Author Topic: Source code leaked for pricey ZeuS crimeware kit (Read 3626 times)

imation · « **on:** May 11, 2011, 12:15:57 PM »

So as the title says, Zeus has been released into the wild.

http://www.theregister.co.uk/2011/05/10/zeus_crimeware_kit_leaked/

Snippets of this have been released over the last year or so and i have a few bits of code from it.

If any body sees this available, please post the link here.

I'm not wanting it for its main use, but to look through the code and learn from it.

ca0s · « **Reply #1 on:** May 11, 2011, 12:45:24 PM »

Haven't fully checked, but:

Code: [Select]

http://krash.in/real2/zeus.rarPass: zeus

imation · « **Reply #2 on:** May 11, 2011, 01:17:18 PM »

Thank you for the link, not that i dont trust you, i WILL be using this in a vm

I_Learning_I · « **Reply #3 on:** May 11, 2011, 01:37:58 PM »

You better sandbox to, but if you're looking just for the code, what's the problem in executing unsafely?
The only possible bug I see is Winrar (forgot the name of the exploit...) but basically it would keep decompressing, similar to a fork bomb.

imation · « **Reply #4 on:** May 11, 2011, 01:43:44 PM »

Thats what i was thinking, ive seen it before.

I_Learning_I · « **Reply #5 on:** May 11, 2011, 04:25:48 PM »

In that case, GL!
Hope your VM not to have a BSoD

Although ca0s has already said he hasn't finished seeing, witch should mean he has opened it successfully ^^

imation · « **Reply #6 on:** May 11, 2011, 04:28:11 PM »

Opened fine, extracted fine,

altho comments and info are in another language than english, i cannot read it due to my ignorance.

I havent virus scanned it tho but i will as there are exe in there folder system.

Code looks very good, some complex stuff i want to research further.

ca0s · « **Reply #7 on:** May 11, 2011, 05:47:33 PM »

I unrared it on slackware. The bug I knew for exploiting with .rars was only applicable to windows, and was because of it was possible to insert an UPX compressed executable and make WinRAR to execute it without asking the user.
Anyways, every protection is good with this kind of downloads. I got it from a search on google.
I leave another link, because the owner of that web might choose to remove it:
http://www.megaupload.com/?d=TR5ZW69D

imation · « **Reply #8 on:** May 11, 2011, 06:19:19 PM »

Are they the same build. I will check later when I'm home.

I_Learning_I · « **Reply #9 on:** May 12, 2011, 01:44:18 PM »

I didn't make much research of that rar exploit, I imagined it would be Winblowz only, but wasn't sure.
Thanks for the mirror, I got to download before this all disappears :O
1+ Good stuff for archive!

Author Topic: Source code leaked for pricey ZeuS crimeware kit (Read 3626 times)

imation

Source code leaked for pricey ZeuS crimeware kit

ca0s

Re: Source code leaked for pricey ZeuS crimeware kit

imation

Re: Source code leaked for pricey ZeuS crimeware kit

I_Learning_I

Re: Source code leaked for pricey ZeuS crimeware kit

imation

Re: Source code leaked for pricey ZeuS crimeware kit

I_Learning_I

Re: Source code leaked for pricey ZeuS crimeware kit

imation

Re: Source code leaked for pricey ZeuS crimeware kit

ca0s

Re: Source code leaked for pricey ZeuS crimeware kit

imation

Re: Source code leaked for pricey ZeuS crimeware kit

I_Learning_I

Re: Source code leaked for pricey ZeuS crimeware kit