EvilZone

Programming and Scripting => Projects and Discussion => Topic started by: imation on May 11, 2011, 12:15:57 PM

Title: Source code leaked for pricey ZeuS crimeware kit
Post by: imation on May 11, 2011, 12:15:57 PM

So as the title says, Zeus has been released into the wild.

http://www.theregister.co.uk/2011/05/10/zeus_crimeware_kit_leaked/ (http://www.theregister.co.uk/2011/05/10/zeus_crimeware_kit_leaked/)

Snippets of this have been released over the last year or so and i have a few bits of code from it.

If any body sees this available, please post the link here.

I'm not wanting it for its main use, but to look through the code and learn from it.

Title: Re: Source code leaked for pricey ZeuS crimeware kit
Post by: ca0s on May 11, 2011, 12:45:24 PM

Haven't fully checked, but:

Code: [Select]

http://krash.in/real2/zeus.rarPass: zeus

Title: Re: Source code leaked for pricey ZeuS crimeware kit
Post by: imation on May 11, 2011, 01:17:18 PM

Thank you for the link, not that i dont trust you, i WILL be using this in a vm

Title: Re: Source code leaked for pricey ZeuS crimeware kit
Post by: I_Learning_I on May 11, 2011, 01:37:58 PM

You better sandbox to, but if you're looking just for the code, what's the problem in executing unsafely?
The only possible bug I see is Winrar (forgot the name of the exploit...) but basically it would keep decompressing, similar to a fork bomb.

Title: Re: Source code leaked for pricey ZeuS crimeware kit
Post by: imation on May 11, 2011, 01:43:44 PM

Thats what i was thinking, ive seen it before.

Title: Re: Source code leaked for pricey ZeuS crimeware kit
Post by: I_Learning_I on May 11, 2011, 04:25:48 PM

In that case, GL!
Hope your VM not to have a BSoD :P
Although ca0s has already said he hasn't finished seeing, witch should mean he has opened it successfully  ^^

Title: Re: Source code leaked for pricey ZeuS crimeware kit
Post by: imation on May 11, 2011, 04:28:11 PM

Opened fine, extracted fine,

altho comments and info are in another language than english, i cannot read it due to my ignorance.

I havent virus scanned it tho but i will as there are exe in there folder system.

Code looks very good, some complex stuff i want to research further.

Title: Re: Source code leaked for pricey ZeuS crimeware kit
Post by: ca0s on May 11, 2011, 05:47:33 PM

I unrared it on slackware. The bug I knew for exploiting with .rars was only applicable to windows, and was because of it was possible to insert an UPX compressed executable and make WinRAR to execute it without asking the user.
Anyways, every protection is good with this kind of downloads. I got it from a search on google.
I leave another link, because the owner of that web might choose to remove it:
http://www.megaupload.com/?d=TR5ZW69D (http://www.megaupload.com/?d=TR5ZW69D)

Title: Re: Source code leaked for pricey ZeuS crimeware kit
Post by: imation on May 11, 2011, 06:19:19 PM

Are they the same build. I will check later when I'm home.

Title: Re: Source code leaked for pricey ZeuS crimeware kit
Post by: I_Learning_I on May 12, 2011, 01:44:18 PM

I didn't make much research of that rar exploit, I imagined it would be Winblowz only, but wasn't sure.
Thanks for the mirror, I got to download before this all disappears :O
1+ Good stuff for archive! :D