Wednesday, 19 October 2011
SpyEye C&C... Hack Them All.
Just found another vulnerable variable on the latest SpyEye frmcp, possibility to upload a shell (as usual on SpyEye) take infos from db etc..
This vulnerability is weak, i don't really care of publishing it.
There is ALOT of others way to get into latest panels.
Anyway, that short (and lame) to make a post just for that, so let's talk about some mod, recently i've hacked some panels who had unusual stuff (and not 'mod' like the bug grabber who i also see that not often) but shit like that:
The Get Info is a shortcut for the bots list
You just have to enter the guid for display infos:
The 'Bots list' is used to separate good bots from bad bots
Bad bots = normal people Facebook etc
Good bots = Bank transfer, billpay, etc
Or for recognise used bots, marking some bots as socks for example.
'Jabber' is for receive logs from certain bots
He can also setup the report interval, so each 30 mins he gets reports on jabber
Most interesting now: the Video Grabber (videograbber.dll) plugin on the frmcp
Videos are recorded in the Matroska video format and sent directly to the collector.
He can set the time max for stop recording the video etc.. on the config file
Video of a guys who log to facebook
Good quality, the video file size is arround ~383 Kb for 20secs on this panel.
download function, get files from the db:
Thank you firstname.lastname@example.org for spyeye builder and leak, but I do not find vulnerabilities for money (and i've already all your stuff btw), I do it for fun :þ (and for annoy some guys)
Would be nice to have a coffeegrabber.dll