Rocksolid Light

Welcome to RetroBBS

mail  files  register  newsreader  groups  login

Message-ID:  

Psychoanalysis is that mental illness for which it regards itself a therapy. -- Karl Kraus


rocksolid / Hacking / try add malware on a pdf file for win 10

SubjectAuthor
* try add malware on a pdf file for win 10pr3tino
`* Re: try add malware on a pdf file for win 10trw
 `* Re: try add malware on a pdf file for win 10pr3tino
  `* Re: try add malware on a pdf file for win 10394829384029
   `- Re: try add malware on a pdf file for win 10pr3tino

1
try add malware on a pdf file for win 10

<23519772ae89272cc07ea01ae35effb9$1@bchz4vggexx63qvy.onion>

 copy mid

https://www.rocksolidbbs.com/rocksolid/article-flat.php?id=10&group=rocksolid.shared.hacking#10

 copy link   Newsgroups: rocksolid.shared.hacking
Path: i2pn2.org!rocksolid2!.POSTED.localhost!not-for-mail
From: pr3tino@rslight.i2p (pr3tino)
Newsgroups: rocksolid.shared.hacking
Subject: try add malware on a pdf file for win 10
Date: Sun, 17 Feb 2019 01:31:16 -0000 (UTC)
Organization: NovaBBS
Message-ID: <23519772ae89272cc07ea01ae35effb9$1@bchz4vggexx63qvy.onion>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Sun, 17 Feb 2019 01:31:16 -0000 (UTC)
Injection-Info: novabbs.com; posting-account="pr3tino"; posting-host="localhost:127.0.0.1";
logging-data="30724"; mail-complaints-to="usenet@novabbs.com"
 by: pr3tino - Sun, 17 Feb 2019 01:31 UTC

can someone help me embeded a malware as a data stream on a pdf file for
windows 10
--
Posted on Rocksolid Light.

Re: try add malware on a pdf file for win 10

<76159d40f50fc16db9f59b1afb65bb58@def4>

 copy mid

https://www.rocksolidbbs.com/rocksolid/article-flat.php?id=11&group=rocksolid.shared.hacking#11

 copy link   Newsgroups: rocksolid.shared.hacking
Path: i2pn2.org!rocksolid2!def5!POSTED.localhost!not-for-mail
From: trw@anon.com (trw)
Newsgroups: rocksolid.shared.hacking
Message-ID: <76159d40f50fc16db9f59b1afb65bb58@def4>
Subject: Re: try add malware on a pdf file for win 10
Date: Sun, 17 Feb 2019 07:49:43+0000
Organization: def5
In-Reply-To: <23519772ae89272cc07ea01ae35effb9$1@bchz4vggexx63qvy.onion>
References: <23519772ae89272cc07ea01ae35effb9$1@bchz4vggexx63qvy.onion>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
 by: trw - Sun, 17 Feb 2019 07:49 UTC

Hello pr3tino,

this is an ambitious task that you set for yourself here. In order to help some, I have two questions:
1) what do you want to accomplish here ?
2) what is the security weakness on the guest system you want to exploit ?

cheers

trw

Posted on def4

Re: try add malware on a pdf file for win 10

<830d53de1d9d324f44a370a7e9b4df3f$1@bchz4vggexx63qvy.onion>

 copy mid

https://www.rocksolidbbs.com/rocksolid/article-flat.php?id=12&group=rocksolid.shared.hacking#12

 copy link   Newsgroups: rocksolid.shared.hacking
Path: i2pn2.org!rocksolid2!.POSTED.localhost!not-for-mail
From: pr3tino@rslight.i2p (pr3tino)
Newsgroups: rocksolid.shared.hacking
Subject: Re: try add malware on a pdf file for win 10
Date: Sun, 17 Feb 2019 23:08:19 -0000 (UTC)
Organization: NovaBBS
Message-ID: <830d53de1d9d324f44a370a7e9b4df3f$1@bchz4vggexx63qvy.onion>
References: <23519772ae89272cc07ea01ae35effb9$1@bchz4vggexx63qvy.onion> <76159d40f50fc16db9f59b1afb65bb58@def4>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Sun, 17 Feb 2019 23:08:19 -0000 (UTC)
Injection-Info: novabbs.com; posting-account="pr3tino"; posting-host="localhost:127.0.0.1";
logging-data="31557"; mail-complaints-to="usenet@novabbs.com"
 by: pr3tino - Sun, 17 Feb 2019 23:08 UTC

for the first, i prepare a challenge for my CEH class.
the second, i don't have access to the win 10 PC yes, It's seem like a PC
well patched maybe with anti virus.

