By the way,Sub 7 is a backdoor trojan horse that you can connect to a victims computer. Download it at the download center.
Here our 2 tutoirlas
The first one will tell you how to use it
The second one will tell you how to give the vicitm the virus.
READ BOTH IF YOU WANT TO KNOW HOW TO USE SUB7!!!
This tutorial will include:
1) Contents of the SubSeven 2.1.5 Package
2) Explanation of the files
3) How to configure a server.exe properly using Editserver.exe
4) The features of SubSeven 2.1.5 and what they do
This package includes:
1) SubSeven.exe (CLIENT)
2) server.exe (SERVER)
3) EditServer.exe
4) ICQMAPI.DLL*
The Features of SubSeven 2.1.5
**) New Feature: under "Local Options - Advanced" section of the
client theres a button "Test on Local Machine" which runs the server
with special restrictions (accepts localhost connections only)
1) Connection:
A) IP Scanner - Scans for IPs with an open port you specify
B) Get PC Info - All PC info, including Disk Size, Space, User etc
C) Get Home Info - Gets all Home Info the vic specifies for their
Windows Registration ( not always availible)
D) Server Options - Options pertaining to removing, changing port,
updating server, etc.
E) IP Notify - Adds a new notify method or changes the current
method on the current server
2) Keys/Messages:
A) Keyboard - Open Keylogger, get offline keys, disable keyb. etc
B) Chat - Chat with the Victim
C) Matrix - Chat with the vic matrix style (black & green design)
D) Message Manager - Sends a popup message to the vic
E) Spy - ICQ, AIM, MSN, YAHOO Instant Messenger Spies
F) ICQ Takeover - displays all installed UINs on the pc, and u can
take each one over at the click of a button
3) Advanced:
A) FTP/HTTP - turns the vic into an FTP server, ready for files to
be downloaded via ur FTP client or browser
B) Find Files - searches for a specified file type or file in the
vics pc
C) Passwords - retrieves Cached, Recorded, RAS, and ICQ/AIM Passes
D) RegEdit - Opens the vics Registry so u can fuck with it >:)
E) App Redirect - Lets you run a DOS command on the vic and shows
you the output
F) Port Redirect - adds an open port to the vic so you can "bounce"
from it using the vics host as your own, E.G.: proxy type of
contraption via IRC
4) Miscellaneous:
A) File Manager - Upload, Download, Run, and do alotta other cool
shit via this client
B) Windows Manager - Displays open windows which you can close,
disable, etc.
C) Process Manager - Shows all processes you can kill, disable,
prioritize etc.
D) Text-2-Speech - Messes with the Text2Speech engine on the vics
pc, you type, it talks
E) Clipboard Manager - View, change, empty the vics clipboard
F) IRC Bot - Connects an IRC bot from the vic to an IRC server of
choice
5) Fun Manager:
A) Desktop/Webcam - Views Webcam continuous capture, a desktop
continuous preview and full screen capture
B) Flip Screen - Flips victims screen upside down, and sideways
C) Print - Prints on victims screen
D) Browser - Opens victims browser with the webpage you specify
E) Resolution - Changes victims pc resolution
F) Win Colors - Changes the victims computer colors
6) Extra Fun:
A) Screen Saver - Changes the Vics Screensaver
B) Restart Win - Shuts down, reboots, or logs off the victim
C) Mouse - Set Mouse trails, reverse buttons, hide curson etc
D) Sound - Record from vics mic, change volume settings
E) Time/Date - Changes system time
F) Extra - A whole buncha extra shit like hide desktop, hide start
button, hide taskbar, open cd-rom etc.
7) Local Options:
A) Quality - Adjusts the quality of the Webcam/Desktop
B) Local Folder - Changes the Sub7 Local Folder
C) Skins - Skin manager for Sub7
D) Misc Options - Misc shit like toggling animation of windows etc
E) Advanced - Messes with ports used for some Sub7 Functions Dont
bother messing around
F) Run EditServer - Hmm..i wonder what this does...
How to give your victim Sub7 ??????
First try and get a victim on ICQ as you can get there IP address straight
away! Now once you have found someone, just chat to them and find out if
they have a virus scanner [if so check the below paragraph, if not just jump
that paragraph] don't jump straight into it first just give them easy
questions like "A/S/L, how are you, Do you have a pic"
then ask them about the Virus Scanner, if they say why just say becuase
about all the worms and viruses on the net, your just wondering what they
are using as you might get some! now once you know that you are ready to
give them the trap!
