lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: 18 Apr 2005 18:23:24 -0000
From: gilbert nzeka <dark_khaalel@...oo.fr>
To: bugtraq@...urityfocus.com
Subject: The first open source spyware




Hi,

Since a few years, the number of spywares is growing up but it's impossible to find a spyware's code source to analyse it and better understand their work.

After kruegerware's (and its child) diffusion, I'm introducing you the first open source spyware. 

My goal is not to help people writing more and more spywares but to show some people that spywares are not "magic" stuff (like I can see on differents web sites) and are so easy to code. Besides, Virus generators already exist, why spywares generators could not exist?

For the moment, KSpyware can list all the installed programs, can spy the web sites the victim has visited, can obtain a list of e-mail adresses, can hijack IE's main page, and use NetSend to spam the victim.

I decided to remove the function allowing the dispatch of the gleaned informations and the functions stopping spyware deinstallation (like in kruegerware).
 

Well, here is KSpyware's code cource (in Perl) : http://nzeka-labs.com/hacking/KSpyware.htm


KSpyware is under GPL (loollll) so:
"You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate 
copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program." BUT DON'T TRY IT ON THE WEB.



- Nzeka Gilbert aka Khaalel
- www.nzeka-labs.com
- Author of the french security book: "La protection des sites informatique face au hacking".

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