[VulnWatch] The first open source spyware

From: khaalel (khaalel_at_gmail.com)
Date: 04/18/05

  • Next message: Team SHATTER: "[VulnWatch] [AppSecInc Team SHATTER Security Advisory] Denial of Service in Oracle interMedia" 
    Date: Mon, 18 Apr 2005 20:41:23 +0200
To: full-disclosure@lists.grok.org.uk, vulnwatch@vulnwatch.org

    Hi,

    Since a few years, the number of spywares is growing up but it's
    impossible to find a spyware's code source to analyse it and better
    understand their work.

    After kruegerware's (and its child) diffusion, I'm introducing you the
    first open source spyware.

    My goal is not to help people writing more and more spywares but to
    show some people that spywares are not "magic" stuff (like I can see
    on differents web sites) and are so easy to code. Besides, Virus
    generators already exist, why spywares generators could not exist?

    For the moment, KSpyware can list all the installed programs, can spy
    the web sites the victim has visited, can obtain a list of e-mail
    adresses, can hijack IE's main page, and use NetSend to spam the
    victim.

    I decided to remove the function allowing the dispatch of the gleaned
    informations and the functions stopping spyware deinstallation (like
    in kruegerware).
     
    Well, here is KSpyware's code cource (in Perl) :
    http://nzeka-labs.com/hacking/KSpyware.htm

    KSpyware is under GPL (loollll) so:
    "You may copy and distribute verbatim copies of the Program's source
    code as you receive it, in any medium, provided that you conspicuously
    and appropriately publish on each copy an appropriate copyright notice
    and disclaimer of warranty; keep intact all the notices that refer to
    this License and to the absence of any warranty; and give any other
    recipients of the Program a copy of this License along with the
    Program." BUT DON'T TRY IT ON THE WEB.

    - Nzeka Gilbert aka Khaalel
    - www.nzeka-labs.com
    - Author of the french security book: "La protection des sites
    informatique face au hacking".

  • Next message: Team SHATTER: "[VulnWatch] [AppSecInc Team SHATTER Security Advisory] Denial of Service in Oracle interMedia"
    • Quantcast