Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [06.02.2018 20:21:24] <ZeTa on ROck> hello bro
- [06.02.2018 20:21:26] <ZeTa on ROck> you there
- [06.02.2018 20:21:42] <ZeTa on ROck> there
- [06.02.2018 20:34:44] <ZeTa on ROck> you busy
- [06.02.2018 20:35:30] <papiros> ?OTRv23?
- papiros@prv.st/ has requested an Off-the-Record private conversation <https://otr.cypherpunks.ca/>. However, you do not have a plugin to support that.
- See https://otr.cypherpunks.ca/ for more information.
- [06.02.2018 20:35:35] <papiros> hi
- [06.02.2018 20:35:46] <ZeTa on ROck> i message you on exploit.in
- [06.02.2018 20:35:50] <ZeTa on ROck> about lan spreader
- [06.02.2018 20:36:13] <papiros> You can hold 5 minutes?
- [06.02.2018 20:37:08] <ZeTa on ROck> ok bro
- [06.02.2018 20:46:33] <papiros> okay im here
- [06.02.2018 20:46:35] <papiros> sorry for the wait
- [06.02.2018 20:46:40] <papiros> how can i help you ?
- [06.02.2018 20:46:42] <papiros> you have OTR ?
- [06.02.2018 20:46:55] <ZeTa on ROck> i have pgp
- [06.02.2018 20:47:07] <papiros> you dont have OTR plugin for jabber ?
- [06.02.2018 20:47:11] <ZeTa on ROck> nope
- [06.02.2018 20:47:18] <ZeTa on ROck> only pgp
- [06.02.2018 20:47:21] <ZeTa on ROck> do you have it
- [06.02.2018 20:47:40] <papiros> i do not actually , but we will talk here
- [06.02.2018 20:47:55] <papiros> You know who I am on exploit yes?
- [06.02.2018 20:47:57] <ZeTa on ROck> pgp is better than otr
- [06.02.2018 20:48:05] <papiros> I sell Dark Moon Banking Bot
- [06.02.2018 20:48:17] <ZeTa on ROck> what of LAN spreader
- [06.02.2018 20:48:18] <papiros> But I read your topic in virusology section and you say you are looking for lan spreader
- [06.02.2018 20:49:12] <ZeTa on ROck> yes bro
- [06.02.2018 20:49:27] <papiros> tell me more about what exactly you need
- [06.02.2018 20:50:12] <ZeTa on ROck> now i want to escalate to different pc in LAN
- [06.02.2018 20:50:29] <ZeTa on ROck> and auto install my stub and obtain RDP details
- [06.02.2018 20:50:31] <ZeTa on ROck> also
- [06.02.2018 20:51:06] <papiros> hmm
- [06.02.2018 20:51:29] <papiros> For RDP details, it will need to bruteforce the login
- [06.02.2018 20:51:33] <papiros> you understand , right?
- [06.02.2018 20:51:59] <ZeTa on ROck> so is ony bruteforce can be use
- [06.02.2018 20:52:05] <ZeTa on ROck> to get the rdp
- [06.02.2018 20:52:26] <papiros> in my opinion, yes
- [06.02.2018 20:52:44] <ZeTa on ROck> okay are you a coder or selling for a coder
- [06.02.2018 20:52:58] <papiros> the credentials are protected behind an NTLM Cabinet so its not realistic to crack that, you need to bruteforce RDP
- [06.02.2018 20:53:02] <papiros> I am the coder
- [06.02.2018 20:53:37] <ZeTa on ROck> Good then you will understand me more better
- [06.02.2018 20:53:50] <ZeTa on ROck> bro do you know how nanocore works on intranet
- [06.02.2018 20:54:02] <ZeTa on ROck> using dns google to communicate out
- [06.02.2018 20:54:26] <ZeTa on ROck> can somethng like that be done to banking bot
- [06.02.2018 20:54:40] <ZeTa on ROck> and it will run through memory
- [06.02.2018 20:54:51] <ZeTa on ROck> is it possible first?
- [06.02.2018 20:56:05] <ZeTa on ROck> are you busy?
- [06.02.2018 20:56:28] <papiros> sorry , i am here , just talking to 4 people at once now in jabber , bad time but we can talk , haha
- [06.02.2018 20:56:49] <ZeTa on ROck> ok let me leave that and go straight to what i need
- [06.02.2018 20:57:09] <ZeTa on ROck> i need good LAN spreader that can bypass firewall and endpoint
- [06.02.2018 20:57:32] <papiros> the banking bot itself cannot be modified, a DLL can be written as a plugin but editting the communication mechanism of a bot that is already made is not realistic and very dangerous as most malware is poorly written like panda and having a DLL which changes its communciation protocol can cause it crash
- [06.02.2018 20:57:54] <papiros> I can make you a plugin for my bot which uses DNS to communicate to google to outside if you need
- [06.02.2018 20:58:20] <papiros> My bot has a memory loader already there, its possible
- [06.02.2018 20:58:26] <ZeTa on ROck> cool
- [06.02.2018 20:58:30] <papiros> On top of that, the LAN spreader, I can provide for you too
- [06.02.2018 20:58:35] <ZeTa on ROck> wow
- [06.02.2018 20:58:37] <papiros> However
- [06.02.2018 20:58:53] <ZeTa on ROck> bro you are my best dealer now
- [06.02.2018 20:59:00] <papiros> If I am coding the lan spreader, I cannot work on other plugins as I dont like to focus on more than one project at a time as then ill never get any work done
- [06.02.2018 20:59:10] <papiros> so I need to do one at a time since i am just 1 guy
- [06.02.2018 20:59:24] <ZeTa on ROck> Ok lets face LAN spreader
- [06.02.2018 20:59:48] <papiros> Sounds good to me
- [06.02.2018 20:59:54] <ZeTa on ROck> and i hope it will be able to spread my stub i load to it
- [06.02.2018 21:00:02] <papiros> So like
- [06.02.2018 21:00:28] <papiros> With the lan spreader , do you want me to make a builder or are you okay to have builds over jabber ?
- [06.02.2018 21:01:39] <ZeTa on ROck> let me tell you what need on it
- [06.02.2018 21:02:21] <papiros> Basically, I will add your stub into an encrypted section of the main Loader, it will execute the stub from memory or load it to disk based on your needs, but i recommend loading from memory. I will make a 2 stage dropper for the payload so that it wont get detected when its executing from memory
- [06.02.2018 21:03:12] <ZeTa on ROck> and be able to accept at least 2 stub or 3 stub to load
- [06.02.2018 21:04:03] <ZeTa on ROck> and must be able to bypass firewall and endpoint antivirus
- [06.02.2018 21:04:59] <ZeTa on ROck> there is two ways i want it to work by sending from outside to a victim on LAN
- [06.02.2018 21:05:19] <ZeTa on ROck> and from his pc it will be able to spread to rest pc on LAN
- [06.02.2018 21:05:24] <ZeTa on ROck> secondly
- [06.02.2018 21:05:56] <ZeTa on ROck> when being within the network and am trying to scan for pc and be able to infect needed pc
- [06.02.2018 21:06:15] <ZeTa on ROck> can it work like that
- [06.02.2018 21:06:17] <ZeTa on ROck> ?
