Categories
- Home
- Movie Theater Films You Can Play Online Streaming!...
- TV SHOW LINKS and Live Streaming Channels
- Anime Collection: All In English Dubbed/Audio
- Documentary Heaven Full Educational Films on All ...
- Free PS3 Dynamic Themes -151 Themes Total So Far.....
- The Hacker Manifesto and The Quantum Hackers Manif...
- Anonymous A History of #Anon-op Freedom Hacktivism...
- Soft Mod/ Console Hacking Tutorials
- Game Piracy and Other Misc, Files
- The Ultimate Hack Tutorial
- Hacktivism Playlist
search the site
Sunday, September 18, 2011
Vulnerability Discovered in SpyEye Botnet, Exploit Available for Download
Blind SQL injection Vulnerability Discovered in SpyEye Botnet by S4(uR4 ( r00tw0rm.com )
Exploit :
Vulnn type : Blind SQL injection
vuln script : frm_cards_edit.php
Affected version : ALL
May use any botnet from : https://spyeyetracker.abuse.ch/monitor.php
What is SpyEye ?
W32/SpyEye
Aliases : This is a list of aliases for the variant of SpyEye discovered in early February 2011 that has been actively targeting Norwegian banking websites:
Trojan-Spy.Win32.SpyEyes.evg (Kaspersky)
PWS-Spyeye.m (McAfee)
Trojan:Win32/EyeStye.H (Microsoft)
A variant of Win32/Spy.SpyEye.CA (NOD32)
W32/Malware.QOOC (Norman)
Trojan.Zbot (Symantec)
Mal_Xed-24 (Trend Micro)
Brief overview
SpyEye is a trojan with backdoor capabilities that attempts to steal sensitive information related to online banking and credit card transactions from an infected machine. SpyEye is sold via its author in an easy to configure kit form, which contains the trojan executable itself, command and control (C&C) server and basic configuration for targeting banking websites. As of the beginning of 2011, SpyEye has merged functionality from the ZeuS trojan family, which has been sold to the SpyEye author, and is now becoming more sophisticated with respect to the features and functionality offered.
SpyEye can potentially utilise a number of techniques in order to obtain a users online banking credentials, typically employing a phishing-style attack by presenting a faked logon web page, which is usually based on the original logon page from the bank, but that has additional HTML form fields and JavaScript inserted within, in order to obtain logon credentials that are not normally part of the logon process, such as PIN/TAN codes. A copy of the HTTP POST request is sent to the SpyEye C&C server, from which an attacker can extract the banking credentials or credit card details, and start conducting their own fraudulent transactions.
Download Exploit
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment