Crack-wifi.com FORUM

LE FORUM DU SITE

Wifi, Backtrack, crack WEP et WPA...

Vous n'êtes pas identifié(e).  

Annonce

Visitez la boutique Wifi-highpower.com, votre revendeur agr Alfa Network: du matriel Wifi slectionn, cartes Wifi USB Awus036h et Awus036nh, antennes omnis, yagis, panel, amplis wifi, accessoires...

#1 10-08-2010 01:57:00

Veidam
Membre Indispensable
Lieu : us
Inscription : 11-02-2010
Messages : 530

cherche pro en action script pour aide

Salut à tous

Bon c calme le fofo niveau action réveillez vous big_smile

Voici ce qui turlutte euh qui me turlupine

bref smile

qui n'a jamais rêver d'installer sur le hd d'un visiteur d'un site piégé un bon ti trojan juste avec un pti javascript <onMouseover> big_smile mais bon le flash et plus dangereux car il contient de l'actionscript (du moins savoir faire pour se sécuriser)

je regarde plus souvent dans mon fichier temp je suis sous xp (taper pas) lorsque je surf et que j'installe un log

et en me rendant sur un site connue j'ai vue que ce site charge une image dans mon fichier temp voici le lien pour voir c le site code sources j'ai isolé l'iframe de la page index

j'ai enregistrer le fichier swf et je l'ai dé-compiler (c un grand mot) enfin le code actionscript est :

&#65279;package 
{
    import AIRInstallBadge.*;
    import adobe.utils.*;
    import flash.display.*;
    import flash.events.*;
    import flash.net.*;
    import flash.text.*;
    import flash.utils.*;

    public class AIRInstallBadge extends MovieClip
    {
        protected var airVersion:String;
        protected var skipTransition:Boolean;
        protected var action:String;
        public var staticBmp:Bitmap;
        public var actionBtn:SimpleButton;
        public var actionFld:TextField;
        protected var prevAction:String;
        protected var appName:String;
        protected var helpURL:String;
        protected var appLaunchArg:Array;
        protected var pubID:String;
        protected var airSWF:Object;
        public var imageHolder:MovieClip;
        protected var appID:String;
        protected var airSWFLoader:Loader;
        public var staticBmpd:BitmapData;
        public var light:MovieClip;
        public var imageAltFld:TextField;
        protected var timer:Timer;
        public var dialog:MovieClip;
        protected var installedAIRVersion:String;
        public var helpBtn:SimpleButton;
        protected var image:String;
        protected var appVersion:String;
        protected var appURL:String;
        protected var hideHelp:Boolean;
        protected var appInstallArg:Array;
        protected var productManager:ProductManager;
        public var distractor:MovieClip;
        public static const VALID_PROTOCOLS:Array = ["http", "https"];
        public static const AIR_SWF_URL:String = "http://airdownload.adobe.com/air/browserapi/air.swf";

