Government Security
Network Security Resources

Jump to content

Photo

Hacker Defender Recompiled

- - - - - security php rootkit backdoor
  • This topic is locked This topic is locked
102 replies to this topic

#91 tibbar

tibbar

    First Sergeant

  • Members
  • 1,423 posts

Posted 10 June 2005 - 04:27 AM

realloader - no requests allowed.

11. No requesting Programs...like looking for "brute force program" or a specific tool like "autohaxor elite" etc... Search Google for them !!!!!!!


Please read the rules http://www.governmen...?showtopic=8545 and dont bother posting until you have memorised every last word.

The lame hxdef builder tool will not help you get past AV, it is simply used by n00bs who do not know how to compile ddk.

learn to program, and then you can write your own tools or at least understand what makes a program detected.

Any more lame posts in the thread and it's gonna be trashed.
If you want to read more about my security research, visit Tibbar.org

#92 apusnaias

apusnaias

    Private First Class

  • Members
  • 40 posts

Posted 10 June 2005 - 08:39 AM

yo is very nice tool :D

#93 s8ten

s8ten

    Private

  • Members
  • 10 posts

Posted 12 June 2005 - 12:07 AM

hmm, I dont get it, where is the download???
Thanx anyway, hope u can help me out with the download links:S:S:S

#94 kuki

kuki

    Private First Class

  • Members
  • 39 posts

Posted 12 June 2005 - 12:24 AM

Read all not only look at the 1st post and then yell that there is no d-load.
Btw. 7 posts per almost 2 years isn't much, is it ? I wonder how many d-loads did you do :ph34r:

realloader/ s8ten - no requests allowed. 

11. No requesting Programs...like looking for "brute force program" or a specific tool like "autohaxor elite" etc... Search Google for them !!!!!!!


Please read the rules http://www.governmen...?showtopic=8545 and dont bother posting until you have memorised every last word.

The lame hxdef builder tool will not help you get past AV, it is simply used by n00bs who do not know how to compile ddk.

learn to program, and then you can write your own tools or at least understand what makes a program detected.

Any more lame posts in the thread and it's gonna be trashed.

<{POST_SNAPBACK}>



#95 s8ten

s8ten

    Private

  • Members
  • 10 posts

Posted 12 June 2005 - 12:48 AM

Read all not only look at the 1st post and then yell that there is no d-load.
Btw. 7 posts per almost 2 years isn't much, is it ? I wonder how many d-loads did you do  :ph34r:

realloader/ s8ten - no requests allowed. 

11. No requesting Programs...like looking for "brute force program" or a specific tool like "autohaxor elite" etc... Search Google for them !!!!!!!


Please read the rules http://www.governmen...?showtopic=8545 and dont bother posting until you have memorised every last word.

The lame hxdef builder tool will not help you get past AV, it is simply used by n00bs who do not know how to compile ddk.

learn to program, and then you can write your own tools or at least understand what makes a program detected.

Any more lame posts in the thread and it's gonna be trashed.

<{POST_SNAPBACK}>

<{POST_SNAPBACK}>

I'm sorry:S

#96 xdccpt

xdccpt

    Private First Class

  • Members
  • 53 posts

Posted 12 June 2005 - 02:47 AM

well done mate

gonna test it

[edit] tibbar - another pointless post that falls into the Thanx! category.

#97 Kelso

Kelso

    Private First Class

  • Members
  • 51 posts

Posted 12 June 2005 - 11:23 PM

hello man very nice MASTERPEACE :]
but ive got one prob? where is the damn link :) ?
i hope av's software wont detect thats easly :blink:

P.S. neat w0rk nigger B)

[edit] tibbar - why bother replying to a dead ancient thread? i presume you wanted to increase your post count... two points for you to note. 1) no requests, 2) i hope AV's will detect it, as we do not illegal activity.

