Long time ago i posted about Pro-Rat, and how bad guys(!?) use it to hack into others pcs!!
Now what about retrieving information about those evil people :D
Now what about retrieving information about those evil people :D
according to the rat server i got (1.9 FIX-18):
This Registry :
HKEY_CURRENT_USER\Software\Microsoft\Windows NT Script Host\Microsoft DxDiag\WinSettings
Inside it resides the info u need, all the info are encrypted by xor!!! in this occasion xored by 01h
You can retrieve sensitive info about the attacker (his email,ip,report victim site..etc).
Then i got one more thing ,if u get to the cgi site(if the attacker setuped one) then replace that cgi file with log.dat and u can get all the victims ips!!
(or you just run the server and monitor its activities it with ethereal)
Enjoy the hunt!
You can retrieve sensitive info about the attacker (his email,ip,report victim site..etc).
Then i got one more thing ,if u get to the cgi site(if the attacker setuped one) then replace that cgi file with log.dat and u can get all the victims ips!!
(or you just run the server and monitor its activities it with ethereal)
Enjoy the hunt!
Labels: Networking, prorat, Security
Smilar pages
posted by buggycoder at 8:39 AM
0 Comments:
Post a Comment
<< Home