- [06.02.2018 21:08:50] <papiros> So
- [06.02.2018 21:09:00] <papiros> this can be a bit complicated actually
- [06.02.2018 21:12:35] <papiros> This spreader would be very intrusive in the network regardless of how its made, it will trigger many points of endpoint antivirus, i will need to deploy exploit killchain into the project in order to elevate privileges, to make this application runtime FUD (if thats what you want) it can be fairly difficult but do-able
- IF you want it to acccept any amount of stubs then i will need to give you builds over jabber as I can manually encrypt the stubs and add them to the section of the spreader compressed to keep the bin size down.
- Spreading on his PC to the LAN will be possible, I can include many methodologies and persistent topologies of network spreading, it will be an interesting project as there is many ways to approach this.
- With regards to sending data outside the LAN, if we manage to capture access to the WAP, we can easily alter DNS settings with admin privileges to communicate with our outside c&c , but its a complicated task
- [06.02.2018 21:13:43] <papiros> Does this interest you?
- [06.02.2018 21:13:52] <ZeTa on ROck> yea
- [06.02.2018 21:14:05] <ZeTa on ROck> but you know LAN am talking about is intranet
- [06.02.2018 21:14:05] <papiros> There is a problem though
- [06.02.2018 21:14:09] <ZeTa on ROck> a Banking network
- [06.02.2018 21:14:15] <papiros> of course man , haha am not stupid
- [06.02.2018 21:14:23] <papiros> i know exactly what you are trying to do
- [06.02.2018 21:14:25] <ZeTa on ROck> good so most host is block
- [06.02.2018 21:14:40] <ZeTa on ROck> it has to use 443 and dns to communicate
- [06.02.2018 21:14:51] <ZeTa on ROck> good
- [06.02.2018 21:14:55] <papiros> yes , but we can relay a communication through the local DNS to the outside world
- [06.02.2018 21:15:10] <ZeTa on ROck> good
- [06.02.2018 21:15:11] <papiros> 443 is SSL
- [06.02.2018 21:15:14] <papiros> its possible
- [06.02.2018 21:15:21] <papiros> We can use OpenSSL for encrypted communication
- [06.02.2018 21:15:23] <ZeTa on ROck> am happy you are intelligent good coder
- [06.02.2018 21:16:41] <papiros> So the problem is
- [06.02.2018 21:16:48] <papiros> The time that it would take me to code this
- [06.02.2018 21:17:27] <papiros> this is a relatively big project as there is many features that you are asking for , and several complex scenarios that you want to be implemented, as well as a stable exploit kill chain , to implement it without BSOD or Kernel panic
- [06.02.2018 21:17:45] <papiros> to be runtime FUD and resilient to Endpoint protection
- [06.02.2018 21:17:48] <papiros> in a bank network
- [06.02.2018 21:17:51] <papiros> its a complex task
- [06.02.2018 21:17:58] <ZeTa on ROck> oh
- [06.02.2018 21:18:02] <ZeTa on ROck> is it possible
- [06.02.2018 21:18:04] <papiros> This project would be much more than the $2500 you stated , ask anyone
- [06.02.2018 21:18:06] <papiros> its possible
- [06.02.2018 21:18:09] <papiros> but time consumign
- [06.02.2018 21:18:18] <papiros> there would need to be a lot of testing done
- [06.02.2018 21:18:39] <papiros> but I am aware money might not be of concern to you since you bought Panda for 7500
- [06.02.2018 21:18:46] <papiros> Is it right?
- [06.02.2018 21:18:59] <ZeTa on ROck> hmmm
- [06.02.2018 21:19:02] <papiros> Is there a time frame you need this done within? so that i can manage my schedule and let you know if i can do it
- [06.02.2018 22:08:53] <ZeTa on ROck> Okay
- [06.02.2018 22:09:40] <ZeTa on ROck> like how long will it take you
- [06.02.2018 22:09:50] <papiros> For the LAN module ?
- [06.02.2018 22:09:56] <ZeTa on ROck> yes bro
- [06.02.2018 22:10:54] <papiros> Okay give me like 5 minutes, i will look at my schedule and let you know what we are looking at.
- [06.02.2018 22:12:09] <ZeTa on ROck> okay
- [06.02.2018 22:15:22] <papiros> Honestly
- [06.02.2018 22:15:26] <papiros> uhm
- [06.02.2018 22:15:39] <papiros> If i were to start today
- [06.02.2018 22:15:50] <papiros> I would probably be done by March 10-15
- [06.02.2018 22:15:59] <papiros> if I were to work weekends and weekdays
- [06.02.2018 22:16:08] <papiros> roughly 10 hours, which is normally how much i put in
- [06.02.2018 22:17:17] <ZeTa on ROck> okay
- [06.02.2018 22:17:34] <ZeTa on ROck> you mean 10hrs it can be ready if you do it
- [06.02.2018 22:18:00] <ZeTa on ROck> or 10days
- [06.02.2018 22:19:24] <papiros> no bro
- [06.02.2018 22:19:39] <papiros> I said I can have it ready by March 10-15 if I work 10 hours/day for 7 days a week
- [06.02.2018 22:20:06] <papiros> roughly 1.5 months
- [06.02.2018 22:21:23] <ZeTa on ROck> okay 1month and 5days
- [06.02.2018 22:23:52] <ZeTa on ROck> back
- [06.02.2018 22:24:18] <ZeTa on ROck> but i will need updates from you as it goes so that i wont put my mind on zero
- [06.02.2018 22:35:43] <papiros> thats fine bro, i dont plan to leave you in the dark, you will get updates from me everyday . i am always on jabber
- [06.02.2018 22:38:06] <ZeTa on ROck> ok Good my brother
- [06.02.2018 22:38:11] <ZeTa on ROck> will msg you later
- [06.02.2018 22:39:40] <papiros> we can talk about the deal now bro , or you dont have time now ?
- [06.02.2018 22:39:58] <ZeTa on ROck> am here
- [06.02.2018 22:40:35] <ZeTa on ROck> you know what to do and what is needed for the LAN
- [06.02.2018 22:41:02] <papiros> In regards to payment
- [06.02.2018 22:41:14] <papiros> and in regards to the % we are working with
- [06.02.2018 22:41:50] <ZeTa on ROck> okay tell me the % you want
- [06.02.2018 22:43:22] <papiros> I am looking at 10%
- [06.02.2018 22:44:35] <papiros> And $4000
- [06.02.2018 22:44:39] <ZeTa on ROck> normally i give 5% because there is lot of people
- [06.02.2018 22:45:00] <papiros> Oh, I assumed there would be maybe 4 people on your team
- [06.02.2018 22:45:00] <ZeTa on ROck> but i will make you happy we will do 10%
- [06.02.2018 22:45:22] <ZeTa on ROck> yes people that will mail bank mails
- [06.02.2018 22:45:40] <ZeTa on ROck> and people working inside bank that will connect pc so i can work from there
- [06.02.2018 22:45:52] <ZeTa on ROck> and people that will cashout and send to you
- [06.02.2018 22:46:17] <papiros> its possible to get my cut in BTC ?
- [06.02.2018 22:46:51] <ZeTa on ROck> then i cant do 10% due to btc cut also to send
- [06.02.2018 22:47:11] <ZeTa on ROck> more than western union
- [06.02.2018 22:48:31] <papiros> hm
- [06.02.2018 22:48:40] <papiros> okay what about 5% but in BTC ?
