Warning: This happens to be an OFF Topic Post, sort of a rant.
It's too bad that we didn't see the potential to develop something similar here in Offensive computing, even upon a bare idea and some small support from one guy who said it's a nice idea to have a standard for testing AVs
Today this is here on ...
Just felt like, aww, that's something I thought, and it never materialzed ;)
The Mpack toolkit has been uploaded to rapidshare. I searched the database and found only the dreamhack tool (the compiled form) and I thought it would make sense to upload the source for our members ;)
Click here to download the source code from Rapidshare
OC Download c0ff6e3db8afa6bf598e54afe351d795 (rename extension to .rar)
Just tried it on a machine, the contents of the archive are,
This is a bot used to scan for Cisco devices.
A sample of Black Energy DDoS bot has been uploaded to rapidshare.
Since the file is a live sample (executable), i have used the standard password "infected" for the archive.
A detailed analysis with disassembly, and relevant details from Jose Nazario (Arbor)
Interesting part of this bot is that it uses HTTP port (80) to carry out activities, and uses Linux based code, off of PHP/mySQL.
Got some old firewall killer source code in delphi (dates back to 2001)
Some PoC firewall killing code by Ferruh Mavituna (famous for his SQL Inject Cheatsheet)
Most of it has been coded in 2004, still worth a look.
Check out http://ferruh.mavituna.com for some stuff.
Actually the topic name is false, so is the file name ...
KAV with latest updates says this thing got more than 25 malware samples in it.
People who are curious can probe into this thing, what I find funny is the fact that there's SQL inject and other PSW type malware which makes it sound like a good AiO for malware collectors too.
Perhaps unsuspecting people will open it right away on a physical machine thinking they're gonna get msn passes, thereby pwning their boxes, and others as well.
The archive contains both the source code and compiled binaries.
Harvecter's mirror: http://rapidshare.com/files/51140556/harvecter_bot.rar.html
The mirror contains a group of files, while the original source code pointed
has only one file.