links for 2010-05-29
May 29, 2010
Leave a comment
-
nice tools for SQL Injecting, interesting thing about this tools is that it's writes by Iranian, and I like the name's of this tools, 'Havij'
-
!!!!
Archive
Archive for May, 2010
Program for Dll-Injection
May 24, 2010
Leave a comment
Few days ago I created a program to make injecting a dll file into the process that running on the system easier, I created this program actually for testing bigger project related to API Hooking so if you need this tools too download it from bottom link.
it combinational of C and C++ feature and Windows API and compiled in VC++ 2008, the source code also included.
Fujack Malware
May 12, 2010
2 comments
After long delay today I found a free time for post something to this blog. few days ago bad thing happened to me , my computer infected by a malware called ”Win32/Fujacks.BK” by NOD32 anti-virus and you can found other names by other anti-viruses here. it infected all executable file in my computer and well this crazy me at that time so I scan my system with NOD32 it found lot of infected file but unfortunately it cannot clean them completely and some part of malware remain in executable files, it make me more crazier, I just uninstalled that trashy software and after that an idea get to my mind, why don’t create my remover to clean every infected file?
After analyzing some infected file I understand that the maleware used simple method it just add original executable file at the end of itself as an Overlay, I must just find position of overlay data and then extracted them to disk. I used TitanEngine for this purpose because it’s well-designed and I don’t need to create it again
so you can download my tools + source from bottom link
Notice that I used PellesC resizer library for making my program window resize able I know I’m very lazy to write my resizer, so if you used other compiler change ResizableDialogBox function to DialogBox if you don’t have this library.
another thing I forgot to say is that if you found any bug tell me to fix in next version.