#98 kuki

kuki

    Private First Class

  • Members
  • 39 posts

Posted 12 June 2005 - 11:56 PM

hello man very nice MASTERPEACE :]
but ive got one prob? where is the damn link :) ?
i hope av's software wont detect thats easly  :blink:

P.S. neat w0rk nigger  B)

<{POST_SNAPBACK}>



another guy can't read 3cm higher to find out that it's dangerous :ph34r: to REQ for stuff :}

if i can request delete this thread ;x

#99 touk

touk

    Private First Class

  • Members
  • 94 posts

Posted 14 June 2005 - 07:59 PM

I recompiled the hacker defender rootkit

///////////////////////////////////////////////////////////////////////////////////
//isplog: Recompiled version of the Hacker Defender Rootkit                      //
///////////////////////////////////////////////////////////////////////////////////
//                                                                               //
//      Contents:       isplog.exe > main executable                             //
//                      isplog.ini > ini with settings                           //
//                      install.cmd > install file for easy install              //
//                      client.exe > client to connect to the backdoor           //
//                                                                               //
//                                                                               //
//      For more info about the use of the program,                              //
//      visit : http://rootkit.host.sk                                           //
//      Credits go to hf who made this amazing piece of software                 //
//                                                                               //
//                                                                               //
//      To get started:                                                          //
//                                                                               //
//      Open the ini file and change the password of the backdoor                //
//                                                                               //
//      You might want to change some_dir to the homedir of your servu           //
//      Make sure this is a unique name and NO PATH                              //
//      If you take for example as name uniquedir, everything with that          //
//      name will be hidden.                                                     //
//                                                                               //
//      In the ports section you can fill in the ports you want to be            //
//      hidden.                                                                  //
//                                                                               //
//      The root processes-section contains the processes that will see also     //
//      the hidden stuff. change servu.exe to name of your servu executable      //
//      If your servu service isn't serv-u than also change the hidden           //
//      services section and the hidden regkeys section.                         //
//                                                                               //
//      In the free space section you can mention HD's and the space you want to //
//      to be faked, for example                                                 //
//                                                                               //
//      [Free Space]                                                             //
//      c:1048576                                                                //
//                                                                               //
//      This will add 1048576 bytes(=1 MB) to the c drive as free space.         //
//                                                                               //
//      With client.exe you can connect to your backdoor                         //
//      eg: client ip port password                                              //
//      Port you should use is a port of an existing service. Most of the time   //
//      port 80 will be fine                                                     //
//                                                                               //
//                                                                               //
//      I did not UPX or compress any file cause some AV etc will detect that    //
//      and might give a warning. I tested these files with NAV2004 , McAfee,    //
//      Panda and Kaspersky AV. Nothing got detected!                            //
//                                                                               //
//                                                                               //
///////////////////////////////////////////////////////////////////////////////////

Have fun with it
Plz some respect, took me some time to change everything

EDIT/UPDATE
Perhaps read : http://www.governmen...t=60#entry61511 before replying

<{POST_SNAPBACK}>


jimmy, poor jimmy.... This version of hxdef has been compiled and modded by someone from TensionFXP not by you... U even didnt take the time to change the service name lol.

#100 jimmy

jimmy

    Specialist

  • Members
  • 135 posts

Posted 15 June 2005 - 01:09 AM

poor touk, very very poor touk
You are so d*mb that you never heard about aliasses


greets from jimmy aka JGS aka Luigi

#101 fk720

fk720

    Private

  • Members
  • 3 posts

Posted 15 June 2005 - 03:28 PM

I was wondering whether rootkit drops any dll ??? Is it detected ??

#102 Guest_untouchable_*

Guest_untouchable_*
  • Guests

Posted 15 June 2005 - 04:32 PM

nice tool dudue i hope it works succesfully :)

#103 vnet576

vnet576

    Specialist

  • Members
  • 1,000 posts

Posted 16 June 2005 - 02:06 AM

topic is going nowhere really, I think that everything that had to be said has been said. Rest of the posts seem to be spam posts.





Also tagged with one or more of these keywords: security, php, rootkit, backdoor