very much time on it to get such a tool… >.<
Miep…
That’s easy to program man.. now if you would be able to upload instead of download.. that would be interesting ;)
And about your botnet.. which botnet works on downloading files? Assuming you’re talking about an easy rfi botnet, which is pretty much dead. (God i loved those days)
The only possible way to create a botnet, is to inject in your program. But considering the lack of real,new functionality, no-one would download it. ;-)
Yeah i think you should publish that cus , i don’t think it could cause a serious harm !!!
There are tools on Kali and BT which do similar kind of exploit !!
And you didn’t mention the platform on which it works ??
- @IAmDevil
Its good to be back! :D
Well you might want to take a look at this.
Not exactly what this is about but still interesting.
I did some research and it turns out that you can remotely shutdown a computer using CMD, i that aspect of this tool isn’t so powerful anymore, and also i looked at some Python codes and i think that it could have been wrote in Python.
As I walk through the valley of the shadow of death, I will fear no evil, for I am the Evilest mother fucker in the God damn valley.
@hazor: true, but you must have acces to the other computer, for example using localnet or workgroup…
@IAmDevil: Any windows operating system! Windows 95, Windows8, Windows server, …
@ShadowFighter: Not just viruses… Anything!
@gudgip: The tool can make the computer do anything… Downloading is just an example… Uploading should work, too ;) And by the way, downloading and uploading should be faster than up/downloading unsing any browser ;)
Litte information to all those who thing it’s a lame useless tool…
Took us about 3 minutes to modify the code (spreading itself)
We made it infect 200.000 computers…
was done after about a minute… -
Miep…
Sorry, dude but i think you got it the wrong way !!
No one here said that your tool is “lame and useless” !
That little informatiom is impresive , i’m confused is it 200.000 or 200,000 !! ;) lol
- @IAmDevil
Its good to be back! :D
it’s not actually like having infected 200000 computers
it’s more like, could have infectes 200.000
*IPs
It was just to test how fast it would be, spreading…
Miep…
@pinkponyprincess:
1 - nice name xD
2 - 50th post, congrats ^^
3 - Would uploading the source of such a powerful tool really be a good idea??
Miep…
I can’t see why not, Zeus source code is freely available, and also i think Kaspersky or someone similar would pick it up quit fast if it really was a threat. No virus or malware will ever be untraceable/unstoppable.
JAYSSJ11- “I’d rather be hated for who I am, than loved for who I am not.”
I know there is no really “secure” system…
And also won’t ever be…
But it’s almost impossible to detect the script, spreading a virus
only the virus itself may be detected…
our tool wont be shown as a virus ^^
*don’t think kaspersky would even notice what’s goint on…
And since the “virus” itself we’re gonna spread will be a brand new one (made by us, too) the antivirus wont detect it…
And it takes about 2 days until all virus scanners know a virus
enough time to have some fun out there on the internet…
wont go into technical details here but not sure if a windows operating system is even able to detect how it’S working… ^^
Miep…
Ok, p2. Proof me you can upload to my computer, I give you the permission. PM me for details. You know why I do this? Cause I don’t really believe you. If you found such a hole, you can probably make 200 + grant. And how did your tool become a virus all of a sudden?
If it’s true. Which ring does your 0day subside? Assuming it’s on Windows PC’s.
Just as a sidenote.. I don’t want to sound offensive, I’m sorry if it looks that way.
I totally agree with @gudgip
You are acting as if you invented THE new program to infect other PC’s and that somehow doesn’t seem to be realistic.
Some details might help.
Well…
I never wanted to give that much detailed information… >.<
It’s using a somehow old technique we modified… (PoD)
It’s sending manipulated Ping signals ofer the normal IP protocoll (unsing IPv4)
file transfer is also done using the IP protocoll (using fragmented ping)
The ping signal contains a code which will directly be executed on the target computer when it’s retriefing the content of the ping packet…
this code can cause the computer to do various things, like downloading or uploading files, executing programms, …
That’s why it’s such a useful tool…
you can log ping signals, but logging their content?? Noone ever did that ^^
and because it’s only sending some ping signals, it also won’t be shown up as a virus… ^^
everyone of you knows how fast a ping signal is…
That’s also why it’s able to spread a botnet fucking fast…
The only systems immune against that sort of attack are those having blocked ping in their firewall…
it even works on servers, running a linux software…
just testet it at a nitrado minecraft server…
Miep…
I think everyone here knows about “Trustix” right ?
it is said to be very secure , ever tried on that ?