================================
How to disable the Virus Scanner ????????
================================
There are two ways:
1] this si the easy way, you find out what virus scanner they use, then find
the apporpriate "DAT Killer.exe" you can say it's a pic, or even a patch you
kno about for the virus scanner they have! Once they have clicked on it then
the Virus Scanner is F***ed! Now just say you have [another] pic for them
that you hope will work! or course it's the sub7 server you have created
[remember to change the icon to the Paint Shop Pro Pallet icon] now once
they double click on it "bang!" they are caught!
2] Just give them the server straight away as a pic, once they say it's a
Virus. Blag your way around it. Say it must of become corrupt! on the
download but it should still work!
==================================
How to connect ???????
==================================
Ok now you've done the hard part of giving them the Sub7 server saying it's
a pic [remember to change the icon to the Paint Shop Pro Pallet icon]! now
go into Sub7 and click on the IP button type on the line that says "ICQUIN"
type the victims ICQ number, then press "resolve UIN" and it will give you
there IP number, go back to the main screen and put in the IP on the "IP/UIN
box" now in the box next to that put in the port you set the server to
[27374 is the default] now click connect and your should be in!
Have fun!
What is SQL Injection
SQL injection refers to the act of someone inserting a MySQL statement to be run on your database without your knowledge. Injection usually occurs when you ask a user for input, like their name, and instead of a name they give you a MySQL statement that you will unknowingly run on your database.
SQL Injection Example
Below is a sample string that has been gathered from a normal user and a bad user trying to use SQL Injection. We asked the users for their login, which will be used to run a SELECT statement to get their information.
MySQL & PHP Code:// a good user's name
$name = "timmy";
$query = "SELECT * FROM customers WHERE username = '$name'";
echo "Normal: " . $query . "
";
// user input that uses SQL Injection
$name_bad = "' OR 1'";
// our MySQL query builder, however, not a very safe one
$query_bad = "SELECT * FROM customers WHERE username = '$name_bad'";
// display what the new query will look like, with injection
echo "Injection: " . $query_bad;
Display:
Normal: SELECT * FROM customers WHERE username = 'timmy'Injection: SELECT * FROM customers WHERE username = '' OR 1''
The normal query is no problem, as our MySQL statement will just select everything from customers that has a username equal to timmy.
However, the injection attack has actually made our query behave differently than we intended. By using a single quote (') they have ended the string part of our MySQL query
username = ' '
and then added on to our WHERE statement with an OR clause of 1 (always true).
username = ' ' OR 1
This OR clause of 1 will always be true and so every single entry in the "customers" table would be selected by this statement!
More Serious SQL Injection Attacks
Although the above example displayed a situation where an attacker could possibly get access to a lot of information they shouldn't have, the attacks can be a lot worse. For example an attacker could empty out a table by executing a DELETE statement.
MySQL & PHP Code:$name_evil = "'; DELETE FROM customers WHERE 1 or username = '";
// our MySQL query builder really should check for injection
$query_evil = "SELECT * FROM customers WHERE username = '$name_evil'";
// the new evil injection query would include a DELETE statement
echo "Injection: " . $query_evil;
Display:
SELECT * FROM customers WHERE username = ' '; DELETE FROM customers WHERE 1 or username = ' '
If you were run this query, then the injected DELETE statement would completely empty your "customers" table. Now that you know this is a problem, how can you prevent it?
For more info, please visit http://www.tizag.com/
• SPEED: Fiber optic networks operate at high speeds - up into the gigabits
• BANDWIDTH: large carrying capacity
• DISTANCE: Signals can be transmitted further without needing to be "refreshed" or strengthened.
• RESISTANCE: Greater resistance to electromagnetic noise such as radios, motors or other nearby cables.
• MAINTENANCE: Fiber optic cables costs much less to maintain.
Fiber Optic types :
Single Mode cable is a single stand (most applications use 2 fibers) of glass fiber with a diameter of 8.3 to 10 microns that has one mode of transmission. Single Mode Fiber with a relatively narrow diameter, through which only one mode will propagate typically 1310 or 1550nm. Carries higher bandwidth than multimode fiber, but requires a light source with a narrow spectral width. Synonyms mono-mode optical fiber, single-mode fiber, single-mode optical waveguide, uni-mode fiber.
