SYSTEM&WEB HACKING: March 2012

Monday, March 12, 2012

.bat To .exe Converter



Bat To Exe-Converter converts bat script files to exe files. There are some differences to normal bat files. You can create invisible applications, you can include additional binaries, icons and version informations to your program.



2. Now run the application and put the source path of the batch file, then the target executable file name with location.
3. Click on “Compile” button.
That’s all.


Posted by Eldho P James 0 comments

Saturday, March 10, 2012

Bugtraq-I : Distribution for Pentesting and forensics

Bugtraq-I+Distribution+for+Pentesting+and+forensics
Bugtraq system offers the most comprehensive distribution, optimal, stable and automatic security to date. Bugtraq is a distribution based on the 2.6.38 kernel has a wide range of penetration and forensic tools. Bugtraq can be installed from a Live DVD or USB drive, the distribution is customized to the last package, configured and updated the kernel. The kernel has been patched for better performance to recognize a variety of hardware, including wireless injection patches pentesting that other distributions do not recognize.



Some of the special features that you can appreciate are:
· Administrative improvements of the system for better management of services.
· Expanded the range of recognition for injection wireless drivers.
· Patching the kernel 2.6.38 to recognize 4 gigs of RAM in 32-bit.
· Tools perfectly configured, automated installation scripts and tools like Nessus, OpenVAS, Greenbone, Nod32, Hashcat, Avira, BitDefender, ClamAV, Avast, AVG, etc...
· Unique Scripts from Bugtraq-Team (SVN updates tools, delete tracks, backdoors, Spyder-sql, etc.)
· Stability and performance optimized: Enhanced performance flash and java and start purging unnecessary services. So that the user can use only the services you really want.
· It has incorporated the creation of the user in the installation, which is created with all system configurations.
· We are the distribution and Forensic Pentesting with more tools built and functional, well organized menu without repetition of the same to avoid overwhelming the user.

Posted by Eldho P James 1 comments

Friday, March 9, 2012

Beast (trojan horse)

File:Beast RAT client.jpg
Beast 2.07
Beast is a Windows-based backdoor trojan horse, more commonly known in the underground hacking community as a Remote Administration Tool or RAT. It is capable of infecting version of Windows from 95 to XP. Written in Delphi and released first by its author Tataye in 2002, it became quite popular due to its unique features. It used the typical client–server model where the client would be under operation by the attacker and the server is what would infect the victim. Beast was one of the first trojans to feature a reverse connection to its victims, and once established it gave the attacker complete control over the infected computer. Using the reverse connection there was no need for the attacker to know the target IP address; instead, the server connected to a predefined DNS, which was redirected to the attacker IP address. For its DLL, it used the injection method—they were injected into a specified process, commonly "explorer.exe" (Windows Explorer), "iexplore.exe" (Internet Explorer), or "msnmsgr.exe" (MSN Messenger). Due to this the DLLs were automatically loaded into memory once these processes were executed.
It mainly targeted three infection sites:
  • C:\Windows\msagent\ms****.com (Size ranging from 30KB to 49KB)
  • C:\Windows\System32\ms****.com (Size ranging from 30KB to 49KB)
  • C:\Windows\dxdgns.dll or C:\Windows\System32\dxdgns.dll (Location dependent on attacker's choice)
(Note: Removing these three files in safe mode with system restore turned off in case of XP would thus disinfect the system)
The default ports used for the direct and reverse connections were 6666 and 9999 respectively, though the attacker had the option of changing these. Beast came with a built-in firewall bypasser and had the ability of terminating some Anti-Virus or firewall processes. It also came with a binder that could be used to join two or more files together and then change their icon.
The Server Editor offered these capabilities:
  • Direct or Reverse connection option
  • DLL injection location (e.g. explorer.exe)
  • Server name change option
  • Server installation directory (e.g. <windir>)
  • Various IP and Server info notification options (e.g. email, icq, cgi, etc.)
  • Startup keys selection
  • Anti-Virus and firewall killing
  • Other miscellaneous options (e.g. automatic server file deletion, fake error messages, offline keylogger, icon changer, etc.)
Once connected to the victim, Beast offered the following features:
  • File Manager – along with browsing victim's directories it could upload, download, delete, or execute any file
  • Remote Registry Editor
  • Screenshot and Webcam capture utility
  • Services, Applications, and Processes Managers, providing the ability of terminating or executing any of these
  • Clipboard tool that could get currently stored strings
  • Passwords tool capable of recovering any stored passwords in the victim's computer
  • Power Options (e.g. shutdown, reboot, logoff, crash, etc.)
  • Some tools mainly for creating nuisance (e.g. mouse locking, taskbar hiding, CD-ROM operator and locker, URL opener, wallpaper changer, etc.)
  • Chat client providing communication between the attacker and the victim
  • Other tools such as a Remote IP scanner, live keylogger, offline logs downloader, etc.
  • Server Controls (e.g. server deleter, updater, terminator, info provider, etc.)



Posted by Eldho P James 0 comments
Subscribe to: Posts (Atom)