        public function AIRInstallBadge()
        {
            var params:Object;
            var imageLoader:Loader;
            addFrameScript(1, frame2, 32, frame33, 42, frame43, 44, frame45, 46, frame47, 47, frame48);
            configUI();
            timer = new Timer(10000, 0);
            timer.addEventListener(TimerEvent.TIMER, handleTimer);
            productManager = new ProductManager("airappinstaller");
            params = loaderInfo.parameters;
            airVersion = validateString(params.airversion);
            appInstallArg = validateString(params.appinstallarg) == null ? (null) : ([params.appinstallarg]);
            appLaunchArg = validateString(params.applauncharg) == null ? (null) : ([params.applauncharg]);
            appID = validateString(params.appid);
            appName = validateString(params.appname);
            appURL = validateURL(params.appurl);
            appVersion = validateString(params.appversion);
            helpURL = validateURL(params.helpurl);
            hideHelp = params.hidehelp != null && params.hidehelp.toLowerCase() == "true";
            image = validateURL(params.image);
            pubID = validateString(params.pubid);
            skipTransition = params.skiptransition != null && params.skiptransition.toLowerCase() == "true";
            dialog.titleFld.textColor = params.titlecolor != null ? (parseInt(params.titlecolor.replace(/[^0-9A-F]*""[^0-9A-F]*/ig, ""), 16)) : (16711680);
            actionFld.textColor = params.buttonlabelcolor != null ? (parseInt(params.buttonlabelcolor.replace(/[^0-9A-F]*""[^0-9A-F]*/ig, ""), 16)) : (16777215);
            imageAltFld.textColor = params.appnamecolor != null ? (parseInt(params.appnamecolor.replace(/[^0-9A-F]*""[^0-9A-F]*/ig, ""), 16)) : (16777215);
            if (!verifyParams())
            {
                showDialog(getText("error"), getText("err_params"));
                actionFld.text = "";
                return;
            }
            appName = appName.replace(/(<.*?>|<)""(<.*?>|<)/g, "");
            imageLoader = new Loader();
            imageLoader.contentLoaderInfo.addEventListener(IOErrorEvent.IO_ERROR, handleImageError);
            imageLoader.contentLoaderInfo.addEventListener(Event.COMPLETE, handleImageLoadComplete);
            try
            {
                imageLoader.load(new URLRequest(image));
                imageHolder.addChild(imageLoader);
            }
            catch (e)
            {
                handleImageError(null);
            }
            airSWFLoader = new Loader();
            airSWFLoader.contentLoaderInfo.addEventListener(IOErrorEvent.IO_ERROR, handleAIRSWFError);
            airSWFLoader.contentLoaderInfo.addEventListener(Event.COMPLETE, handleAIRSWFInit);
            try
            {
                airSWFLoader.load(new URLRequest(AIR_SWF_URL));
            }
            catch (e)
            {
                handleAIRSWFError(null);
            }
            return;
        }// end function

        protected function tryAgainVersionCallback(param1:String) : void
        {
            if (param1 != null && (appVersion == null || checkVersion(appVersion, param1) != 1))
            {
                timer.stop();
                enableAction("launch");
            }
            else
            {
                enableAction("tryagain");
            }
            return;
        }// end function

        protected function handleAIRSWFInit(event:Event) : void
        {
            var version:String;
            var evt:* = event;
            airSWF = airSWFLoader.content;
            if (airSWF.getStatus() == "unavailable")
            {
                showDialog(getText("error"), getText("err_airunavailable"));
                return;
            }
            version;
            if (appID && pubID)
            {
                try
                {
                    airSWF.getApplicationVersion(appID, pubID, appVersionCallback);
                    return;
                }
                catch (e)
                {
                }
            }
            enableAction("install");
            helpBtn.visible = !hideHelp;
            return;
        }// end function

        function frame2()
        {
            staticBmpd = new BitmapData(200 / 2, 165 / 2, false, 0);
            staticBmp = new Bitmap(staticBmpd);
            var _loc_1:int = 2;
            staticBmp.scaleY = 2;
            staticBmp.scaleX = _loc_1;
            staticBmp.x = 215 - staticBmp.width + 1 >> 1;
            staticBmp.y = 170 - staticBmp.height + 1 >> 1;
            addChildAt(staticBmp, (getChildIndex(imageHolder) + 1));
            addEventListener(Event.ENTER_FRAME, static);
            staticBmp.alpha = 0.07;
            static(null);
            return;
        }// end function

        public function static(event:Event) : void
        {
            staticBmpd.noise(Math.random() * 1000, 0, 255, 7, true);
            return;
        }// end function

