domingo, 25 de agosto de 2013

Method: Facebook Email Validation

This is a method to verify if an email exists on Facebook or not, this method return information such as email, username, profile picture and url.

This method was written in PHP and Curl.

Souce code: http://adf.ly/UafJM

jueves, 22 de agosto de 2013

POC: Windows Privilege Escalation

For days report to Microsoft a proof of concept, demonstrating a method to escalate privileges on any Windows system, allows all the registered user accounts on a machine with their passwords, this is a security error and that one should not access this information, Microsoft answered me the following:

I looked over your report. Unfortunately local password guessing is not a serious enough problem for us to open a case. Microsoft suggests that you do not use a simple password, which makes brute force attacks infeasible.

This is the reason to release the source code of this proof of concept that I have developed, I hope the developers, penetration testers, researchers and stakeholders support my efforts to develop this proof of concept.

This POC was written on C# .Net 2.0 Framework Compatible, i tested this on Win7 and WinXP, but this affect all windows based.

Repositoty: WindowsPrivilegeEscalation

jueves, 15 de agosto de 2013

Preview: SSP (Simple Spread Panel)




This was a tool that was developed initially to prove that no windows is safe, easily any user of 5 browsers tested fell into the trick, the mode of infection was a simple Drive By Download, this downloaded the binary that we set on the panel and was one way to spread malware easily.


Unfortunately some Microsoft researchers ensured that I was responsible for spreading the Zeus malware and the supreme court of the United States I have a legal problem because of this.

Some hackers saw the demo that you post on a free server and they loved the panel, but in the end never sold or post your code, the panel was completely written in PHP, Javascript and HTML.

It was fun to see everyone see me as someone who could fuck their systems, but this had repercussions me, thanks to this, many believe that I am a cyber criminal, that theft accounts and credit cards, but it is not.

This demo, could easily be the basis for a new exploit pack.

Big lies that the media say: "John Doe 38, aka jheto2002, are other developers involved, writing "Web inject" code that gets the malware onto victims' computers, the complaint said. Some other defendants also were involved in developing the software." CNet

 

When you you say on an legal case,  "jheto2002, are other developers involved, writing "Web inject" code that gets the malware onto victims'", you are affirming, you are defaming, damages the public image of a person, damages their mental health, and utterly destroy job opportunities for this person, this makes you a criminal.

This is a real Zeus Code: Zeus Source Code and this crap is not mine.










Repository: SimpleSpreadPanel

lunes, 5 de agosto de 2013

Preview: MSIL Sistomerdly A

This tool is designed to protect software, is a simple destroyer resgisrty trees, is very easy to develop, but it is very effective in leaving any windows completely unusable.

This was the report that microsoft think about it http://goo.gl/suKJCV

Windows XP

Windows 7


Repository: MSIL-Sistomerdly-A

How to subscribe to our blog

Google Chrome:

1- Install this extension RSS Feed Reader
2- Add our Feed Tools Labs - RSS

FireFox:

1- Install this addon Simple RSS Reader (SRR)
2- Add our Feed Tools Labs - RSS

Preview: Google Profile Scanner v1.0

This tool was created to demonstrate that the information stored in Google+ can be easily extracted for marketing or other purposes.


Disclaimer

This blog has been created to publish spying and hacking tools, every time I finish a POC, I'll start to post those tools while brindare the possibility of buying these, the intent of this blog is not to provide tools to criminals, or associate with the black market, these tools are only for legal uses only.

Some people think I'm a cybercriminal, but I'm not, I'm just like many developers, the tools you post here, as many have the ability to do good or evil, all liability for the misuse is the responsibility of the end user.

With tools like Metasploit, BackTrack, Nessus, THC Hydra, Nmap can commit crimes, and crimes are not the fault of the developers, is the sole responsibility of the end user.

If you are a criminal, please refrain from sending business proposals, we only develop tools, what you do with them is not of our interest.

Attentively: Jheto Xekri