EvilZone

Hacking and Security => Hacking and Security => : Infinityexists April 13, 2012, 10:38:39 AM

: Photo stealer Trojan Horse (see the demo)
: Infinityexists April 13, 2012, 10:38:39 AM: Few months ago i started a thread saying that i am working on a trojan horse that steal all the photos from the victim Pc, here i am testing it on my brother's Laptop ;)

Watch the video and let me know if the source-code worth a share ,

Video with explanation (low quality),

http://www.youtube.com/watch?v=2NRcgx8LdJ8 (http://www.youtube.com/watch?v=2NRcgx8LdJ8)

Video in HQ,

http://www.youtube.com/watch?v=4i60bEJAaz4 (http://www.youtube.com/watch?v=4i60bEJAaz4)

coded in: VBScripting, Batch Programming, Php/MySQL with few windows registry tweaks to bypass antivirus and other user access controls.

coded by Sufyan Ghori
: Re: Photo stealer Trojan Horse (see the demo)
: Kulverstukas April 13, 2012, 11:09:37 AM: : Infinityexists April 13, 2012, 10:38:39 AM
Few months ago i started a thread saying that i am working on a trojan horse that steal all the photos from the victim Pc <...>
Wasn't it yesterday...? lol.

Very nice thing you made, like really. Looks like it works great ^^
What's the Application coded in btw?
: Re: Photo stealer Trojan Horse (see the demo)
: Infinityexists April 13, 2012, 11:17:50 AM: : Kulverstukas April 13, 2012, 11:09:37 AM
Wasn't it yesterday...? lol.

Very nice thing you made, like really. Looks like it works great ^^
What's the Application coded in btw?

it wasn't yesterday :p, i am talking about this -> http://evilzone.org/hacking-and-security/i-developed-my-first-hack-using-vbscripting/ (http://evilzone.org/hacking-and-security/i-developed-my-first-hack-using-vbscripting/)
btw the application is coded in VBScripting with Batch programming and few Windows registry tweaks to bypass user access controls :) then I used Winrar SFX to generate the executable file and then changed the icon, this is everything behind the Application.
on the web-server side i used PHP to code the program that browse and generate the gallery + HTML/CSS to give it the smart Gallery look ;)

it is 100% undetectable and it is just 170kb in size :p !!
tested with Avast, Avira , AVG and Mcafee ;)
however Panda antivirus doesn't allowed the execution of vbscript file so i've also coded the simple program that shutdown the Panda Antivirus (if there is any) before the execution :)

P.S : sorry for the video quality , i had never recorded the video before :p i had a real hard time in choosing the right screen recorder :p
btw i used Blue Berry for screen recording and Windows movie maker for editing :p
: Re: Photo stealer Trojan Horse (see the demo)
: Kulverstukas April 13, 2012, 04:01:59 PM: Lol I must say your concept is actually very clever ^^ It's mostly undetectable because it is a script.
Btw for screen recording I prefer "Camtasia" (Windows) and recordMyDesktop for Linux.
: Re: Photo stealer Trojan Horse (see the demo)
: Infinityexists April 13, 2012, 04:21:13 PM: : Kulverstukas April 13, 2012, 04:01:59 PM
Lol I must say your concept is actually very clever ^^ It's mostly undetectable because it is a script.
Btw for screen recording I prefer "Camtasia" (Windows) and recordMyDesktop for Linux.

thanks for the screen recorder suggestion, i spent like 3 hours trying different Recorders to record the desktop the issue was, my laptop is Full HD (1080p) so even if i was recording with the full screen, only small part of the screen has been recorded , i even tried with different resolution like 800x600 , 1024x786 but the issue remained there then i found blue berry recorder and it worked like a charm even with 1080p :)
next time while recording the screen your suggestion will be kept in mind :)
: Re: Photo stealer Trojan Horse (see the demo)
: dataspy April 13, 2012, 04:23:11 PM: Good work, looks very interesting!!!
: Re: Photo stealer Trojan Horse (see the demo)
: Axon April 13, 2012, 05:34:43 PM: Very creative. Great work
: Re: Photo stealer Trojan Horse (see the demo)
: Infinityexists April 14, 2012, 06:48:17 PM: : Axon April 13, 2012, 05:34:43 PM
Very creative. Great work

Thankyou , will add more features soon and gonna give the professional look to the gallery , the gallery will be totally based on Ajax :p
: Re: Photo stealer Trojan Horse (see the demo)
: bio_n3t April 16, 2012, 08:07:30 PM: Good work!! I have done something similar but with more feature, I will post a video demonstration of it as soon as possible.
By the way I have done it with a combination of:
jQuery, AJAX, PHP, MySQL for the server side
and VB.net for the client side :)
: Re: Photo stealer Trojan Horse (see the demo)
: z@h1r April 16, 2012, 08:23:50 PM: Have you release the source code and tutorial to use it? :)

Wireshark Cookie Dump:

OKCancel
: Re: Photo stealer Trojan Horse (see the demo)
: Infinityexists April 16, 2012, 09:21:26 PM: : bio_n3t April 16, 2012, 08:07:30 PM
Good work!! I have done something similar but with more feature, I will post a video demonstration of it as soon as possible.
By the way I have done it with a combination of:
jQuery, AJAX, PHP, MySQL for the server side
and VB.net for the client side :)

Good work, I'd love to watch that ;)

@z@h1r : nope, Source code hasn't been released yet :)