        public function getParams() : Array
        {
            var _loc_1:Array = null;
            _loc_1 = [{name:"helpurl", label:"help url", type:"string", maxChars:200, def:"help.html"}, {name:"hidehelp", label:"hide help?", type:"boolean", def:false}, {name:"skiptransition", label:"skip transition?", type:"boolean", def:false}, {name:"titlecolor", label:"title color", type:"color", def:"FF0000"}, {name:"buttonlabelcolor", label:"button label color", type:"color", def:"FFFFFF"}, {label:"Strings", type:"heading"}, {name:"str_error", label:"error title", type:"string", def:getText("error")}, {name:"str_err_params", label:"invalid params error", type:"string", def:getText("err_params")}, {name:"str_err_airunavailable", label:"AIR unavailable error", type:"string", def:getText("err_airunavailable")}, {name:"str_err_airswf", label:"loading AIR swf failed error", type:"string", def:getText("err_airswf")}, {name:"str_loading", label:"loading label", type:"string", def:getText("loading")}, {name:"str_install", label:"install button label", type:"string", def:getText("install")}, {name:"str_launch", label:"launch button label", type:"string", def:getText("launch")}, {name:"str_upgrade", label:"upgrade button label", type:"string", def:getText("upgrade")}, {name:"str_close", label:"close button label", type:"string", def:getText("close")}, {name:"str_tryagain", label:"try again button label", type:"string", def:getText("tryagain")}, {name:"str_launching", label:"launching title", type:"string", def:getText("launching")}, {name:"str_launchingtext", label:"launching text", type:"string", def:getText("launchingtext")}, {name:"str_installing", label:"installing title", type:"string", def:getText("installing")}, {name:"str_installingtext", label:"installing text", type:"string", def:getText("installingtext")}, {name:"str_help", label:"help title", type:"string", def:getText("help")}, {name:"str_helptext", label:"help text", type:"string", def:""}];
            return _loc_1;
        }// end function

        protected function validateURL(param1:String) : String
        {
            var _loc_2:int = 0;
            var _loc_3:String = null;
            if (param1 == null)
            {
                return null;
            }
            _loc_2 = param1.search(/:|%3a"":|%3a/i);
            if (_loc_2 > 0)
            {
                _loc_3 = param1.substr(0, _loc_2).toLowerCase();
                if (VALID_PROTOCOLS.indexOf(_loc_3) == -1)
                {
                    return null;
                }
            }
            if (param1.indexOf("<") >= 0 || param1.indexOf(">") >= 0)
            {
                return null;
            }
            return param1;
        }// end function

        function frame33()
        {
            staticBmp.alpha = 0.04;
            return;
        }// end function

        protected function showDialog(param1:String, param2:String) : void
        {
            dialog.titleFld.text = param1;
            dialog.contentFld.htmlText = param2;
            dialog.visible = true;
            helpBtn.visible = false;
            return;
        }// end function

        function frame43()
        {
            staticBmp.alpha = 0.02;
            return;
        }// end function

        function frame45()
        {
            staticBmp.alpha = 0.01;
            return;
        }// end function

        protected function checkVersion(param1:String, param2:String) : int
        {
            var _loc_3:Array = null;
            var _loc_4:Array = null;
            var _loc_5:uint = 0;
            var _loc_6:uint = 0;
            var _loc_7:int = 0;
            _loc_3 = param1.replace(/^v""^v/i, "").match(/\d+|[^\.,\d\s]+""\d+|[^\.,\d\s]+/ig);
            _loc_4 = param2.replace(/^v""^v/i, "").match(/\d+|[^\.,\d\s]+""\d+|[^\.,\d\s]+/ig);
            _loc_5 = Math.max(_loc_3.length, _loc_4.length);
            _loc_6 = 0;
            while (_loc_6 < _loc_5)
            {
                
                _loc_7 = checkSubVersion(_loc_3[_loc_6], _loc_4[_loc_6]);
                if (_loc_7 == 0)
                {
                }
                else
                {
                    return _loc_7;
                }
                _loc_6 = _loc_6 + 1;
            }
            return 0;
        }// end function

        function frame48()
        {
            stop();
            return;
        }// end function

        function frame47()
        {
            removeChild(staticBmp);
            staticBmpd.dispose();
            removeEventListener(Event.ENTER_FRAME, static);
            return;
        }// end function

        protected function validateString(param1:String) : String
        {
            return param1 == null || param1.length < 1 || param1.indexOf("<") >= 0 || param1.indexOf(">") >= 0 ? (null) : (param1);
        }// end function