- @IAmDevil
Its good to be back! :D
Shame on me, I didn’t know about Trustix linux… :(
*In fact I never heared about it before ^^
We’re gonne prepare a computer running trustix and try it out ;)
I don’t think it’s gonna fail ^^
Miep…
- @IAmDevil
Its good to be back! :D
For a secure linux, I’d go with SELinux http://www.nsa.gov/research/selinux/
But this is slightly offtopic.
Congrats to the success, but I think that since we are not you you must find out what to do your self and use the comments as helpful tips on how you should make your decision. Do what you think would have the best outcome.
“When you die I will laminate you’re skeleton and pose you in the lobby.”
Veni Vidi Vici
thx cpn ^^
We posted this cuz we wanted to know what other hackers think about it, what they would do…
I thought some more would think about the negative aspects of it but most of u are just like “cool, send mit the tool!”
gidgip?
U call jourself a hacker, want me to test the tool at your computer, and BELIEVE what is written on the NSA website???
Dude, what the fuck is wrong with you???
I’m more and more wondering about who/what you are…
Miep…
p2,
Can I put away our differences.. I’ve never called myself a hacker. Nor will I ever call myself that. You do not have to test it at my computer, ask someone else if you want to.
What I see, however, is that you claim to have found a critical 0day in the most used protocol in the world. And you expect me to believe you, without asking for proof?
And you clearly have no idea what SELinux is.. please, research a subject before you respond like that :)
I was refering to your post that I should proof to you that it’s working and your link to nsa website (nope, I don’t really like them!!)… >.<
wasnt ment to sound that offensive…
I’m not the genius who did the programming work…
I had the idea for the whole project…
And (sadly) it’s easy to protect against by just blocking ping response in your firewall…
About SELinux…
I will research ^^
But all I know is that there is no secure system and also will never be…
Just because noone found a way to do something, it doesnt mean it’s impossible ;)
And it looks like if it works for Trusity, too, but most of the sent data won’t be transmitted…
Huge amount of data loss… :/
Miep…
Hey @p2,
Just how do you expect us to even believe you?
I mean, such an attack may be possible, but if you just go around claiming to have found a huge security hole in Windows and only give very vague and unclear details about the program, then nobody will ever take you seriously.
Basically what you’ve been saying is that you can infect pretty much any unprotected computer in the world. The thing is, first you say it will work on any Windows operating system and then you say it also works on Linux… what?
You said:
[quote=p2]The ping signal contains a code which will directly be executed on the target computer when it’s retriefing the content of the ping packet…
this code can cause the computer to do various things, like downloading or uploading files, executing programms, …[/quote]
What “code”? Also, how can you execute code on both Windows and Linux? As far as I know there is no magic cross-platform way to run code on pretty much any machine, or at least not without something like Java.
Let’s suppose you can… why would any operating system run any sort of code from a ping packet? I mean… what?
Even so, assuming all you’re saying is true: how can you possibly infect 200,000 computers in a minute? How exactly do you achieve this? I mean, unless you’re running 200,000 computers on a local network, but you clearly said it worked for any IP address…
Your whole program just seems too incredible and unlikely to be true. Could you provide us with source code? A video? If not, could you provide us with some sort of detailed explanation as to how everything works?
I’m sorry and don’t mean to sound rude or anything, but I’m just not biting your whole “I found the ultimate hacking tool” story.
“People who doesn’t work hard doesn’t have the right to be envious of the people with talent. People fail because they don’t understand the hard work necessary to be successful.”
[quote=ShadowFighter]You should trust him, this shit works. I skyped with him and tell him to hack me, what he actually did.
And he won’t give so much informations about because he don’t want that someone can copy it.[/quote]
…hereby rendering telling us about it completely useless?
Even if that program does actually exist, not showing it just screams out bullshit.
@lemon42: It was created to work on Windows computers. What we tested on linux is, if we can inject codes over IP protocoll, too. It worked… But executing the codes is still a problem at linux systems…
The CODE I’m always talking about is a little programming code that is trnasmitted over IP protocoll. The viros/program/task for the target itself. (“shutdown!!” or “send me your file abc.exe” or whatever)
Transmitting data over ip protocoll is no big deal at all, our tool is something that makes the target execute the code… That’s why it’s so special.
