Author Topic: Liberty Exploit System kit  (Read 36725 times)

0 Members and 1 Guest are viewing this topic.


August 25, 2009, 12:08:51 pm
Reply #1

sursmurf

  • Special Access
  • Full Member

  • Offline
  • *

  • 68

August 25, 2009, 01:18:25 pm
Reply #2

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
Ruining the bad guy's day


August 28, 2009, 10:39:05 am
Reply #4

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
Ruining the bad guy's day

August 28, 2009, 12:18:47 pm
Reply #5

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335

control panel of Liberty exploit kit
Code: [Select]
wwwudacha.com/hi/admin.php
exploits
Code: [Select]
wwwudacha.com/hi/index.php

pdf exploit
Code: [Select]
wwwudacha.com/hi/thereRandomOver.pdfhttp://www.virustotal.com/analisis/089f849dedefae01e823c98970bbec3bf770d35c429e7b7794b2b37a0c3f7de5-1251461403 6/41

flash exploit
Code: [Select]
wwwudacha.com/hi/upAnd.swf
http://www.virustotal.com/analisis/a0c37d24adddb344c1b1372c2a50828a78f32765dc3314f0e13b6b05220da3e7-1251461454 2/41

zeus/wsnpoem v2 trojan
Code: [Select]
wwwudacha.com/hi/update.php
http://www.virustotal.com/analisis/a1fef9948b991bb6c632508beb54f3b5b2ad660b5510cc0040fa50ff8591ee11-1251461656 14/40
Ruining the bad guy's day

August 28, 2009, 12:31:32 pm
Reply #6

RS-232

  • Special Access
  • Sr. Member

  • Offline
  • *

  • 165
Quote
hxxp://xtraff.cn/scr/in.cgi?5
-> redirs to wwwudacha.com above...
Only for the "fun" of it...rs-232 aka sowhat-x aka younameit ;-)
http://www.youtube.com/watch?v=fADjY97_KTw

September 10, 2009, 08:51:10 am
Reply #7

Malware-Web-Threats

  • Special Members
  • Hero Member

  • Offline
  • *

  • 354
    • MalwareURL
Code: [Select]
libesouz.ru/pao/
libesouz.ru/pao/yearsWeb.swf
libesouz.ru/pao/hasWordsBy.pdf
libesouz.ru/pao/update.php
libesouz.ru/pao/update.exe
libesouz.ru/pao/admin.php

pdf:
Wepawet
flash:
Wepawet
exe:
Wepawet
VirusTotal -1252535823  3/41 (7.32%)

Comodo - Heur.Packed.Unknown
Microsoft - TrojanDownloader:Win32/Cutwail.AQ
Rising - Packer.Win32.Mian007.a

http://wepawet.iseclab.org/domain.php?hash=86ed513f9307e4ec8349ea63d1f9d2ba&type=js

September 12, 2009, 12:20:49 pm
Reply #8

Malware-Web-Threats

  • Special Members
  • Hero Member

  • Offline
  • *

  • 354
    • MalwareURL
Exploits:
Code: [Select]
hoooools.com/love/index.php
hoooools.com/love/sMoreUp.pdf
hoooools.com/love/ipsumUpTend.swf

Trojan:
Code: [Select]
hoooools.com/love/update.php

Control Panel:
Code: [Select]
hoooools.com/love/admin.php

Wepawet
VirusTotal - Trojan.Agent - 12/41 (29.27%)

September 12, 2009, 01:19:16 pm
Reply #9

Malware-Web-Threats

  • Special Members
  • Hero Member

  • Offline
  • *

  • 354
    • MalwareURL
Exploits:
Code: [Select]
fornistan.cn/hunter/
fornistan.cn/hunter/sureRandom.pdf
fornistan.cn/hunter/willSheets.swf

Trojan:
Code: [Select]
fornistan.cn/hunter/update.php
fornistan.cn/hunter/update.exe

Control Panel:
Code: [Select]
fornistan.cn/hunter/admin.php

http://wepawet.iseclab.org/view.php?hash=f9da5de4318b7cabb7b3e830069a7249&t=1252759094&type=js

September 12, 2009, 01:38:23 pm
Reply #10

Malware-Web-Threats

  • Special Members
  • Hero Member

  • Offline
  • *

  • 354
    • MalwareURL
Exploits:
Code: [Select]
ericwanhouse.cn/forum/
ericwanhouse.cn/forum/looksBy.pdf
ericwanhouse.cn/forum/latinInWeb.swf

Trojan:
Code: [Select]
ericwanhouse.cn/forum/update.php
ericwanhouse.cn/forum/update.exe

Control Panel:
Code: [Select]
ericwanhouse.cn/forum/admin.php

http://wepawet.iseclab.org/view.php?hash=4efd106b35edb3e6b8884ce7bf009d1c&t=1252762184&type=js

September 12, 2009, 09:44:25 pm
Reply #11

Malware-Web-Threats

  • Special Members
  • Hero Member

  • Offline
  • *

  • 354
    • MalwareURL
Exploits:
Code: [Select]
search890.com/in/index.php
search890.com/in/hAtNot.pdf
search890.com/in/galleyLorem.swf

Trojan TDSS:
Code: [Select]
search890.com/in/update.php
search890.com/in/update.exe

Control Panel:
Code: [Select]
search890.com/in/admin.php

Wepawet
VirusTotal - Trojan TDSS - 23/41 (56.10%)

http://www.malwaredomainlist.com/mdl.php?inactive=on&sort=Date&search=chen.poon1732646@yahoo.com&colsearch=All&ascordesc=ASC&quantity=100&page=0

September 13, 2009, 10:53:38 am
Reply #12

WIEx

  • Jr. Member

  • Offline
  • **

  • 34
    • Security

September 13, 2009, 11:07:01 am
Reply #13

WIEx

  • Jr. Member

  • Offline
  • **

  • 34
    • Security
Code: [Select]
http://nfovidab.cn/stat1/admin.php
login - user
pass - pass

September 13, 2009, 12:17:38 pm
Reply #14

WIEx

  • Jr. Member

  • Offline
  • **

  • 34
    • Security
Code: [Select]
http://hoooools.com/love/admin.php
user, pass