EvilZone
Programming and Scripting => Assembly - Embedded => Topic started by: covetous.eyes on January 26, 2013, 09:22:29 PM
-
I coded some funny demo what robbing a bank :P . (iBank software from ex-USSR)
Algorithm:
* identify software «iBank 2» in JavaVM SE
* inject DLL in JavaVM SE
* save all keypass in file by keyloggers
* splice WinAPI GetFileAttributesExW
* in new spliced GetFileAttributesExW finding signature "iBKS" on beginning of file.
* save results of work «iBank 2» (screenshot, keylog, keystore)
* open "robbed" in folder
SourceCode In FASM + PureBASIC :D Sourcedode in Pastebin: DLL (http://pastebin.com/BDHxuH21), EXE (http://pastebin.com/XHbN8wJH)
Sorry for my English.
-
I don't get this... maybe put up a screenshot of how it works?
-
It simple one what inject DLL in Java SE (only x86) memory space then save filekey, screenshot and keypress. You can test it on this site - https://my.ukrsibbank.com/ua/sme/operations/staraccess/login/. But you haven`t key. It`s not problem because all real keys for iBank has signatire iBKS in begginning of file (you can create in text exitor this "key". Of course, this "key" is invalid but for test it`s ok). This program has not user interface(only icon in taskbar with "Exit" option).
Firstly program show messagebox with text "I`m found running iBank2`s login window"
Then you open your bank key and write your password what my injected DLL save in own folder. When you close "iBank2`s login window", then you will see one of these message: on good way - "Now user have closing iBank2`s login window.\nNow bank is robbed! :-)" or in bad way - "Now user have closing iBank2`s login window,\nbut it don`t use file key"(if user logged in by USB token or another sucks). In good way this demo open forder with 3 files: screenshot, keystore and keylog.
-
I don't get this... maybe put up a screenshot of how it works?
Yeah...I don't understand this myself :P
-
Then more simple: it`s banker(trojan horse for bank robbing) what has not rootkit but has messageboxes in main functions :)
-
What is the goal/action/point of this app?
-
What is the goal/action/point of this app?
Steal key from bank java applet and show you it.
-
So it's a keylogger.
-
I am still having some hard time understanding wtf it really is. And your grammar isn't helping too.\
Also what kind of a fucked up bank uses applets for internet banking!
-
???
-
Also what kind of a fucked up bank uses applets for internet banking!
Many banks from ex-USSR use "iBank". iBank uses applets for internet banking.
BIFIT is company, what developed "iBank" http://www.bifit.com/ru/ - (in russian)
-
So I can use this to hack banks from the ex-USSR? :P
-
So I can use this to hack banks from the ex-USSR?
No, you can use this to hack client of banks from the ex-USSR :)
-
No, you can use this to hack client of banks from the ex-USSR :)
Lol, time to hack some ex-USSR clients! :P
-
lol guys, there is not much to this to not understand. You go to a bank and you sneak in the vault and steal the keys from within. It's just like that