Irongeek

Jikto

24 posts in this topic

I might be confused but, wasn't the code released when Billy Hoffman did his JavaScript/XSS presentation at SchmooCon last week?

0

Share this post


Link to post
Share on other sites

Maybe, I don't know much about it yet as all I know I heard in the Security Now podcast.

0

Share this post


Link to post
Share on other sites

Ok, most of the pages I found via google were 404 or said the code had been taken down, but I did find it. My understanding is it's leaked and that Billy did not put it out.

0

Share this post


Link to post
Share on other sites

His company didn't want to release the code since what Jikto can do in the wrong hands. and I m not sure where to grab the code IronGeek, but I want it also so I can take a look at it since I know Java basically lol

0

Share this post


Link to post
Share on other sites

Well, I'm not sure it's the real thing but I'll contact you "Off site". Don't know if they want it linked here on BinRev since it's sort of warez (no implicit rights given to copy).

0

Share this post


Link to post
Share on other sites

i think it's javascript, not java. at least when i've heard it mentioned they were talking about js.

0

Share this post


Link to post
Share on other sites

Yes, it is Javascript.

0

Share this post


Link to post
Share on other sites

it sounds pretty incredible, but seeing as i struggle with bash it will all be lost on me. i think js might be worth learning, i hadn't thought of that before. i'll go and find a book...

0

Share this post


Link to post
Share on other sites

iceni: I bascially know all of java, javascript that's about the oonly thing I know real well right now

0

Share this post


Link to post
Share on other sites

Yes, it is Java Script.

I have the Source Code, However I'm not entirely sure how it works since i am by now means good at or a fan of Java script. If any one wants to take a look I would be happy to send it to them, although I may have to be careful since I don't want it to end up the in the hands of a bunch of skiddies.

Edited by byte
0

Share this post


Link to post
Share on other sites
Looks like Acidus has be up to something interesting

http://news.com.com/Tool+turns+unsuspectin..._3-6169034.html

Jikto sounds interesting, according to the SecurityNow podcast the code has been leaked. Anyone know where I can take a look at it?

Irongeek.. Did u finally grab the code?

here is the link for Billy's Shmoocon Presentation..

http://www.shmoocon.org/2007/videos/JavaSc...y%20Hoffman.mp4

0

Share this post


Link to post
Share on other sites

Irongeek, is there a way to detect when a browser is 'infected' with Jikto? Is the infection persistent (does Jikto run when the browser is restarted)?

0

Share this post


Link to post
Share on other sites

1. Yes, I grabbed the code, not sure I kn ow what to do with it.

2. I know less about how it works than some of you, thanks for the link to the video it should help me.

0

Share this post


Link to post
Share on other sites

http://www.binrev.com/forums/index.php?sho...c=29233&hl= <- posted days ago

http://portal.spidynamics.com/blogs/spilab...n-the-wild.aspx <- the binrev link goes here

http://logicx.net/security/jikto-source-code-situation <- a good response to the first link

I believe Billy did actually go to great lengths to protect the code, and still perform his demonstration. A testament to this is the fact that all I actually got was client-side code — I did not get the GUI control component, viewer, etc. So the piece released was incomplete, and not actually usable in its current form. I’ve not executed the code, and unless others have coded their own control/viewer component, its not that big of a deal that a small piece of it got out.
Edited by jabzor
0

Share this post


Link to post
Share on other sites

1) The code is non persistent... it was said in one of the forums by Billy that the code does its work as long as the browser is online and shuts off when the browser is closed... (Fact: the code is not injected in the browser as an activex control but just works as a javascript embedded, "as it says NO INSTALL NEEDED")

2) The viewer is an aspx file in the attackers own website... in this case (http://localhost/JiktoControl/collect.aspx) which is encoded in rot13. hence if someone created his own viewer the output would be sent to the screen and can be viewed in this viewer...

however I noticed one glitch in the code i got... the viewer code was actually commented.. which means the piece of code I received was actually modified!!!

well.. what we received was much more than enough to know whats the Grey Goo of Tomorrow!!!!

Edited by Anon-De-Anonymous
0

Share this post


Link to post
Share on other sites

I would be interested in the code as well.

0

Share this post


Link to post
Share on other sites

Did you get the code directly from the guy or did you download it somewhere?

0

Share this post


Link to post
Share on other sites

nope Billy would never give out the code.. and Logicx put it down just the next day... it has been posted on some forum where i got it...

I dont feel it would be right to post the code here.. if u want i can mail it to u

Edited by Anon-De-Anonymous
0

Share this post


Link to post
Share on other sites
Looks like Acidus has be up to something interesting

http://news.com.com/Tool+turns+unsuspectin..._3-6169034.html

Jikto sounds interesting, according to the SecurityNow podcast the code has been leaked. Anyone know where I can take a look at it?

Irongeek,

Never have had a pots or anything to you before. Just would like to say i love your site, very informative, visit it often. Keep it up!

As for your request, i myself have been VERY interested in Jikto.

I CANNOT confirm this is the real thing, but i know this site legit. So, ill let you be the judge, let me know what you think.

Take a look

http://www.hackerscenter.com/downloads/search.asp?id=1402

0

Share this post


Link to post
Share on other sites

yeah this is the code thats out everywhere... unfortunately even this one has the aspx file commented!

//http://localhost/JiktoControl/Collect.aspx?type=

//uggc://ybpnyubfg/WvxgbPbageby/Pbyyrpg.nfck?glcr=

0

Share this post


Link to post
Share on other sites

Quick question about Jikto. I have the source code (I believe same copy Iron Geek has because i was in the IRC channel while he was looking for it, and got linked to it) but i am in no means a java script expert (in fact the complete opposite)

I cant actually work out what the Jikto does to your computer - I ran it then closed my browser - and i couldn't find any trace of files left behind. Does it actually install anything to the computer it is run on? If it doesn't i dont rely see how it works.

someone care to enlighten me?

0

Share this post


Link to post
Share on other sites

it makes your computer into a zombie when your browser is still open and you go to another website it scans the server that the website is ona nd puts a log onto the site that jikto was on for each website you went onto and says if it's exploitable and such.

0

Share this post


Link to post
Share on other sites
it makes your computer into a zombie when your browser is still open and you go to another website it scans the server that the website is ona nd puts a log onto the site that jikto was on for each website you went onto and says if it's exploitable and such.

well... what would be the difference between the control.txt and the Collect.aspx

to my assumption.. control.txt takes the output of the script and collect.aspx just arranges it in a viewable format!

please correct me if i'm wrong!

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now