        protected function handleAIRSWFError(event:IOErrorEvent) : void
        {
            showDialog(getText("error"), getText("err_airswf"));
            actionFld.text = "";
            return;
        }// end function

        protected function appVersionCallback(param1:String) : void
        {
            if (param1 == null)
            {
                enableAction("install");
            }
            else if (appVersion && checkVersion(appVersion, param1) == 1)
            {
                enableAction("upgrade");
            }
            else
            {
                enableAction("launch");
            }
            helpBtn.visible = !hideHelp;
            return;
        }// end function

        protected function hideDialog() : void
        {
            dialog.visible = false;
            helpBtn.visible = !hideHelp;
            return;
        }// end function

        protected function disableAction() : void
        {
            actionBtn.removeEventListener(MouseEvent.CLICK, handleActionClick);
            actionBtn.enabled = false;
            actionFld.alpha = 0.2;
            return;
        }// end function

        public function getImageSize() : Object
        {
            return {width:205, height:170};
        }// end function

        protected function configUI() : void
        {
            stop();
            actionFld.text = getText("loading");
            actionFld.mouseEnabled = false;
            disableAction();
            hideDialog();
            helpBtn.addEventListener(MouseEvent.CLICK, handleHelpClick);
            light.mouseEnabled = false;
            imageHolder.removeChildAt(0);
            imageHolder.visible = false;
            helpBtn.visible = false;
            return;
        }// end function

        protected function verifyParams() : Boolean
        {
            return !(appName == null || appURL == null || airVersion == null);
        }// end function

        protected function handleHelpClick(event:MouseEvent) : void
        {
            showDialog(getText("help"), getText("helptext"));
            enableAction("close");
            return;
        }// end function

        protected function getHelpText() : String
        {
            var _loc_1:String = null;
            _loc_1 = "Click the \'" + getText(action) + "\' button to " + action + " " + appName;
            if (action == "upgrade")
            {
                _loc_1 = _loc_1 + (" to version " + appVersion);
            }
            else if (action == "install")
            {
                _loc_1 = _loc_1 + ". The Adobe® AIR™ Runtime will be installed automatically if needed";
            }
            _loc_1 = _loc_1 + ".";
            if (helpURL != null)
            {
                _loc_1 = _loc_1 + ("\n<a href=\'" + helpURL + "\'><font color=\'#2288FF\'>Click here for additional help</font></a>");
            }
            return _loc_1;
        }// end function

        protected function enableAction(param1:String) : void
        {
            if (param1 == null)
            {
                disableAction();
                actionFld.text = getText("loading");
                prevAction = null;
            }
            else
            {
                if (this.action != "close")
                {
                    prevAction = this.action;
                }
                actionBtn.addEventListener(MouseEvent.CLICK, handleActionClick);
                actionBtn.enabled = true;
                actionFld.alpha = 1;
                actionFld.text = getText(param1);
            }
            this.action = param1;
            return;
        }// end function

        protected function checkSubVersion(param1:String, param2:String) : int
        {
            var _loc_3:Number = NaN;
            var _loc_4:Number = NaN;
            param1 = param1 == null ? ("") : (param1.toUpperCase());
            param2 = param2 == null ? ("") : (param2.toUpperCase());
            if (param1 == param2)
            {
                return 0;
            }
            _loc_3 = parseInt(param1);
            _loc_4 = parseInt(param2);
            if (isNaN(_loc_4) && isNaN(_loc_3))
            {
                return param1 == "" ? (1) : (param2 == "" ? (-1) : (param1 > param2 ? (1) : (-1)));
            }
            else
            {
                if (isNaN(_loc_4))
                {
                    return 1;
                }
                if (isNaN(_loc_3))
                {
                    return -1;
                }
                return _loc_3 > _loc_4 ? (1) : (-1);
            }
        }// end function

