Skip navigation.
Home

kishfellow's blog

Fragus Crimepack - Source code

|

Source code for Fragus Crimepack - a recent variant of the crimepack sold for $800 USD... The archive has everything you need to build it!

Download here

RAR Password: "infected" (without quotes)

Cheers :)
Kish

Rootkit.Win32.Agent.akga - AKGA rootkit

A friend of mine was infected with this Rootkit, I thank him for contributing the sample.

He saved the sys file from a backup, and uploaded it for us at Rapidshare.

http://rapidshare.com/files/359540439/xeortd.rar

A thread discussing behavioral details, and removal instructions for the rootkit
Courtesy of Spybot S&D - http://forums.spybot.info/showthread.php?&t=55711

I tried viewing the SYS file with Wordpad (not a disassembler) and found APIs like IoDeleteDevice and APIs which are hidden.

Facebook Phisher

|

Facebook phisher - Check it out while it's hot !

Download here (Rapidshare)

Local mirror

RAR Archive Password: "infected" (without quotes)

Cheers :)
Kish

Firepack toolkit - Source code

|

Source code of an exploit pack - Firepack

Download here

RAR Archive Password: "infected" (without quotes)

P.S: Don't know if this has been posted earlier ... ;)

Cheers :)
Kish

MyDoom & Beagle Worms - Source code

|

Source code of a coule of worms that gave people a good run for their money

Download MyDoom here

Download Beagle here

RAR Archive Password: "infected" (without quotes)

P.S: Don't know if this has been posted earlier ... ;)

Cheers :)
Kish

Realmbot - Source code

|

Found this bot's source code lying in my drive, this is from 2006.

Download here

P.S: Iam still alive... up and running ...

Cheers :)
Kish

Injecto - Source code

Found this Injecto source to be lying on my hard disk, thought I'll post it here ...

Get Injecto's source here

Cheers :)
Kish

Cabir (Caribe.a) - Source code

|

Hi people, After a long time, one decent post perhaps ;)

This worm is a mobile malware, also the alias of the infamous Cabir.a

The author has originally named it Caribe.a, and this worm looks like some C/C++ code.

Ref: http://www.viruslist.com/en/viruslist.html?id=1689517

The source code as usual, is uploaded for you ;)

Download here

Cheers :)
Kish

pBot - PHP Remote File Include Bug - Web based / PHP bot

|

Speaking about PHP RFI vulns, this is a classic example.

This is a web-based bot that uses PHP as it's base, and is similar to BlackEnergy DDoS bot in terms of operating out of the web.

OC Download pBot Source code (rename extension to .rar)
Here's the Rapidshare Mirror

Cheers :)
Kish

Possible Terrorist Website ?

Just found out this blog, and I have a strong intuition that this belongs to a terrorist group (mujahideen / taliban / al-qaeda) ??

Check it out if your just as curious

Few more sites found ...

http://naseeha.wordpress.com/
http://moderatesrefuted.wordpress.com/
http://truthline.wordpress.com/
http://alkarnee.wordpress.com/

and a terrorist magazine: http://202.75.33.137/uploads/teaqny_magazine1.zip

Update: Will try to add random terrorist encryption tools download if I get my hands on them in a while ...

Cheers :)
Kish

Syndicate content