The 200000 computers: We made it send the spreading-code itself to two computers, those computers then did the same… (first recieve the tool, then execute it)
within 1 minute the tool could have been sent to 200000 ip adresses, IF all of them would have been online at that moment…
@ShadowFighter: Already thought bout that, too
But it would be complicated… How to remotely find out which os a target machine is using? ^^
*shouldnt slow down the whole process if possible ^^
To all of you who dont really believe the whole story and want some prooves:
Imagine YOU would have created such a tool…
Would you just give away the source code of it?
Or detailed technical information about HOW you’re doing it??
I dont think so because else anyone elso could create such a tool, too…
And as you all should understand, this tool could be used as a terrible weapon…
Who of YOU is protected against such an attack???
We’re still not sure if we should put it into the archive and forget it, or publish it, or maybe destroy it…
destroy it because we have no clue if it’s even possible to fix this in windows…
*it’s the “core” of windows, the core which has almost never been modified since Windows95….
Sorry for late reply, hat had much to do…
Miep…
If everything you are talking about is true then why don’t you make a video of you using it to prove it?
What you said doesn’t prove anything at all. Just that you seemingly don’t have any proves..
And if you indeed found such a big security flaw then why don’t you publish it or send it to Microsoft?
This way you might get money for it.
[quote=p2]within 1 minute the tool could have been sent to 200000 ip adresses, IF all of them would have been online at that moment…[/quote]
See, this is the problem. First you make affirmations and later on turn them into speculations to prevent looking like an idiot… another big red flag.
You’re still rambling about “codes”, don’t know if it’s an obsession or something you have with the word. Anyway… one reason I still can’t trust you is that you don’t even say what in the world this is programmed in. Or how the flaw even works.
[quote=p2]a little programming code that is trnasmitted over IP protocoll[/quote]
This sentence just proves just how little understanding you have of how IP works (oh right, saying “IP protocol” is redundant, and also, it’s protocol, not “protocoll”, red flags everywhere!) then maybe you’d know that pretty much everything and anything that is travelling over the internet is using it.
Speaking of IP… question to you. How exactly does it spread? Where does it find targets to spread to? As you’re describing it now, it can just magically spread to a couple thousand machines in seconds… hmm. Another red flag?
[quote=p2]To all of you who dont really believe the whole story and want some prooves:
Imagine YOU would have created such a tool…
Would you just give away the source code of it?
Or detailed technical information about HOW you’re doing it??
I dont think so because else anyone elso could create such a tool, too…
And as you all should understand, this tool could be used as a terrible weapon…[/quote]
Tool, tool… come on, you’re the tool here. First of all, I’d never create one mostly because that’s not my goal as a programmer. If I did end up making one by accident, well I wouldn’t have, mostly because what you’re describing here is simply not possible. Now for purely speculative purposes let’s say it is. Alright. I just created this wonderful tool. What would I do with it? Certainly not brag about it on online forums. Give away the source? Most definitely. Why? Because software is information. And information has the right to be free and open for all to access. It shouldn’t be kept away from people like that. GIve away technical information? Absolutely, same reasons as above. I’d even make a full specification on how to achieve the issue. The reason for all this is that our systems can be fixed. People would start making copies of it? Who cares. More exposure to the problem, and by such more public awareness, which in turn helps to get the issue fixed as more people would work on actually doing something about it.
[quote=p2]Who of YOU is protected against such an attack???[/quote]
Right now, nobody, for the simple reason you’re not willing to tell anyone how it works or even what it actually does, which in turn means no-one can protect themselves. I mean, if you don’t know what the threat is, how do you protect yourself against it? The only solution is to get off the internet here.
However this is all hypothetical. Of course you haven’t created this tool. Look at the bullshit you’re serving us!
[quote=p2]it’s the “core” of windows, the core which has almost never been modified since Windows95….[/quote]
First of all, not “core”, please. Use some appropriate vocabulary. Here, repeat after me: “kernel”.
“Almost never been modified since Windows95”? Get your facts right, kiddo. Ever heard of NT? Oh right, you know nothing about how Windows works… allow me to update your knowledge. Here: http://en.wikipedia.org/wiki/Windows_kernel
I’m sorry but your story is just so highly improbable that it’s just too hard to believe… like really hard.
