Programming ideas / what would you like to see coded?

[ca0s]

I open this thread for the people who, like me, love programming but has no ideas for what to code.

The point of this is that if you have an interesting idea, but you don't have time to do it and do not care if another person does it, you post it here so another person can work on it.

Also, if you have the idea but not the knoweldge to code it, you can post it here so maybe another person does it.

I would start, but as I said, I have not currently any decent idea and I am bored as shit.

[Kulverstukas]

Well, I'm currently interested in FaceBook API and it's usage in Delphi. So I'd like to see some usage of Facebook API, like maybe a picture uploader, or a friend watcher or maybe a chat client...?
Could be any language, but I prefer Delphi

[FuyuKitsune]

A tool used in combination with MitM or TCP hijack/spoofing. The MitM/TCP-attack replaces HTTP requests for EXEs with links to a different host. The replacement request would be something like www.attacker.com/file.php=www.site.com/real_file.exe (or an IP rather than a domain for the attacker if you use the MitM computer to host).
The attacker.com essentially downloads, infects the executable, and forwards it. Downloading the entire file and then finally sending would take too long and the victim would probably time out. Instead, the attacker program downloads the file and infects as it's forwarding it to the victim. Attacker program would take the filesize of original EXE and determine what the size of the infect file will be and forward that size so that download can continue without a "size mismatch" error on the side of the victim.

I'm not sure what infection methods would work with pre-determined size. I suppose a binder would have a consistent size since there's no manipulation of the original file.
Multiple download parts wouldn't work on the size of the victim.

[a12danrulz]

A tool used in combination with MitM or TCP hijack/spoofing. The MitM/TCP-attack replaces HTTP requests for EXEs with links to a different host. The replacement request would be something like www.attacker.com/file.php=www.site.com/real_file.exe (or an IP rather than a domain for the attacker if you use the MitM computer to host).
The attacker.com essentially downloads, infects the executable, and forwards it. Downloading the entire file and then finally sending would take too long and the victim would probably time out. Instead, the attacker program downloads the file and infects as it's forwarding it to the victim. Attacker program would take the filesize of original EXE and determine what the size of the infect file will be and forward that size so that download can continue without a "size mismatch" error on the side of the victim.

I'm not sure what infection methods would work with pre-determined size. I suppose a binder would have a consistent size since there's no manipulation of the original file.
Multiple download parts wouldn't work on the size of the victim.

you could just use ettercap in combination with set or metasploit if they are on your LAN

[FuyuKitsune]

you could just use ettercap in combination with set or metasploit if they are on your LAN

That is what I imagined for the MitM/TCP-attack redirection. I was thinking Ettercap for ARP poisoning or the airpwn module of Metasploit for TCP-sequence attacks. The thing is that I don't want just a plain payload, I want to infect/bind the legitimate program (the one that's being swapped) as it's downloaded and upload pieces to the victim as they come in from the legit site. I'm really trying to man-in-the-middle the downloading file and infect it. The redirection program would have to determine what the total size of the infected file so that the attacker can begin uploading to the victim even though the entire legitimate file hasn't been downloaded by the attacker.

[a12danrulz]

How about copying the download link and replace it with an infected version of it? Then redirect that URL to the page download.

[ca0s]

How about copying the download link and replace it with an infected version of it? Then redirect that URL to the page download.

I think what FuyuKitsune wants to make is a "live" infection. But I don't see how could that be done whithout some seconds of delay, as you have to explore the PE info of the exe to know where you will place the executable if you want to do it by inserting code.
Also, you could use something like a binder stub. The attacker starts downloading the original exe's bytes and starts sending binder's stub ones. When all binder's stub bytes have been sent, it starts sending received original exe's bytes. That is probably the easiest way to do it, I think.

[FuyuKitsune]

I think what FuyuKitsune wants to make is a "live" infection. But I don't see how could that be done whithout some seconds of delay, as you have to explore the PE info of the exe to know where you will place the executable if you want to do it by inserting code.
Also, you could use something like a binder stub. The attacker starts downloading the original exe's bytes and starts sending binder's stub ones. When all binder's stub bytes have been sent, it starts sending received original exe's bytes. That is probably the easiest way to do it, I think.

That's exactly what I was thinking, mostly the 2nd way. Thanks for explaining it better.

[gh0st]

I open this thread for the people who, like me, love programming but has no ideas for what to code.

The point of this is that if you have an interesting idea, but you don't have time to do it and do not care if another person does it, you post it here so another person can work on it.

Also, if you have the idea but not the knoweldge to code it, you can post it here so maybe another person does it.

I would start, but as I said, I have not currently any decent idea and I am bored as shit.

Im planning to make a bot which you can add new functions and variables while more complex much better but I dont even know how to use windows.h on C++ but if u start with a source code I may search something useful, interested?

[FuyuKitsune]

Im planning to make a bot which you can add new functions and variables while more complex much better but I dont even know how to use windows.h on C++ but if u start with a source code I may search something useful, interested?

Like plugins?

[gh0st]

hmm no I mean a bot which you can interact like with a real person thats named AI or artificial intelligence
If Id know how to work with all the C++ library Id set it up to be a msn bot with an animation of a girl that talk with u 

[iTpHo3NiX]

What I'd like to see downloaded is a binder with a remote downloader embedded into it. So you open your binder, and then pretty much you choose a webURL that is a direct download link to your malware and then you bind a regular file (such as an installer) and since it would be such a small filesize it will stay close to the file you are binding it to (since it just downloads the file) and then of course execute both at the same time. This would make for some pretty sneaky stealers and bots

[gh0st]

hey is it possible to code an AV? how hard is it? I have a basic idea how it works btw

[Satan911]

Not really possible for a single person (well it is but would take a long time).

Kaspersky AV 2008 source code leaked earlier this year (It's C++)

Have a look if you want: http://forum.vxheavens.com/viewtopic.php?id=692
(You have to register.. I didn't find any other working links)

[gh0st]

uh I cannot enter it dropes me an error that your ip has already registered an account and the captcha always drops me an error even I do it good would you post the source in C++ plz Satan if you dont mind