I'll use Prorat and Zeus simple
--
Posted on Rocksolid Light.

Re: try add malware on a pdf file for win 10

<40e632a3bbf2dc96c5c4e24293e15418@def4>

 copy mid

https://www.rocksolidbbs.com/rocksolid/article-flat.php?id=13&group=rocksolid.shared.hacking#13

 copy link   Newsgroups: rocksolid.shared.hacking
Path: i2pn2.org!rocksolid2!def5!POSTED.localhost!not-for-mail
From: 394829384029@anon.com (394829384029)
Newsgroups: rocksolid.shared.hacking
Message-ID: <40e632a3bbf2dc96c5c4e24293e15418@def4>
Subject: Re: try add malware on a pdf file for win 10
Date: Mon, 18 Feb 2019 19:28:43+0000
Organization: def5
In-Reply-To: <830d53de1d9d324f44a370a7e9b4df3f$1@bchz4vggexx63qvy.onion>
References: <830d53de1d9d324f44a370a7e9b4df3f$1@bchz4vggexx63qvy.onion>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
 by: 394829384029 - Mon, 18 Feb 2019 19:28 UTC

>for the first, i prepare a challenge for my CEH class.

heh, nice. so i guess that the challenge for your class is to catch the file somehow before you can smuggle it to the computer(s) in question. and if they don't manage, your rat will execute automatically.

>the second, i don't have access to the win 10 PC yes,

in this case you will have to make assumptions about the installed software (especially the one used to read pdf files).

>It's seem like a PC well patched maybe with anti virus.
>I'll use Prorat and Zeus simple

If you use known rats, you will have to encrypt/change the bin code, otherwise the antivirus program will spot them. The easiest way to do this is to recompile them, putting in some junk code (maybe that is already part of their functionality, I have not dealt with them).

For the actual inserting: if you want to insert a binary file into the pdf, I think one of the easier ways is to embed a large picture into the pdf, and then to inject the file into that with a hexeditor of your choice. Of course the picture will look weird after that, and this will have to be justified in case you have suspicious users.
And of course, this will not execute the file in any way, it will just make it part of the pdf. If you want it to be executed, you need to find some bug in the pdf displaying program that you can exploit.
As mentioned, I think this is quite ambitious, and if you want to use a 0day, also costly (or you find it yourself...).

Posted on def4

Re: try add malware on a pdf file for win 10

<34e05e76341a80904252a382425a6a30$1@bchz4vggexx63qvy.onion>

 copy mid

https://www.rocksolidbbs.com/rocksolid/article-flat.php?id=14&group=rocksolid.shared.hacking#14

 copy link   Newsgroups: rocksolid.shared.hacking
Path: i2pn2.org!rocksolid2!.POSTED.localhost!not-for-mail
From: pr3tino@rslight.i2p (pr3tino)
Newsgroups: rocksolid.shared.hacking
Subject: Re: try add malware on a pdf file for win 10
Date: Tue, 19 Feb 2019 04:27:55 -0000 (UTC)
Organization: NovaBBS
Message-ID: <34e05e76341a80904252a382425a6a30$1@bchz4vggexx63qvy.onion>
References: <830d53de1d9d324f44a370a7e9b4df3f$1@bchz4vggexx63qvy.onion> <40e632a3bbf2dc96c5c4e24293e15418@def4>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Tue, 19 Feb 2019 04:27:55 -0000 (UTC)
Injection-Info: novabbs.com; posting-account="pr3tino"; posting-host="localhost:127.0.0.1";
logging-data="46942"; mail-complaints-to="usenet@novabbs.com"
 by: pr3tino - Tue, 19 Feb 2019 04:27 UTC

Ok thank you
i gonna play around these steps, i'll come back with what i find as result.

--
Posted on Rocksolid Light.

1
server_pubkey.txt

rocksolid light 0.9.7
clearnet tor