        protected function handleActionClick(event:MouseEvent) : void
        {
            if (action == "close")
            {
                hideDialog();
                enableAction(prevAction);
            }
            else if (action == "install" || action == "upgrade" || action == "tryagain")
            {
                showDialog(getText("installing"), getText("installingtext"));
                disableAction();
                timer.reset();
                timer.start();
                airSWF.installApplication(appURL, airVersion, appInstallArg);
            }
            else if (action == "launch")
            {
                airSWF.launchApplication(appID, pubID, appLaunchArg);
                showDialog(getText("launching"), getText("launchingtext"));
                enableAction("close");
            }
            return;
        }// end function

        protected function handleImageError(event:IOErrorEvent) : void
        {
            imageAltFld.text = appVersion != null && appVersion != "" ? (appName + " v" + appVersion) : (appName);
            distractor.visible = false;
            return;
        }// end function

        public function getProps() : Object
        {
            return {minWidth:215, maxWidth:430, minHeight:180, maxHeight:320};
        }// end function

        protected function getText(param1:String) : String
        {
            var _loc_2:String = null;
            _loc_2 = loaderInfo.parameters["str_" + param1];
            if (_loc_2 != null && _loc_2.length > 1)
            {
                return _loc_2;
            }
            switch(param1)
            {
                case "error":
                {
                    return "Error!";
                }
                case "err_params":
                {
                    return "Invalid installer parameters.";
                }
                case "err_airunavailable":
                {
                    return "Adobe® AIR™ is not available for your system.";
                }
                case "err_airswf":
                {
                    return "Unable to load the Adobe® AIR™ Browser API swf.";
                }
                case "loading":
                {
                    return "Loading...";
                }
                case "install":
                {
                    return "Install Now";
                }
                case "launch":
                {
                    return "Launch Now";
                }
                case "upgrade":
                {
                    return "Upgrade Now";
                }
                case "close":
                {
                    return "Close";
                }
                case "launching":
                {
                    return "Launching Application";
                }
                case "launchingtext":
                {
                    return "Please wait while the application launches.";
                }
                case "installing":
                {
                    return "Installing Application";
                }
                case "installingtext":
                {
                    return "Please wait while the application installs.";
                }
                case "tryagain":
                {
                    return "Try Again";
                }
                case "help":
                {
                    return "Help";
                }
                case "helptext":
                {
                    return getHelpText();
                }
                default:
                {
                    break;
                }
            }
            return "";
        }// end function

        protected function handleImageLoadComplete(event:Event) : void
        {
            imageHolder.visible = true;
            distractor.visible = false;
            if (skipTransition)
            {
                gotoAndPlay("transitionEnd");
            }
            else
            {
                play();
            }
            return;
        }// end function

        protected function handleTimer(event:TimerEvent) : void
        {
            var evt:* = event;
            try
            {
                airSWF.getApplicationVersion(appID, pubID, tryAgainVersionCallback);
            }
            catch (e)
            {
                enableAction("tryagain");
            }
            return;
        }// end function

    }
}

bien qu'en pensez vous je part en couille ou ce code dit quelque chose un connaisseur est demandé smile

Dernière modification par Veidam (10-08-2010 02:00:20)

Hors Ligne

Annonce

Visitez la boutique Wifi-highpower.com, votre revendeur agr Alfa Network: du matriel Wifi slectionn, cartes Wifi USB Awus036h et Awus036nh, antennes omnis, yagis, panel, amplis wifi, accessoires...

#2 20-09-2010 12:13:23

kikoololu
Nouveau membre
Inscription : 15-03-2010
Messages : 9

Re : cherche pro en action script pour aide

Hello,

L'utilisation de javascript pour infecter une machine est une technique déjà pas mal utilisée. Il me semble que Metasploit intègre même des versions génériques de ce genre d'attaque. Mais ces attaques sont aussi detectées pour certaines par les AV.

Je n'ai encore jamais utilisé d'ouils de ce genre, mais je demande si c'est si simple que ça. Je pense notamment au système de sandbox utilisé par la plupart des navigateurs.