@p2 are you saying the virus itself is transmitted over ping or just the commands to an already infected computer?
@flabbyrabbit: Pretty sure he means that the virus itself propagates that way!
[quote=p2]It’s using a somehow old technique we modified… (PoD)
It’s sending manipulated Ping signals ofer the normal IP protocoll (unsing IPv4)
file transfer is also done using the IP protocoll (using fragmented ping)[/quote]
Well if that’s the case I am not convinced. Covert communication channels are awesome, but I know of no way to execute commands without a program to parse and execute the commands on the target system.
If the computer is already infected, then this is pretty lame and obvious. Although I still doubt that a ping package has enough space for a whole command.. but I could be wrong.
The fact is, p2 is telling us that he sends commands like ‘give me that file’. How the hell would any computer translate that ‘command’, or ‘code’ without being infected with some daemon containing a translation layer? I would’ve believe you a tiny bit if the commands would be ‘ls’, ‘ssh’,.. executed with a stack overflow..
As others have asked before me.. put a video online, or hey, I know something better.. why don’t you list the root directory of hackthis.co.uk. (if you get permission from flabbyrabbit, of course). It’s super easy: ‘ls /’ is your comand.
@p2 I have an idea. Why don’t you speak to Katie Moussouris? She’s a great woman, easy to reach, and maybe you could get a good deal if money is what worries you. If it’s not about the money I’d still do it (for the ethics and such - if you don’t want to publish it so that anyone can use it for bad, then why not tell the people to fix the problem just in case someone else has the same idea at some point?).
Well that’s only my opinion anyway! :)
Sorry if that sounded stupid.
All your karamas are belong to us.
I highly doubt everything you are saying. Reasons being all of us who actually understand what we are talking about, please be with me on this. You know the reasons why this wouldn’t work. Lemme just throw some words out there. common exploits, firewalls, closed ports, cross platforming, information gathering, etc. Emphasis on that last one! Just because you have the external address doesn’t mean you have access to the servers address. Hell–, there could be hundreds of servers running on one gateway. Therefore if your tool does work you would have to know the internal ip addresses of the servers as well in which your tool would then have to guess the possible addresses of the servers on the ip range which could be dynamic or changed manually by the usually and very spaced out. Let’s say though that all of this information is saved somewhere in the gateways software. With the technology we have now days all of the information would be encrypted to all unauthorized users which you would then have to have your tool decrypt. Not to mention if someones router was partitioned. Then what?! Now let’s pretend your tool has some kind of mutating script that would bend and pull under these circumstances, evolve, and learn off of it’s surroundings then you once again cross platforming would be an issue. If the language you’re using isn’t supported by the operating system boom… End of the line! Not to mention the dynamics of every operating system are different. If your tool is running on a vulnerability that you and your friend have spent time looking for and cleverly designing then it is ONLY going to work for that one operating system. Every version of Windows are very different from each other and their security holes derive from poor programming, patches, overlooked code, etc. The programming would be different for every version of Windows. Then what about Unix based operating systems and Mac? Their frameworks and network traffic are very different from each other as well. Yeah there are some similarities such as types of packets that are used and those other essentials to cross platformation and web compatibility but that still are very different. Hope I didn’t miss anything or mess some stuff up in here. Not even going to spell check because I am freakin' tired and it is late. Just saw this post and had to butt in lol Anywho…..
If you did pull off some odd sci-fi like tool, by all means release it. Let the Skiddies wreak havoc. All kinds of shit would go down and boom all other hackers could better remain notorious. Sorry to burst your bubble but there are already tools out there that have a whole crap load of exploits ready to go such as armitage and metasploit written for a good amount of operating systems. So you wouldn’t be doing anything new. Just the thing here is that they run off a complete framework compiled of many different developers and languages.
What really tells me that this ish bee-esh isssss:
The simplicity and description of the tool
the loic profile pic
and
[quote=you]
What would you do?
destroy it?
publish it?
[/quote]
Really?…. You spent all of this time developing such an advanced mutating program with the ability to write, run, and change exploits at it’s own will, with required minimal user concent and the ability to brute force and decrypt any encryption method available to the public, hardware detection, automattic port service spoofing, data stream deauthentication, the power the create a backdoor, write and execute it’s own payloads without being detected by a firewall and or antivirus or overclocking on server or client side, simply by entering an IP Address…. and you’re considering destroying it?
