Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - ZeroBoy

Pages: [1]
1
Scripting Languages / [Python] Proxist Bot: Hidemyass Proxy Grabber
« on: April 18, 2014, 11:32:17 pm »
Proxist Bot: Hidemyass Proxy Grabber

Source: Python for Pentesting

Description:
"Proxist" is a python bot that grabs "hidemyass" proxies, test them, sort them by connection speed and export them in a txt file (HOST:PORT) so you can use them with other tools or browsers.
Howto:
Code: [Select]
Usage: testing.py [options] 
 
Options: 
  -h, --help            show this help message and exit 
  -o FILE, --output=FILE 
                        Output file 
  -a, --all             Store all information ]
  • -o: Specify where to store the proxy list. if not specified, output will be stored in "proxist.log"
  • -a: Use this if you want to store additional information (country, protocol, anonymity level...)
Screenshots:
Running proxist.py -o proxylist.txt --all:
Output file (proxylist.txt):

Donwload:
The bot is located on my github: Proxist.py

2
Scripting Languages / [Python] Sniffy - A Simple Network Sniffer
« on: April 02, 2014, 10:02:21 pm »
This is a simple network sniffer that sniffs packets at the Network Layer (IP Layer), parse it and displays the IP Header informations. It also do a hex and ASCII dump of the data sniffed.

The "ip" class has two methods:
[1] extract(): this method extracts the IP header elements and stores them in a list
[2] parse(): used to parse the IP header elements through an sqlite database that contains descriptions of the IP Header elements (e.g: protocol, precedence, ...)

Screenshot of a DNS response captured by Sniffy.py:


Source code is found here: Sniffy.py
The database can be downloaded from here: ip.sqlite

3
Scripting Languages / Re: Fucking Stupid Coding PDF's
« on: April 01, 2014, 06:01:22 am »
I think the problem is not learning from PDFs, the problem resides in the scripting languages it self (Ruby, even python is involved :o). things differs from version to another one of the language (it's just like software). I think they should work on a standard version of the language, rather than deleting stuff and adding some more creepy stuff.

There is nothing wrong with books, but in my opinion, i think the easy way to learn a new language is to read a quick tutorial and have a general idea about the programming language. then move to read some book, doing a lot of practice, and tuning codes...

And when done from that, you start the real learning process which is working on some juicy projects... you can't say that you know a programming language without doing some projects on it.




4
C - C++ / Re: [C] Reverse Connection
« on: April 01, 2014, 05:22:21 am »
I don't recommend C&C based RATs  if you want to start one from scratch, because you have to write your own C&C script (you might learn php). even if you willing to use a ready-made one, you MUST customize your rat to be compatible with that script which is pretty much pain in the ass. plus, anyone have your server, can easily inject malicious data in the server you're hosting your C&C Panel

most people using ready-made C&C rats, so they would always recommend newcomers to code a C&C based rats, while they don't realise how time consuming it is.

I would say that C&C based RATs is more suitable for mass infections...
====
Have you forwarded 52142 and test it here and it says opened?

5
C - C++ / Re: [C++] Multipart POST request sender
« on: February 23, 2014, 10:31:11 pm »
How many time the for loop gets executed?

6
C - C++ / Re: [DISCUSSION] RAT Programming Basics
« on: February 23, 2014, 11:40:07 am »
Quote from: Kulverstukas on February 23, 2014, 09:53:40 am
Direct-connection has been used since the dawn of man. And you can't possibly say that it's a "secure" method of control, when a victim connects straight to you... what if I sniff the traffic, see the commands and where it connects to receive them?
let's assume that it is sent in plain text, we can also sniff a bot traffic too, hijack it and own it. so encrypting commands and data is a necessity.
Quote
Having a RAT connect to a centralized CnC server and being able to control them through some HTTP or something Webpanel is much better
I do agree with that, having a HTTP server always alive to receive data from bot is better for sure. BUT it might be risky, because conversation between bot and C&C Panel based on HTTP which is a plain text protocol. Every technique have Advantages and disadvantages

7
C - C++ / Re: [DISCUSSION] RAT Programming Basics
« on: February 23, 2014, 12:44:46 am »
Quote from: lucid on February 23, 2014, 12:19:35 am
Yeah that's a good idea, be a sarcastic prick to the staff of the forum you are asking information from. Also, are you really trying to say that botnets don't exist? Because I assure you they most certainly do.

EDIT: Also, there's a modify button for a reason. Use it instead of double posting.
he misunderstand something i said, and i guess what i said about the static IP is clear for everyone but him, i never meant that the static IP is changeable. I meant that The first problem we faced is how to get my IP address kinda static.
Plus, i didn't said that botnets doesn't exist, and i clearly said that there is no peace of software called botnet (didn't I ?). the name say it all, botnet (bot network) which is not a kind of software. its a bunch of bots (which is a software) connected to each other under an homogeneous C&C software. that's exactly what i said.

@Kulverstukas:you made me feel dumb with your misunderstand, and i've been offensive for that. anyway,  i'm mistaken,and i do apologize.

-- Use the edit button

8
C - C++ / Re: [DISCUSSION] RAT Programming Basics
« on: February 22, 2014, 11:53:49 pm »
Quote
The first problem we had faced is the static  IP address, everyone knows that his IP address changes everytime he reset his router.
Quote
Everyone... except you. Static IP's don't change, that's why they are static in the first place.
I suggest you to open your eyes wider when reading especially my words...
I'm not going to explain this again because everybody got it except you of course...
Quote
Client doesn't need to know any IP's, it's a client. It listens for connections... the server has to know your IP and port to connect.
I already said this and explained why. So you came with nothing new...
Quote
All this direct-connecting kinda sounds outdated and insecure
Not going to comment about "kinda sounds outdate"  ??? , but "insecure"!!!!  :o can you explain this?
Quote
Nowadays it's all about getting more and more, so it just becomes like a botnet
There is no peice of software called botnet, maybe you're confused with RATs based on HTTP C&C Panels  ::)

9
C - C++ / [DISCUSSION] RAT Programming Basics
« on: February 22, 2014, 12:03:20 am »
Nothing better to discuss such things than here.

Last period, i became more curious about RATs programming and how RATs works, and to understand this better, i want to code a simple one, just want to have two PCs connected to each other and do some lame stuff.

What i concluded about RATs basics:

RAT consists of client and server applications that allows a remote user to control a remote machine via sockets. The server is placed in the target machine, and the client on the user machine.
in socket programming, a server is usually linked to the bind(), listen() and accept() socket functions. and the client side is the one who connect()s to the server.

While in RATs, the roles are reversed, the client uses the bind(), listen() and accept() socket functions and waits for incoming connection from the server side. and the server should links to the client machine using connect()
and that's because the server on the remote machine knows my the client's IP address but the client don't  :o HOW?!

Everybody worked with RATs before, The first problem we had faced is the static  IP address, everyone knows that his IP address changes everytime he reset his router. So basicly how can a server and a client connects with each other while no one of them doesn't know the other IP address. In this part, DNS services comes to hand, we can make and IP address linked to a domain name using no-ip (for example)  and use the no-ip program to assign my IP address to the domain name everytime the IP changes.

this way, we can make the server side know the client's IP address and accesses it using it's static domain name.



Pages: [1]