- [06.02.2018 22:48:52] <ZeTa on ROck> or should i send 10% include with the fee
- [06.02.2018 22:49:31] <ZeTa on ROck> i want you to make money
- [06.02.2018 22:49:49] <ZeTa on ROck> because this work am doing you will see that is not small deal
- [06.02.2018 22:50:13] <ZeTa on ROck> i will send 10% the fees will be remove from it
- [06.02.2018 22:50:23] <ZeTa on ROck> you know BTC problem
- 07.02.2018 17:21:06] <ZeTa on ROck> hello
- [07.02.2018 19:52:49] <papiros> ?OTRv23?
- papiros@exploit.im/ has requested an Off-the-Record private conversation <https://otr.cypherpunks.ca/>. However, you do not have a plugin to support that.
- See https://otr.cypherpunks.ca/ for more information.
- [07.02.2018 19:54:15] <papiros> hello
- [07.02.2018 19:54:18] <papiros> you are here ?
- [07.02.2018 20:07:22] <papiros> man ?
- [07.02.2018 20:13:52] <papiros> ?OTRv23?
- papiros@exploit.im/ has requested an Off-the-Record private conversation <https://otr.cypherpunks.ca/>. However, you do not have a plugin to support that.
- See https://otr.cypherpunks.ca/ for more information.
- [07.02.2018 20:13:54] <papiros> hi
- [07.02.2018 20:30:43] <papiros> ?
- [07.02.2018 23:51:14] <papiros> ?OTRv23?
- papiros@exploit.im/ has requested an Off-the-Record private conversation <https://otr.cypherpunks.ca/>. However, you do not have a plugin to support that.
- See https://otr.cypherpunks.ca/ for more information.
- [07.02.2018 23:51:16] <papiros> hi
- [07.02.2018 23:51:40] <ZeTa on ROck> you back
- [07.02.2018 23:51:41] <ZeTa on ROck> now
- [07.02.2018 23:52:11] <papiros> yes hi, im back
- [07.02.2018 23:52:18] <ZeTa on ROck> Good
- [07.02.2018 23:52:29] <papiros> not hear from you all day
- [07.02.2018 23:52:33] <ZeTa on ROck> have you started on it
- [07.02.2018 23:52:39] <papiros> and why you dont send BTC ?
- [07.02.2018 23:52:46] <papiros> you said you would send morning
- [07.02.2018 23:52:47] <ZeTa on ROck> yea i was calll early morning for a deal
- [07.02.2018 23:53:14] <ZeTa on ROck> over 15km
- [07.02.2018 23:53:18] <ZeTa on ROck> to my house
- [07.02.2018 23:53:29] <papiros> ok, you are done now, so you can send now
- [07.02.2018 23:53:36] <ZeTa on ROck> have you started
- [07.02.2018 23:54:07] <papiros> honestly , no i have not started , we said i would start after you send me 800 . we talked about it , i didnt know where you were and you not message me all day
- [07.02.2018 23:54:20] <papiros> you told me i would have it in morning
- [07.02.2018 23:54:23] <papiros> i checked all day.
- [07.02.2018 23:54:31] <ZeTa on ROck> bro you have to have started bro
- [07.02.2018 23:54:52] <ZeTa on ROck> i have forwarded the funds to my exchanger
- [07.02.2018 23:54:59] <ZeTa on ROck> from perfect money to btc
- [07.02.2018 23:55:10] <ZeTa on ROck> as soon as he change it will forward it to you
- [07.02.2018 23:55:11] <papiros> i could have lied to you and said i have started , but no , i didnt . i have not started , i am honest with you .
- [07.02.2018 23:55:14] <ZeTa on ROck> in some hours
- [07.02.2018 23:55:25] <papiros> i will start it when i see 800 , like we said yesterday
- [07.02.2018 23:55:40] <ZeTa on ROck> i dont keep funds in btc because of the inflations going up and down
- [07.02.2018 23:55:50] <papiros> thats fair , its true
- [07.02.2018 23:55:56] <papiros> no one wants to risk it
- [07.02.2018 23:56:05] <ZeTa on ROck> yes
- [07.02.2018 23:56:16] <papiros> okay so you said will be there in couple of hours
- [07.02.2018 23:56:17] <ZeTa on ROck> i just have time been out since 5am
- [07.02.2018 23:56:21] <papiros> you still have my BTC address ?
- [07.02.2018 23:56:24] <ZeTa on ROck> sure
- [07.02.2018 23:56:33] <ZeTa on ROck> have save it in my wallet
- [07.02.2018 23:56:45] <ZeTa on ROck> as soon as the exchange is done i send it immediately
- [07.02.2018 23:56:52] <papiros> ok good , i will start now then , so will be here in ~ 3 hours?
- [07.02.2018 23:56:58] <ZeTa on ROck> it wont stay long in my wallet to avoid problem
- [07.02.2018 23:57:37] <ZeTa on ROck> bro you need to start the money is not the issue but time spending on it to make it done is long
- [07.02.2018 23:57:45] <ZeTa on ROck> for me can be done within a day
- [07.02.2018 23:57:58] <ZeTa on ROck> as soon as is credited to btc to send
- [07.02.2018 23:58:17] <papiros> yeah , i understand man , i will start now
- [08.02.2018 00:00:22] <ZeTa on ROck> ok done hope you understand what to do
- [08.02.2018 00:00:33] <ZeTa on ROck> or can you tell me what you understand in what i needed
- [08.02.2018 00:00:40] <ZeTa on ROck> so that you wont get confused
- [08.02.2018 00:00:56] <ZeTa on ROck> explain to me if i can correct little to it
- [08.02.2018 00:03:11] <papiros> yes , you are looking for a LAN spreader in which you can insert your 2-3 or more stubs. When computer execute it , it will attempt to bypass prelimary endpoint protection , then it will drop to the exploit killchain in order to get administrator privileges on the machine . After this, it will map all the devices on the network and attempt numerous methods to pivotting the current executable onto the other machines . from which point it will decrypt the encrypted payloads of your stub(s) from memory and move them to the target folder and execute them via some intrusive method of social engineering with the user on the network .
- [08.02.2018 00:03:58] <papiros> is this correct ?
- [08.02.2018 00:04:20] <ZeTa on ROck> Yes
- [08.02.2018 00:04:25] <ZeTa on ROck> Good
- [08.02.2018 00:04:42] <ZeTa on ROck> can you do a HRDP that can creat and work
- [08.02.2018 00:04:50] <ZeTa on ROck> on LAN
- [08.02.2018 00:05:02] <ZeTa on ROck> so i can get access to the desktop
- [08.02.2018 00:05:08] <papiros> HRDP ... ?
- [08.02.2018 00:05:15] <papiros> bro this is completely a whole other project
- [08.02.2018 00:05:36] <papiros> I can do this bro, but its not part of LAN spreader project we talked about
- [08.02.2018 00:06:46] <ZeTa on ROck> ok leave it
- [08.02.2018 00:06:48] <ZeTa on ROck> dont worry
- [08.02.2018 00:07:06] <ZeTa on ROck> but can the lan get the user and pass of the Machine when is attack
- [08.02.2018 00:07:06] <papiros> sure , i can do it but its complex and is a whole other task
- [08.02.2018 00:07:11] <ZeTa on ROck> the Sam
- [08.02.2018 00:07:14] <ZeTa on ROck> sam file
- [08.02.2018 00:07:50] <papiros> yes its possible
- [08.02.2018 00:08:08] <ZeTa on ROck> the user and pass
- [08.02.2018 00:08:24] <ZeTa on ROck> not crypted pass if it can get it in plain text
- [08.02.2018 00:08:38] <papiros> oh
- [08.02.2018 00:08:50] <ZeTa on ROck> the LAN as soon as he get access to the system he will try to attack also the sam lsasse
- [08.02.2018 00:08:52] <papiros> hm well if SYSKEY is enabled then need to socially engineer use to give us pass
- [08.02.2018 00:09:08] <papiros> but i can make unique window to do this
- [08.02.2018 00:09:37] <papiros> but will only do that if bruteforcing attack didnt work
- [08.02.2018 00:09:58] <ZeTa on ROck> ok
- [08.02.2018 00:10:32] <papiros> if neither of those tricks will work i will simply send sam file contents to server
- [08.02.2018 00:10:36] <ZeTa on ROck> try do it also because all is iniclude in LAN in total capturing of system
- [08.02.2018 00:10:38] <papiros> so you can attempt offline bruteforce
- [08.02.2018 00:10:44] <ZeTa on ROck> ok
- [08.02.2018 00:11:00] <papiros> sounds good
- [08.02.2018 00:11:49] <ZeTa on ROck> yes
- [08.02.2018 00:12:48] <ZeTa on ROck> arrange it well in notepad
- [08.02.2018 00:12:51] <ZeTa on ROck> all what is needed
- [08.02.2018 00:13:33] <papiros> bro what you mean ?
- [08.02.2018 00:13:37] <papiros> i already know what is needed
- [08.02.2018 00:13:40] <papiros> i keep in my head
- [08.02.2018 00:13:44] <ZeTa on ROck> GOOD
- [08.02.2018 00:13:55] <ZeTa on ROck> :D
- [08.02.2018 00:14:10] <ZeTa on ROck> ok
- [08.02.2018 00:14:43] <ZeTa on ROck> am online you can start
- [08.02.2018 00:16:08] <papiros> i will start now bro
- [10.02.2018 17:02:03] <papiros> ?OTRv23?
- papiros@exploit.im/ has requested an Off-the-Record private conversation <https://otr.cypherpunks.ca/>. However, you do not have a plugin to support that.
- See https://otr.cypherpunks.ca/ for more information.
- [10.02.2018 17:02:05] <papiros> hi
- [10.02.2018 17:02:19] <ZeTa on ROck> am good bro
- [10.02.2018 17:02:22] <ZeTa on ROck> how you doing
- [10.02.2018 17:03:11] <papiros> been good bro, just working on our project all day
- [10.02.2018 17:05:32] <ZeTa on ROck> good am happy to hear that
- [10.02.2018 17:06:02] <papiros> im gonna start work again in 15mins
- [10.02.2018 17:06:50] <ZeTa on ROck> ok i will be happy t hear good result soonest
- [10.02.2018 17:07:20] <papiros> i am trying to write utility functions now that i will be using in code
- [10.02.2018 17:07:35] <papiros> and am using some functions from the lib API i have in dark moon
- [10.02.2018 17:07:53] <ZeTa on ROck> ok bro
- [10.02.2018 17:08:21] <ZeTa on ROck> able to spread in LAN and not signal detection
- [10.02.2018 17:08:37] <papiros> i understand
- [10.02.2018 17:08:53] <ZeTa on ROck> okay bro we will talk more later
- [10.02.2018 17:09:04] <papiros> okay my friend
- [10.02.2018 17:10:49] <ZeTa on ROck> cool
- [10.02.2018 18:56:44] <ZeTa on ROck> bro like when will you finish the project
- [10.02.2018 20:47:16] <papiros> ?OTRv23?
- papiros@exploit.im/ has requested an Off-the-Record private conversation <https://otr.cypherpunks.ca/>. However, you do not have a plugin to support that.
- See https://otr.cypherpunks.ca/ for more information.
- [10.02.2018 20:47:17] <papiros> bro
- [10.02.2018 20:47:23] <papiros> I will put SMB exploit code in there too
- [10.02.2018 20:47:26] <papiros> for lan spreading
- [10.02.2018 20:47:33] <papiros> and im doing wifi hotspot social engineer now
- [10.02.2018 20:55:08] <ZeTa on ROck> ok and worawit
- [10.02.2018 20:55:38] <ZeTa on ROck> https://github.com/worawit/MS17-010
- [11.02.2018 21:23:34] <ZeTa on ROck> hello bro like when will it be ready
- [12.02.2018 08:36:20] <papiros> ?OTRv23?
- papiros@exploit.im/ has requested an Off-the-Record private conversation <https://otr.cypherpunks.ca/>. However, you do not have a plugin to support that.
- See https://otr.cypherpunks.ca/ for more information.
- [12.02.2018 08:36:28] <ZeTa on ROck> yea
- [12.02.2018 08:36:51] <papiros> ?OTRv23?
- papiros@exploit.im/ has requested an Off-the-Record private conversation <https://otr.cypherpunks.ca/>. However, you do not have a plugin to support that.
- See https://otr.cypherpunks.ca/ for more information.
- [12.02.2018 08:36:52] <papiros> Hi
- [12.02.2018 08:37:00] <ZeTa on ROck> am good bro
- [12.02.2018 08:37:06] <papiros> Good to hear man
- [12.02.2018 08:37:26] <ZeTa on ROck> when will it be ready bro
- [12.02.2018 08:37:30] <papiros> I made exploit kill chain functionality , and memory execution of payload and download by dns server so far.
- [12.02.2018 08:37:41] <papiros> now am doing core structure and then lan plugins
- [12.02.2018 08:37:58] <ZeTa on ROck> good you know worawit
- [12.02.2018 08:38:05] <papiros> worawit bro ?
- [12.02.2018 08:38:19] <ZeTa on ROck> yea i heard is lan also
- [12.02.2018 08:38:25] <papiros> oh
- [12.02.2018 08:38:42] <papiros> idk worawit
- [12.02.2018 08:38:48] <ZeTa on ROck> ok bro
- [12.02.2018 08:38:58] <ZeTa on ROck> you can go through the github
- [12.02.2018 08:39:13] <papiros> oh i see it
- [12.02.2018 08:39:16] <ZeTa on ROck> well just do so it can work in LAN under intranet
- [12.02.2018 08:40:00] <papiros> yeah bro it will use SMEB
- [12.02.2018 08:40:09] <papiros> to communicate in LAN to infected machine
- [12.02.2018 08:40:11] <papiros> SMEB ping
- [12.02.2018 08:40:31] <papiros> with 5 bytes message
- [12.02.2018 08:40:35] <papiros> very quiet
- [12.02.2018 08:40:43] <papiros> but can only fit 2 commands and 1 id
- [12.02.2018 08:41:13] <papiros> commands will be download/execute and sendreport
- [12.02.2018 08:41:19] <papiros> id:0, id:1
- [12.02.2018 08:41:42] <papiros> id:0,c:dlexec and id:1,c:sendreport
- [12.02.2018 08:42:42] <papiros> bro
- [12.02.2018 08:45:14] <papiros> You can get 1200 tomorrow ?
- [12.02.2018 08:53:21] <ZeTa on ROck> ok
- [12.02.2018 08:53:59] <ZeTa on ROck> what of sam file
- [12.02.2018 08:58:29] <ZeTa on ROck> and those it use ICMP
- [12.02.2018 09:04:00] <ZeTa on ROck> https://www.symantec.com/connect/forums/web-server-attack-smb-double-pulsar-ping
- [12.02.2018 09:19:45] <papiros> ?OTRv23?
- papiros@exploit.im/ has requested an Off-the-Record private conversation <https://otr.cypherpunks.ca/>. However, you do not have a plugin to support that.
- See https://otr.cypherpunks.ca/ for more information.
- [12.02.2018 09:19:48] <papiros> ?
- [12.02.2018 09:23:54] <ZeTa on ROck> i mean the SAm file
- [12.02.2018 09:23:57] <ZeTa on ROck> is needed
- [12.02.2018 09:24:03] <ZeTa on ROck> will i be able to get that
- [12.02.2018 09:24:27] <papiros> yes command id:1 will give sam file in report
- [12.02.2018 09:24:42] <ZeTa on ROck> ok good
- [12.02.2018 09:29:08] <papiros> man , can you prepare 1200 more in BTC ?
- [12.02.2018 09:31:02] <ZeTa on ROck> you mean tommorow
- [12.02.2018 09:31:09] <papiros> yes
- [12.02.2018 09:31:36] <ZeTa on ROck> ok lets see the test how it goes that wont be problem
- [12.02.2018 09:32:01] <papiros> so you will get it ?
- [12.02.2018 09:32:12] <papiros> as i agree for half of payment before project is done though
- [12.02.2018 09:32:17] <papiros> and other half after it is done
- [12.02.2018 09:32:20] <papiros> am already working all days
- [12.02.2018 09:33:03] <ZeTa on ROck> cool
- [12.02.2018 09:33:53] <ZeTa on ROck> ook tommorow bro
- [12.02.2018 09:34:10] <ZeTa on ROck> at least to see some part then will work on transfer
- [12.02.2018 09:35:47] <papiros> ok 1 moment
- [12.02.2018 09:45:30] <ZeTa on ROck> k
- [12.02.2018 10:26:02] <papiros> ?OTRv23?
- papiros@exploit.im/ has requested an Off-the-Record private conversation <https://otr.cypherpunks.ca/>. However, you do not have a plugin to support that.
- See https://otr.cypherpunks.ca/ for more information.
- [12.02.2018 10:26:09] <papiros> bro here is some of the parts
- [12.02.2018 10:27:04] <papiros> https://i.gyazo.com/166c248c3e67a22140e3d103c95740fc.png
- https://i.gyazo.com/c74e5f6d5179c5d306c684e76af7c240.png
- https://i.gyazo.com/b4b401ae2ef33aafc6a9a45b33d5f2d6.png
- https://i.gyazo.com/ea1a73b59ccea99db9ca45165e47a2c6.png
- https://i.gyazo.com/65ebea132ccf8cf4ce8e8ef79c468577.png
- [12.02.2018 10:35:10] <papiros> ?OTRv23?
- papiros@exploit.im/ has requested an Off-the-Record private conversation <https://otr.cypherpunks.ca/>. However, you do not have a plugin to support that.
- See https://otr.cypherpunks.ca/ for more information.
- [12.02.2018 10:35:14] <papiros> hi , you get the messages ?
- [12.02.2018 10:38:19] <papiros> ?OTRv23?
- papiros@exploit.im/ has requested an Off-the-Record private conversation <https://otr.cypherpunks.ca/>. However, you do not have a plugin to support that.
- See https://otr.cypherpunks.ca/ for more information.
- [12.02.2018 10:38:21] <papiros> bro ?
- [12.02.2018 10:38:53] <ZeTa on ROck> work on 32 and 64
- [12.02.2018 10:40:22] <papiros> yes sir , its why you see #ifdef _WIN64 in some of them
- [12.02.2018 10:40:41] <papiros> 32/64 , XP - 10.1 is goal
- [12.02.2018 10:40:59] <ZeTa on ROck> ok
- [12.02.2018 10:41:22] <ZeTa on ROck> do we need Mimikatz to get to get machine user and pass
- [12.02.2018 10:41:31] <ZeTa on ROck> am just suggesting
- [12.02.2018 10:42:08] <papiros> mimikatz not needed , can get it on my own bro just extra work
- [12.02.2018 10:42:22] <papiros> also with sam file can get user/pass on machine in most
- [12.02.2018 10:42:33] <ZeTa on ROck> ok cool bro
- [12.02.2018 10:43:36] <papiros> so can get transfer tomorrow ?
- [12.02.2018 10:44:21] <ZeTa on ROck> sure
- [12.02.2018 10:44:36] <papiros> thanks
- [12.02.2018 10:44:57] <ZeTa on ROck> make it perfect and test it
- [12.02.2018 10:45:34] <papiros> it will be working everywhere bro , it is the goal like we talked about
- [12.02.2018 10:45:38] <papiros> dont worry!
- [12.02.2018 10:45:57] <ZeTa on ROck> good
- [12.02.2018 11:05:39] <papiros> bro i will be back 7 hours now , go to
- 13.02.2018 08:42:51] <papiros> hi man, how are you
- [13.02.2018 08:42:55] <ZeTa on ROck> good
- [13.02.2018 08:43:04] <papiros> good to hear , progress over here is good !
- [13.02.2018 08:43:17] <papiros> i am going to be finished near end of this month actually !
- [13.02.2018 08:43:24] <papiros> about feb28-29
- [13.02.2018 08:43:36] <papiros> more early than expect
- [13.02.2018 08:43:45] <ZeTa on ROck> i thought is today you going to finish
- [13.02.2018 08:43:49] <ZeTa on ROck> for test
- [13.02.2018 08:44:00] <papiros> oh no bro , thats too soon !
- [13.02.2018 08:44:06] <papiros> coding takes longer than this lol
- [13.02.2018 18:51:00] <papiros> i can take PM bro
- [13.02.2018 18:51:06] <ZeTa on ROck> good then
- [13.02.2018 18:51:19] <ZeTa on ROck> your remaning fee will be send through PM
- [13.02.2018 18:51:29] <ZeTa on ROck> when the soft is tested and working as said
- [13.02.2018 18:51:46] <papiros> 19ZDu2QT1t3uZs5UQLsaJZn9rDmWo1fsvg
- [13.02.2018 18:51:49] <ZeTa on ROck> because i will need to test it if there will need any modification
- [13.02.2018 18:54:32] <ZeTa on ROck> you got it
- [13.02.2018 18:54:47] <papiros> not yet bro
- [13.02.2018 18:55:05] <ZeTa on ROck> hold
- [13.02.2018 18:55:12] <papiros> ok man
- [13.02.2018 18:55:52] <ZeTa on ROck> after this payment only for you to finish the program for me to test it and working well then i forward the balance
- [13.02.2018 18:55:59] <ZeTa on ROck> then we start dealing on %
- [13.02.2018 18:56:14] <papiros> sounds good bro , am really excited
- [13.02.2018 18:58:33] <papiros> 10% like we said bro
- [13.02.2018 18:59:51] <papiros> you send bro ?
- [13.02.2018 19:02:29] <ZeTa on ROck> yea
- [13.02.2018 22:42:26] <ZeTa on ROck> https://blockchain.info/tx/1b714864914a26328f8b2e9e111e548a05c9235e1914b65751680e0e6abe4e8e
- [14.02.2018 08:08:49] <ZeTa on ROck> bro
- [14.02.2018 08:08:51] <ZeTa on ROck> have sent it
- [14.02.2018 08:09:16] <ZeTa on ROck> https://blockchain.info/tx/1b714864914a26328f8b2e9e111e548a05c9235e1914b65751680e0e6abe4e8e
- [14.02.2018 08:09:21] <papiros> i got it bro , thanks !
- [14.02.2018 08:09:25] <ZeTa on ROck> cool
- [14.02.2018 08:09:56] <ZeTa on ROck> is your turn now
- [14.02.2018 08:10:04] <ZeTa on ROck> to make it happen and for me to test it
- [14.02.2018 08:11:56] <papiros> yeah ill be done in 14 days , like i said
- [14.02.2018 08:11:58] <papiros> 2 weeks
- [14.02.2018 08:12:12] <ZeTa on ROck> ok cool
- [15.02.2018 09:19:23] <ZeTa on ROck> hello bro
- [15.02.2018 09:19:27] <ZeTa on ROck> hope all is going well
- [15.02.2018 09:19:29] <ZeTa on ROck> update
- [15.02.2018 09:20:38] <papiros> hey man , what can i say , am coding
- [15.02.2018 09:21:29] <papiros> all going well bro
- [15.02.2018 11:07:30] <ZeTa on ROck> cool
- [16.02.2018 12:37:10] <ZeTa on ROck> http://informatique-loiret.fr/tutoriaux/technique/astuces/retrouver-son-mot-de-passe-windows-grace-au-fichier-sam-2/
- [16.02.2018 19:43:33] <papiros> thanks bro , but i know about this technique
- [16.02.2018 19:44:20] <ZeTa on ROck> bro
- [16.02.2018 19:44:36] <ZeTa on ROck> this program is needed if you can finish it on 20th it will be good
- [16.02.2018 19:44:49] <ZeTa on ROck> i just found someone working in bank
- [16.02.2018 19:44:58] <ZeTa on ROck> that want to install the program
- [16.02.2018 19:45:03] <ZeTa on ROck> so that we can get all
- [16.02.2018 19:45:16] <ZeTa on ROck> bro will your soft use zenmap to scan ip
- [16.02.2018 19:45:19] <ZeTa on ROck> or how
- [16.02.2018 19:45:52] <ZeTa on ROck> and if it enter pc that is intranet no internet on it will it be able to pass the information out
- [16.02.2018 19:46:37] <papiros> it will use IOCTL to scan network ip
- [16.02.2018 19:46:58] <papiros> yes, through local dns proxy
- [16.02.2018 19:47:18] <papiros> it will set it up on the target machine since there is admin privileges because of exploit chain
- [16.02.2018 19:48:14] <ZeTa on ROck> ok
- [16.02.2018 19:48:16] <ZeTa on ROck> good
- [16.02.2018 19:47:37] <papiros> and all payload client will cocnnect through the dns proxy
- [16.02.2018 19:47:57] <papiros> bro, for 20 feb its not possible ... earliest i can do 25 feb.
- [16.02.2018 19:48:10] <papiros> maybe 26
- [16.02.2018 19:48:25] <papiros> i can only do 20 if i sit 20hour/day
- [16.02.2018 19:48:36] <papiros> then maybe 20/21
- [16.02.2018 19:49:23] <ZeTa on ROck> bro please make it at least 25
- [16.02.2018 19:49:28] <ZeTa on ROck> ok cool
- [16.02.2018 19:49:33] <papiros> i can make it 20/21
- [16.02.2018 19:49:34] <ZeTa on ROck> 21 is good
- [16.02.2018 19:49:39] <ZeTa on ROck> Good bro
- [16.02.2018 19:49:43] <papiros> bro , can you throw me $2000 then ?
- [16.02.2018 19:49:53] <papiros> i will sit 20 hour day ...
- [16.02.2018 19:49:57] <ZeTa on ROck> bro do it finish
- [16.02.2018 19:50:00] <papiros> normal i do 12 hour/day
- [16.02.2018 19:50:02] <ZeTa on ROck> and let this work
- [16.02.2018 19:50:20] <ZeTa on ROck> bro is for all of us
- [16.02.2018 19:50:33] <ZeTa on ROck> the benefit now if this person put in the bank network
- [16.02.2018 19:50:36] <ZeTa on ROck> we will all gain
- [16.02.2018 19:50:46] <papiros> bro you prepare for tomorrow , i will finish by feb 20 , and we will run in all bank network like you say
- [16.02.2018 19:50:49] <ZeTa on ROck> so make it as your personal work
- [16.02.2018 19:50:55] <papiros> and you give me 10% + BTC fee
- [16.02.2018 19:51:21] <ZeTa on ROck> bro finish on 21st and we do the test same day
- [16.02.2018 19:51:28] <ZeTa on ROck> i can send you money on 21st
- [16.02.2018 19:51:36] <ZeTa on ROck> i have program it like that
- [16.02.2018 20:30:49] <papiros> bro i need you to send within next 2 days. i will finish by 20 then
- [16.02.2018 20:30:56] <papiros> as i will sit 20 hours / day
- [16.02.2018 20:35:56] <papiros> and then you release to bank network
- [16.02.2018 23:07:21] <papiros> hi bro
- [16.02.2018 23:07:36] <papiros> litlte problem
- [16.02.2018 23:07:41] <papiros> you tell me if its ok or not
- [16.02.2018 23:07:46] <ZeTa on ROck> ok
- [16.02.2018 23:07:46] <papiros> let me know when you here
- [16.02.2018 23:07:55] <papiros> so
- [16.02.2018 23:08:44] <ZeTa on ROck> am listening bro
- [16.02.2018 23:08:48] <ZeTa on ROck> am here with you
- [16.02.2018 23:09:10] <papiros> lets say we infect
- pc1 = connected to internet , infected
- pc2 = intranet, and infected from pc1
- pc3 = found on intranet of pc2 but from pc1 it cannot find it since its not in the same VLAN
- therefore pc1 cannot infect pc3 since it cannot find it on the network
- we will only be able to infect the pc's which pc1 can see
- [16.02.2018 23:10:19] <papiros> is that ok ?
- [16.02.2018 23:12:04] <ZeTa on ROck> oh it has to be on same router
- [16.02.2018 23:12:44] <ZeTa on ROck> but it can be routed
- [16.02.2018 23:12:49] <ZeTa on ROck> or how
- [16.02.2018 23:12:51] <ZeTa on ROck> ?
- [16.02.2018 23:14:18] <papiros> no like in bank network
- [16.02.2018 23:14:27] <papiros> each computer which is in intranet is on VLAN
- [16.02.2018 23:14:45] <papiros> only way to do it from there is
- [16.02.2018 23:14:54] <papiros> my program can open reverse shell on network
- [16.02.2018 23:15:02] <papiros> and we can try metasploit pivotting
- [16.02.2018 23:15:05] <papiros> meterpreter*
- [16.02.2018 23:16:08] <papiros> what i mean is
- infected_PC (pc1) -> VLAN1 (pc2,pc3,pc4) -> VLAN2 (pc5,pc6,pc7)
- we can infect computers in VLAN1 directly but we cant infect in VLAN2
- [16.02.2018 23:16:35] <papiros> unless we drop reverse shell in VLAN1 and use meterpreter to drop payload on VLAN2
- [16.02.2018 23:16:58] <papiros> understand ?
- [16.02.2018 23:19:32] <ZeTa on ROck> no
- [16.02.2018 23:19:53] <ZeTa on ROck> what of tracecert
- [16.02.2018 23:20:20] <ZeTa on ROck> to route the pc and able to infect
- [16.02.2018 23:23:08] <ZeTa on ROck> you there bro
- [16.02.2018 23:23:35] <papiros> yeah bro but
- [16.02.2018 23:23:42] <papiros> the SMB exploit not work like that
- [16.02.2018 23:24:04] <papiros> eternal blje
- [16.02.2018 23:24:06] <papiros> blue*
- [16.02.2018 23:27:53] <ZeTa on ROck> i have eternalblue
- [16.02.2018 23:28:04] <ZeTa on ROck> but is been detected
- [16.02.2018 23:28:18] <ZeTa on ROck> thats why i dont use
- [16.02.2018 23:28:45] <ZeTa on ROck> you need to know how to ping and mapp the subnet ip
- [16.02.2018 23:28:54] <ZeTa on ROck> and start attacking
- [16.02.2018 23:29:06] <ZeTa on ROck> to install the exe
- [16.02.2018 23:29:10] <ZeTa on ROck> and get sam file
- [16.02.2018 23:30:27] <papiros> its fine , i understand
- [16.02.2018 23:30:33] <papiros> its what am doing
- [16.02.2018 23:31:01] <papiros> like i told you , i am using exploit chain
- [16.02.2018 23:31:26] <ZeTa on ROck> Okay
- 16.02.2018 23:31:26] <ZeTa on ROck> Okay
- [16.02.2018 23:31:31] <ZeTa on ROck> if attack one pc
- [16.02.2018 23:31:42] <ZeTa on ROck> and install get file sam
- [16.02.2018 23:31:46] <ZeTa on ROck> send report
- [16.02.2018 23:31:54] <papiros> yes, this is what i do
- [16.02.2018 23:32:11] <ZeTa on ROck> then it can continue to second pc
- [16.02.2018 23:32:38] <papiros> yes
- [16.02.2018 23:32:39] <papiros> exactly
- [16.02.2018 23:32:58] <ZeTa on ROck> it must carry the work on pc1 first after sent then carry the mapping to second pc
- [16.02.2018 23:33:24] <papiros> yes , same payload that is on pc1 is dropped and work on pc2
- [16.02.2018 23:33:25] <papiros> exactly
- [16.02.2018 23:35:05] <ZeTa on ROck> then when get to pc2 it install the exe and carry the sam if the pc does not have connection out then it tries to connect back to pc1 to drop the infor for sending
- [16.02.2018 23:35:23] <ZeTa on ROck> and continue to attack undergroud for pc3 and more
- [16.02.2018 23:35:33] <ZeTa on ROck> if there is internet no need to connect to pc1
- [16.02.2018 23:35:59] <ZeTa on ROck> it disregard it and use pc2 connection to send and continue mapping again
- [16.02.2018 23:36:56] <papiros> exactly
- [16.02.2018 23:37:01] <papiros> in this scenario its fine
- [16.02.2018 23:38:11] <ZeTa on ROck> ok good
- [16.02.2018 23:38:26] <ZeTa on ROck> and now if the pc2 has no internet
- [16.02.2018 23:38:36] <ZeTa on ROck> we will have to connect to Pc1
- [16.02.2018 23:38:55] <ZeTa on ROck> and this spreader if it can open a port of rdp 3389
- [16.02.2018 23:39:08] <ZeTa on ROck> then we can connect local from the pc1
- [16.02.2018 23:39:20] <ZeTa on ROck> with the machine name and the same password
- [16.02.2018 23:39:38] <ZeTa on ROck> we use to connect through RDP to the second pc2 that has no internet
- [16.02.2018 23:40:13] <ZeTa on ROck> the only thing that will permit us to be able to enter is by using RDP local and the Sam file
- [16.02.2018 23:40:33] <ZeTa on ROck> to the pc that has no internet for us to connect from outisde
- [16.02.2018 23:45:38] <ZeTa on ROck> okay
- [16.02.2018 23:47:30] <papiros> okay thats fine, i understnad
- [16.02.2018 23:47:46] <papiros> i can open a backconnect port on 3389 if its not already open
- [16.02.2018 23:47:47] <papiros> for sure
- [16.02.2018 23:49:20] <ZeTa on ROck> OK
- [16.02.2018 23:49:40] <ZeTa on ROck> the port of RDP
- [16.02.2018 23:51:01] <ZeTa on ROck> will it send the ip4
- [16.02.2018 23:51:08] <ZeTa on ROck> ip machine
- [16.02.2018 23:52:34] <papiros> yes
- [16.02.2018 23:52:38] <papiros> i can do that
- [16.02.2018 23:52:41] <papiros> in the report
- [16.02.2018 23:52:50] <ZeTa on ROck> like 192.168.1.69
- [16.02.2018 23:52:55] <ZeTa on ROck> machine ip
- [16.02.2018 23:53:12] <papiros> yes
- [16.02.2018 23:53:23] <papiros> network IP
- [16.02.2018 23:53:24] <papiros> i know
- [16.02.2018 23:53:50] <ZeTa on ROck> yea with this i use through RDP to connect from one machine that has internet already infected
- [16.02.2018 23:54:07] <ZeTa on ROck> so i will use the sam to connect to pc2 intranet
- [16.02.2018 23:54:30] <ZeTa on ROck> bro try to know the step
- [16.02.2018 23:55:39] <papiros> i understand man
- [16.02.2018 23:55:42] <papiros> you dont have to tell me twice
- [16.02.2018 23:56:08] <ZeTa on ROck> cool
- [17.02.2018 00:13:26] <papiros> can you get the BTC within 2 days ?
- [17.02.2018 00:13:33] <papiros> am gonna work 20 hours
- [17.02.2018 00:13:47] <papiros> and we test on 20/21 then
- [17.02.2018 00:13:57] <ZeTa on ROck> bro finish this work because i need to see it
- [17.02.2018 00:14:17] <ZeTa on ROck> and test
- [17.02.2018 00:14:24] <papiros> of course , will finish it bro , was already doing it for 1 week , you will have it by 20/21
- [17.02.2018 00:14:26] <ZeTa on ROck> your funds will be ready on 20th
- [17.02.2018 00:14:40] <papiros> as now i work 20 hours day to finsih for you
- [17.02.2018 00:14:47] <ZeTa on ROck> you will get it as soon as is done dont worry bro
- [17.02.2018 00:14:48] <papiros> when original plan on my schedule was for 28/29
- [17.02.2018 00:14:52] <ZeTa on ROck> just keep the good work
- [17.02.2018 00:15:00] <papiros> i wont work this long if you cant
- [17.02.2018 00:15:31] <papiros> since you said you really need it by 20
- [17.02.2018 00:15:43] <papiros> but when i started i told you i may be done by mid march
- [17.02.2018 00:16:04] <papiros> since its lots of work
- [17.02.2018 00:16:04] <ZeTa on ROck> bro is it because i said 20th you decided want to get 2k ?
- [17.02.2018 00:16:47] <ZeTa on ROck> bro we have many work together if you do this one i get on 20th u still have another one hrdp
- [17.02.2018 00:16:50] <ZeTa on ROck> to build
- [17.02.2018 00:16:58] <ZeTa on ROck> so i dont want to mmix them
- [17.02.2018 00:17:06] <ZeTa on ROck> you still get work and you will gain
- [17.02.2018 00:17:10] <papiros> we said $4k for this project
- [17.02.2018 00:17:13] <ZeTa on ROck> dont rush me by demanding
- [17.02.2018 00:17:15] <papiros> till now you give me $1800
- [17.02.2018 00:17:24] <ZeTa on ROck> yes without seeing anything
- [17.02.2018 00:17:25] <papiros> dont rush you?