No sane being on the face of existence– would do such a thing! You would have to be a freakin' genius to pull such a thing off. This isn’t an anime bud. And if you did pull such a task off you need to right now go and fill out your application to work for the FBI because in a week your going to be rolling in loot.
We’re talking about and bunch of trojans and bots just got together, ate some crack, smoked some acid, sniffed some heroine, injected some coke, put a bottle of ecstasy in a rolled up dollar bill, shoved it up their rear end, asexually reproduced, and then blissfully ran into a someones network.
You are correct though! It would change some things if you released it. The internet would go crazy for about a week, companies would write and release a patch for the exploit in their next update, and it would no longer work for a good percentage of people while everyone, who still attempt to use your tool, computers would die from insane drug abuse.
Sorry for this extensive piece of text and my ranting about this post. I was trying to make it humorous as well and I hope you @p2 find it funny as well.
Thanks @MaxLockhart, you wrote some interesting words on your post and my reading list just got a bit bigger.
This is why I like HackThis!!
Sorry if that sounded stupid.
All your karamas are belong to us.
Say wha? lol @SFisher
Maxlockhart: v good reply, it had an essence of “boo yahh” to it:) You obviously know your stuff.
I, on the other hand have only been doing networking in college for about four weeks and even I smelled a rat, seemed too simple the way the OP was describing it.
The “simplistic noob” way I looked at it was “you can only see their public IP, not their private, and the public IP could be connected with many different computers/OS’s etc.” Having said that, I am amazed every day by what I don’t know and what can be done be cyber brains.
However, I think the OP may be, as you supposed, high as a kite. Made for an interesting thread though
Peace :)
Be careful people that ip address is false I guess much the same as his brag. Yeah right OH by the way the address link in just a link to virus.exe and it will run as soon as you download it as it’s an .exe file remember that an exe file is a common filename extension denoting an executable file in the DOS as well as OpenVMS, Microsoft Windows, Symbian and OS/2. So please don’t click it. :)
- @IAmDevil
Its good to be back! :D
Well have a look for yourself IAmDevil. The IP address can’t be found with an ip search engine and when you right click on the httpe://my-Virus.com/virus.exe you will only get virus.exe If you see the httpe - look here to see what I mean;> READ HERE.aspx)
Also go into CMD on your PC and ping 237.128.96.57 and all you will get is a time out caption and all the packets will be lost.
- @IAmDevil
Its good to be back! :D
10 years ago
0
That link my-Virus.com is not working show an error message. I tried it on the system in my office.
Yeah that’s what I said in my last post on here. The url is false and the ip address is also false .
10 years ago
0
Don’t know what p2 is up to but you guys are right it is snide!
One of 3 things:
[list=1]
[] It was just an example, like www.example.com, to illustrate the use of his ‘weapon’. (Except that www.example.com actually exists)
[] My troll-meter needs to be repaired.
[*] I missed something.
[/list]
If it was the real URL and IP with the malware, you could download it for analysis and potentially access the source code, and that’s not what he wants, apparently.
1, 2 or 3?
Sorry if that sounded stupid.
All your karamas are belong to us.
Oh and about that whole, ‘every operating system thing’ ummmmm… exe doesn’t run on linux unless you have wine and on apple technology I think may not even have something to emulate. Not sure about the last one…. anywho we all know this is bs and tough talk and of course www.my-virus.pussypost.com is an example :P if he wasn’t sure of releasing it why would it be posted? Anwho, bs I am cool and youtubed a couple tutorials, wrote something in batch with like fifty lines full of echo and maybe some outdated attacks. If it pings a server 500 times every second it’s called a DDOS attack and is NOT hacking. Hacking can simply be broken down to:
[quote=eli the computer guy]Obtaining data with unconventional access[/quote]
Forgot what he actually said but it was something like that…
Denial of Service is NOT hacking, can the world get that straight lol. If anything he wrote, copied and pasted ping with an IP address you can enter and is assuming it is going to work. Just take some time to understand hackin @P2
- @IAmDevil
Its good to be back! :D
10 years ago
1
I think p2 has already left HT!!. So now the mods will have to close this thread.