Single Modem fiber is used in many applications where data is sent at multi-frequency (WDM Wave-Division-Multiplexing) so only one cable is needed - (single-mode on one single fiber)
Single-mode fiber gives you a higher transmission rate and up to 50 times more distance than multimode, but it also costs more. Single-mode fiber has a much smaller core than multimode. The small core and single light-wave virtually eliminate any distortion that could result from overlapping light pulses, providing the least signal attenuation and the highest transmission speeds of any fiber cable type.
Single-mode optical fiber is an optical fiber in which only the lowest order bound mode can propagate at the wavelength of interest typically 1300 to 1320nm.
Multi-Mode cable has a little bit bigger diameter, with a common diameters in the 50-to-100 micron range for the light carry component (in the US the most common size is 62.5um). Most applications in which Multi-mode fiber is used, 2 fibers are used (WDM is not normally used on multi-mode fiber). POF is a newer plastic-based cable which promises performance similar to glass cable on very short runs, but at a lower cost.
Multimode fiber gives you high bandwidth at high speeds (10 to 100MBS - Gigabit to 275m to 2km) over medium distances. Light waves are dispersed into numerous paths, or modes, as they travel through the cable's core typically 850 or 1300nm. Typical multimode fiber core diameters are 50, 62.5, and 100 micrometers. However, in long cable runs (greater than 3000 feet [914.4 meters), multiple paths of light can cause signal distortion at the receiving end, resulting in an unclear and incomplete data transmission so designers now call for single mode fiber in new applications using Gigabit and beyond.
1) An IP address is an identifier that is assigned at the Internet layer to an interface or a set of interfaces. Each IP address can identify the source or destination of IP packets.
2) 2 types of IP address :
* Public IP address
Public IP Addresses (also known as Static IP Addresses) are IP addresses that are visible to the public.Because these ip addresses are public, they allow other people to know about and access your computer, like a Web server.
* Private IP address
These addresses can be used on a private network, but they’re not routable through the public Internet. This not only creates a measure of much-needed security, but it also conveniently saves valuable IP address space.
RFC 1918 defines the following address prefixes for the private address space:
*
10.0.0.0/8 (10.0.0.0, 255.0.0.0)
Allows the following range of valid IPv4 unicast addresses: 10.0.0.1 to 10.255.255.254. The 10.0.0.0/8 address prefix has 24 host bits that you can use for any addressing scheme within a private organization.
*
172.16.0.0/12 (172.16.0.0, 255.240.0.0)
Allows the following range of valid IPv4 unicast addresses: 172.16.0.1 to 172.31.255.254. The 172.16.0.0/12 address prefix has 20 host bits that you can use for any addressing scheme within a private organization.
*
192.168.0.0/16 (192.168.0.0, 255.255.0.0)
Allows the following range of valid IPv4 unicast addresses: 192.168.0.1 to 192.168.255.254. The 192.168.0.0/16 address prefix has 16 host bits that you can use for any addressing scheme within a private organization.
3) Example of IP address :
The IPv4 address 11000000101010000000001100011000 is expressed as 192.168.3.24 in dotted decimal notation. To convert an IPv4 address from binary notation to dotted decimal notation, you:
*
Segment it into 8-bit blocks: 11000000 10101000 00000011 00011000
*
Convert each block to decimal: 192 168 3 24
*
Separate the blocks with periods: 192.168.3.24
For more information, please visit at http://technet.microsoft.com/en-us/library/bb726995.aspx
2) 2 types of IP address :
* Public IP address
Public IP Addresses (also known as Static IP Addresses) are IP addresses that are visible to the public.Because these ip addresses are public, they allow other people to know about and access your computer, like a Web server.
* Private IP address
These addresses can be used on a private network, but they’re not routable through the public Internet. This not only creates a measure of much-needed security, but it also conveniently saves valuable IP address space.
RFC 1918 defines the following address prefixes for the private address space:
*
10.0.0.0/8 (10.0.0.0, 255.0.0.0)
Allows the following range of valid IPv4 unicast addresses: 10.0.0.1 to 10.255.255.254. The 10.0.0.0/8 address prefix has 24 host bits that you can use for any addressing scheme within a private organization.
*
172.16.0.0/12 (172.16.0.0, 255.240.0.0)
Allows the following range of valid IPv4 unicast addresses: 172.16.0.1 to 172.31.255.254. The 172.16.0.0/12 address prefix has 20 host bits that you can use for any addressing scheme within a private organization.
