Hi there, due to a recent tweet of Mikko H, regarding my 'pwning'
I've gived a fuck inside some private AV Checkers with my mate Pr0zAk due to a recent blog post of ScriptKiddieSec, finaly a big one appear vulnerable. (and it's also the first time i get into a private av checker)
virtest is a known service to help criminals to determine if their malwares are detected or not.
If you know SpyEye, the C&C of this one got a feature for communicate with the service.
Dumped login.php of virtest
Palevo.biz is also part of the network
Part of the palevo sql dump
Needless to say i've a full copy on my hard drive of sites content with huges sql db who take a very long time to get (virtest & palevo)
Inside virtest from a pwned account (not pwned with hash cracking but with another tricks)
I wonder how many accounts i will get if i decide to 'door' the login page with a mail() function each time someone try to connect on the service, maybe it's time to fear for bad guys who use these service :þ
Main page when logged:
Exploit pack check:
Scan history (yeah the guys who have this account seem spend a lot of money for check files):
Full undetect malware
File info>General info:
'See file' contain the first bytes of your file
File info>filetype ident:
File info>filetype diagram:
File info>PE structure
Delete log history:
Anyway guys, same remark i've says to Peter Severa & friend: learn to secure your windows (yeah lol) if you do criminal business...
Also, a colleague at MalwareIntelligence (maybe with me) will do a speak/presentation if approved on Private AV Checkers at source conference
Advertising of virtest guys:
Advertising of palevo.biz guys: