Jump to content


Photo
- - - - -

Great read on backdoors.


  • Please log in to reply
6 replies to this topic

#1 seven

seven

    SUP3R 31337 P1MP

  • Members
  • 285 posts

Posted 01 August 2007 - 10:26 AM

I am enjoying it currently, I figure why not share it with everyone else
http://0x4f4c.awards...es/Backdoor.pdf

Have a good one!

#2 thenotwist

thenotwist

    Mack Daddy 31337

  • Members
  • 216 posts

Posted 01 August 2007 - 05:41 PM

Damn that's a sweet paper! Thx for the link.

#3 Aghaster

Aghaster

    The Frenchman

  • Agents of the Revolution
  • 2,093 posts
  • Country:
  • Gender:Male
  • Location:Quebec, Canada

Posted 03 August 2007 - 01:01 PM

Except for the multiple spelling mistakes, horribly indented code, and some weird coding style, and a "1337 title", it does contain some interesting information. I've just compiled the keylogger example because it is using a different method than the one I'm currently using in the keylogger I'm working on. In fact, this guide described the GetAsyncKeyState in a loop method as being the easiest but the least efficient (and that was the method I'm using). Right, the hooking method seems better, so I'll integrate this in my code with some modifications. Good find.

#4 seven

seven

    SUP3R 31337 P1MP

  • Members
  • 285 posts

Posted 03 August 2007 - 01:41 PM

Despite that, ( I can still read it but I do agree with the spelling errors and sloppy code ) it has helped me to further understand backdoors. I hope it helps more people out.

#5 Tonto

Tonto

    Mack Daddy 31337

  • Banned
  • 206 posts

Posted 03 August 2007 - 01:47 PM

That keylogger is just a poor corruption of this

http://web.archive.o...hp?newsid=10952

>> some weird coding style

It's patchwork. Copy + pastes from all over the web.

Nomenumbra is just an egowhore, plagiarizes, but definitely writes some good stuff anyways

#6 prick

prick

    SUP3R 31337

  • Members
  • 160 posts
  • Location:44

Posted 03 August 2007 - 01:50 PM

Right, the hooking method seems better, so I'll integrate this in my code with some modifications. Good find.


Apart from the almost guaranteed detection you'll automatically get from the majority of AV's

#7 thenotwist

thenotwist

    Mack Daddy 31337

  • Members
  • 216 posts

Posted 03 August 2007 - 02:14 PM

Right, the hooking method seems better, so I'll integrate this in my code with some modifications. Good find.


Apart from the almost guaranteed detection you'll automatically get from the majority of AV's

i used a hook in my keylogger and it's not being detected by antivir, norton, nod32 and kaspersky




BinRev is hosted by the great people at Lunarpages!