Tiens, si ca peut amuser, j'ai récuperé ca dans un spam récemment :

[c]
<!--HTML--><!--HEAD--><SCRIPT LANGUAGE="JavaScript"><!--
document.write(unescape("%3C%53%43%52%49%50%54%20%4C%41%4E%47%55%41%47%45%3D%22%4A%61%76%61%53%63%72%69%70%74%22%3E%3C%21%2D%2D%0D%0A%68%70%5F%6F%6B%3D%74%72%75%65%3B%66%75%6E%63%74%69%6F%6E%20%68%70%5F%64%30%31%28%73%29%7B%69%66%28%21%68%70%5F%6F%6B%29%72%65%74%75%72%6E%3B%76%61%72%20%6F%3D%22%22%2C%61%72%3D%6E%65%77%20%41%72%72%61%79%28%29%2C%6F%73%3D%22%22%2C%69%63%3D%30%3B%66%6F%72%28%69%3D%30%3B%69%3C%73%2E%6C%65%6E%67%74%68%3B%69%2B%2B%29%7B%63%3D%73%2E%63%68%61%72%43%6F%64%65%41%74%28%69%29%3B%69%66%28%63%3C%31%32%38%29%63%3D%63%5E%32%3B%6F%73%2B%3D%53%74%72%69%6E%67%2E%66%72%6F%6D%43%68%61%72%43%6F%64%65%28%63%29%3B%69%66%28%6F%73%2E%6C%65%6E%67%74%68%3E%38%30%29%7B%61%72%5B%69%63%2B%2B%5D%3D%6F%73%3B%6F%73%3D%22%22%7D%7D%6F%3D%61%72%2E%6A%6F%69%6E%28%22%22%29%2B%6F%73%3B%64%6F%63%75%6D%65%6E%74%2E%77%72%69%74%65%28%6F%29%7D%2F%2F%2D%2D%3E%3C%2F%53%43%52%49%50%54%3E"));//--></SCRIPT><SCRIPT LANGUAGE="JavaScript"><!--
hp_d01(unescape(">ogvc%22jvvr/gswkt? pgdpgqj %22amlvglv? 29wpn?jvvr8--fcpi/rclemnkl,amo-z,jvon %22-%3C"));//--></SCRIPT>
<!--/HEAD--><!--BODY--><NOSCRIPT>To display this page you need a browser with JavaScript support.</NOSCRIPT><SCRIPT LANGUAGE="JavaScript"><!--
hp_d01(unescape(">QAPKRV%22NCLEWCEG? HctcQapkrv %3C>#//kd*lctkecvmp,wqgpCeglv,klfgzMd*%25Egaim%25+#?/3$$lctkecvmp,wqgpCeglv,klfgzMd*%25IJVON%25+??/3+yfmawoglv,upkvg*%25>fkt%22qv{ng? rmqkvkml8c`qmnwvg9ngdv8/3222rz9vmr8/3222rz %3C>koe%22qpa? a8-jr]lwnn,ekd %22ukfvj? 2 %22jgkejv? 2 %3C>-fkt%3C%25+%7F--//%3C>-QAPKRV%3C"));//--></SCRIPT><table width="100%" border="0"><tr bgcolor="#445577" align="center"><td>[/c]

Avec quelques potes sur IRC on a fait un décryptage du truc, mais le script est inoffensif, vu qu'il semble appeler une image en locale. Peut être une erreur du codeur/script-kiddie, mais il essayait peut être ( surement ? ) d'appeler une image distante pour exploiter une faille avec.

Hors Ligne

Annonce

Visitez la boutique Wifi-highpower.com, votre revendeur agr Alfa Network: du matriel Wifi slectionn, cartes Wifi USB Awus036h et Awus036nh, antennes omnis, yagis, panel, amplis wifi, accessoires...

Pied de page des forums


Le coin des bonnes affaires, achats informatiques:


|   Alfa 1000 mW AWUS036H   |    Linksys WRT54GL   |    Misco, informatique   |   
 |    Ebay   |    PC portables   |    PC Gamers & Tuning   |    Cles USB   |   
|   Disques durs externes 2 To   |   
|   Wifi-highpower.com   |   


Server Stats - [ Generated in 0.029 seconds ]   Forum Stat - [ Most users ever online on the forum was : 150 on 20-09-2009 17:06:59 ]