*
192.168.0.0/16 (192.168.0.0, 255.255.0.0)
Allows the following range of valid IPv4 unicast addresses: 192.168.0.1 to 192.168.255.254. The 192.168.0.0/16 address prefix has 16 host bits that you can use for any addressing scheme within a private organization.
3) Example of IP address :
The IPv4 address 11000000101010000000001100011000 is expressed as 192.168.3.24 in dotted decimal notation. To convert an IPv4 address from binary notation to dotted decimal notation, you:
*
Segment it into 8-bit blocks: 11000000 10101000 00000011 00011000
*
Convert each block to decimal: 192 168 3 24
*
Separate the blocks with periods: 192.168.3.24
For more information, please visit at http://technet.microsoft.com/en-us/library/bb726995.aspx
i) Subnetting is a set of techniques that you can use to efficiently divide the address space of a unicast address prefix for allocation among the subnets of an organization network.
ii)The fixed portion of a unicast address prefix includes the bits up to and including the prefix length that have a defined value. The variable portion of a unicast address prefix includes the bits beyond the prefix length that are set to 0.
iii)Example of subnet : 131.107.192.0/18 (Class B)
The key information in this chapter is the following:
*
Subnetting is a set of techniques that you can use to efficiently allocate the address space of one or more unicast address prefixes among the subnets of an organization network.
*
To determine the subnet prefix of an IPv4 address configuration in prefix length notation (w.x.y.z/n), retain the n high-order bits, set all the remaining bits to 0, and then convert the result to dotted decimal notation. To determine the subnet prefix of an IPv4 address configuration in subnet mask notation, perform a bit-wise logical AND between the IPv4 address and its subnet mask.
*
When determining the number of host ID bits in an IPv4 address prefix to use for subnetting, choose more subnets over more hosts per subnet if you have more possible host IDs than are practical to use on a given subnet.
*
To subnet an IPv4 address prefix, use either binary or decimal methods as described in this chapter to enumerate the subnetted address prefixes and the ranges of usable IPv4 addresses for each subnet.
*
Variable length subnetting is a technique of creating subnetted IPv4 address prefixes that use prefix lengths of different sizes.
*
To subnet an IPv6 global address prefix, use either hexadecimal or decimal methods as described in this chapter to enumerate the subnetted address prefixes
ii)The fixed portion of a unicast address prefix includes the bits up to and including the prefix length that have a defined value. The variable portion of a unicast address prefix includes the bits beyond the prefix length that are set to 0.
iii)Example of subnet : 131.107.192.0/18 (Class B)
The key information in this chapter is the following:
*
Subnetting is a set of techniques that you can use to efficiently allocate the address space of one or more unicast address prefixes among the subnets of an organization network.
*
To determine the subnet prefix of an IPv4 address configuration in prefix length notation (w.x.y.z/n), retain the n high-order bits, set all the remaining bits to 0, and then convert the result to dotted decimal notation. To determine the subnet prefix of an IPv4 address configuration in subnet mask notation, perform a bit-wise logical AND between the IPv4 address and its subnet mask.
*
When determining the number of host ID bits in an IPv4 address prefix to use for subnetting, choose more subnets over more hosts per subnet if you have more possible host IDs than are practical to use on a given subnet.
*
To subnet an IPv4 address prefix, use either binary or decimal methods as described in this chapter to enumerate the subnetted address prefixes and the ranges of usable IPv4 addresses for each subnet.
*
Variable length subnetting is a technique of creating subnetted IPv4 address prefixes that use prefix lengths of different sizes.
*
To subnet an IPv6 global address prefix, use either hexadecimal or decimal methods as described in this chapter to enumerate the subnetted address prefixes
Transmission Control Protocol / Internet Protocol (TCP/IP)
- Computer network protocols created in the 1970's by DARPA,an agency of the United States Departmet.
- TCP/IP is a network protocols that enable computers to communicate over network.
- Its provide end-end connectivity specifying how data should formatted,addressed,transmitted,routed and received at the destination.
- TCP/IP Layer
- i) Link Layer
+networking scope of the local network connection to which a host is attached
+The processes of transmitting and receiving packets on a given link can be controlled both in the software device driver for the network card
ii) Internet Layer
+solves the problem of sending packets across one or more networks.this process is called routing.
+performs 2 basic functions (Host addressing and identification and Packet routing)
iii) Transport Layer
+End-to-end message transfer capabilities independent of the underlying network, along with error control, segmentation, flow control, congestion control, and application addressing (port numbers).
iv) Application Layer
+refers to the higher-level protocols used by most applications for network communication.