Today, I got a direct email from [email protected] title with “‘bombing’ Breaking News @ Northern Chan State”. It’s zipped with WinRAR : named NamKham.rar.

Inside … namkham bombrcs.doc

The SCR file type is primarily associated with ‘Script’. In November 2007 the SCR file extension started to be used to transmit a Trojan. As a script or a screen saver this file can execute other files which carry the Trojan. The SCR file may be embedded within a ZIP file which could also contain a file with a double extension.

It’s really simple fake trojan, then i scanned and analyst it. WoW It’s fuck trojan lo.. 😀 I don’t know how many people they hacked with this kind of techniques. I don’t want to point out who they are… but I know something ‘One thing is special’…

Result are as follow:

 

Attack to PlanetCreator by Trojan

Explore More

Open University Malaysia (OUM)’s Web Vulnerability

PlanetCreator had informed OUM’s XSS Vulnerability CODE http://www.planetcreator.net/2009/11/critical-xss-vulnerability-on-open-university-malaysia/ But nobody cares , How come they all wana do like this so shit! Where is OUM’s Wemaster? Sleeping @ Camp? Yeah,

Read More

What is “Clickjacking“? The latest Adobe Flash clipboard hijack attack

A new Web attacks is now in the wild. It’s named clickjacking – as discussed at the OWASP NYC AppSec 2008 Conference. Clickjacking is actually clipboard hijacking by adobe flash

Read More

Joomla Administrator Login BruteForcer for v1.0 and v1.5

#!/usr/bin/python# Joomla Administrator Login BruteForcer for v1.0 and v1.5 # Feel free to do whatever you want with this code!# Share the c0de! # Darkc0de Team # www.darkc0de.com # rsauron[at]gmail[dot]com

Read More