- [17.02.2018 00:17:32] <papiros> ok then i will deliver like i said in our first convo
- [17.02.2018 00:17:38] <papiros> 15-20 march
- [17.02.2018 00:18:27] <ZeTa on ROck> bro you know you will get your money i dont understand why argument now
- [17.02.2018 00:19:18] <papiros> cause im working 20 hours/day to get this done for you
- [17.02.2018 00:19:22] <ZeTa on ROck> all what you saying you did need to be tested and if there is any error you will still need to do it again
- [17.02.2018 00:19:23] <papiros> and you being so ignorant when i ask
- [17.02.2018 00:19:30] <papiros> i am aware
- [17.02.2018 00:19:36] <papiros> so i am making sure there is no error
- [17.02.2018 00:19:42] <papiros> i set up VLAN in my network
- [17.02.2018 00:19:43] <papiros> of 6 pc's
- [17.02.2018 00:19:57] <papiros> 4 VM's , 2 host machines
- [17.02.2018 00:20:09] <papiros> there wont be any error or i dont waste my time with this
- [17.02.2018 00:21:33] <ZeTa on ROck> bro if i give you a work and i believe this is your work and you good thats why because i have my own work am doing here looking for people around that can help us to put this software inside
- [17.02.2018 00:22:12] <papiros> i understand
- [17.02.2018 00:22:46] <papiros> and we work on 10% + fee like you said
- [17.02.2018 00:23:05] <papiros> there will be much more profit after like you say
- [17.02.2018 00:23:57] <ZeTa on ROck> yes bro if this work as we plan this is what i need to see believe me if this work as you promise just leave the rest for me
- [17.02.2018 00:24:26] <ZeTa on ROck> you going to get 10% steady i do have trust with you
- [17.02.2018 00:24:52] <ZeTa on ROck> we have the chance working together
- [17.02.2018 00:25:36] <papiros> i understand my friend, but am asking if you can get the $2000 in BTC within 2 days for me ?
- [17.02.2018 00:26:18] <ZeTa on ROck> i will ask my exchanger for change
- [17.02.2018 00:26:40] <ZeTa on ROck> but i will have to get the software for test then i forward the balance bro
- [17.02.2018 00:26:49] <ZeTa on ROck> i will make your funds be ready
- [17.02.2018 00:26:53] <ZeTa on ROck> so do not worry
- [17.02.2018 00:27:06] <papiros> oh no, i am asking if you can forward me the funds on feb 18
- [17.02.2018 00:27:12] <papiros> and i will be ready on 20/21
- [17.02.2018 00:27:22] <ZeTa on ROck> 18 is not possible
- [17.02.2018 00:27:32] <papiros> why no ?
- [17.02.2018 00:27:46] <papiros> 19 can be ?
- [17.02.2018 00:28:33] <ZeTa on ROck> 20th and i will need to get the software also bro
- [17.02.2018 00:28:42] <papiros> you let me know when bro, i think i waste too much time talking with you here now , i will go back to work on software.
- [17.02.2018 00:28:51] <papiros> i will give you the software for sure man , so i can get my 10%
- [17.02.2018 00:28:56] <papiros> as its passive income for me then
- [17.02.2018 00:29:01] <papiros> all i need to do is support you
- [17.02.2018 00:29:01] <papiros> but
- [17.02.2018 00:29:09] <papiros> i am asking if you can get $2000 by 18/19
- [17.02.2018 00:31:22] <ZeTa on ROck> if you want to get your 2k bro is upto you to finish it quickly on 20th and we test together
- [17.02.2018 00:31:43] <ZeTa on ROck> am open up to you
- 17.02.2018 00:31:55] <ZeTa on ROck> i will inform my exchanger
- [17.02.2018 00:33:05] <papiros> thanks bro , i will go offline now , need to continue working hard ! jabber is distraction
- [17.02.2018 00:33:13] <ZeTa on ROck> ok
- [17.02.2018 00:33:15] <papiros> i will work now 6 more hours and will be here tomorrow
- [17.02.2018 00:33:39] <papiros> bye
- [17.02.2018 00:33:47] <ZeTa on ROck> ok bro
- 17.02.2018 20:30:40] <ZeTa on ROck> am Good bro
- [17.02.2018 20:30:50] <papiros> good to hear
- [17.02.2018 20:30:52] <ZeTa on ROck> bro am the one suppose to ask whats new :d
- [17.02.2018 20:31:09] <papiros> haha , just been working on it man
- [17.02.2018 20:31:14] <papiros> been getting a lot done
- [17.02.2018 20:31:19] <papiros> set for finish on 21
- [17.02.2018 20:31:56] <ZeTa on ROck> Good nezws
- [17.02.2018 20:32:25] <papiros> you get BTC bro ?
- [17.02.2018 20:33:12] <ZeTa on ROck> as i said have already inform my exchanger due to the amount
- [17.02.2018 20:33:24] <ZeTa on ROck> i told him i need it to get to my account on 20th
- [17.02.2018 20:33:38] <papiros> 18 bro , like what we talked yesterday
- [17.02.2018 20:34:18] <ZeTa on ROck> bro we never talk about 18th please read chat
- [17.02.2018 20:34:33] <papiros> yesterday bro
- [17.02.2018 20:34:34] <ZeTa on ROck> bro can i see where you rach now
- [17.02.2018 20:34:36] <papiros> we talked about 18
- [17.02.2018 20:34:43] <papiros> rach?
- [17.02.2018 20:34:47] <ZeTa on ROck> reach
- [17.02.2018 20:36:33] <papiros> am working sendreport function now https://i.gyazo.com/b46a0cd7db5c0313181ec63a19d7a255.png
- [17.02.2018 20:37:53] <ZeTa on ROck> can you forward the source
- [17.02.2018 20:38:03] <ZeTa on ROck> the for where you reach to go through it
- [17.02.2018 20:38:18] <papiros> i will send when all done bro
- [17.02.2018 20:38:19] <ZeTa on ROck> i cant get it like this in png
- [17.02.2018 22:12:14] <papiros> ?OTRv23?
- papiros@exploit.im/ has requested an Off-the-Record private conversation <https://otr.cypherpunks.ca/>. However, you do not have a plugin to support that.
- See https://otr.cypherpunks.ca/ for more information.
- [17.02.2018 22:12:16] <papiros> news ?
- [17.02.2018 22:18:24] <ZeTa on ROck> yes bro
- [17.02.2018 22:18:26] <ZeTa on ROck> cool
- [17.02.2018 22:18:28] <ZeTa on ROck> am here
- [17.02.2018 22:18:46] <papiros> any news from your exchanger ?
- [17.02.2018 22:19:05] <ZeTa on ROck> no since on 20th
- [17.02.2018 22:19:34] <papiros> so i need wait till 20 ?
- [17.02.2018 22:19:49] <ZeTa on ROck> when are you fnishing it
- [17.02.2018 22:19:54] <papiros> 21
- [17.02.2018 22:20:12] <ZeTa on ROck> so is 21 far for you to received the remaining balance
- [17.02.2018 22:20:44] <ZeTa on ROck> you there
- [17.02.2018 22:20:48] <ZeTa on ROck> ??*
- [17.02.2018 22:21:18] <papiros> yes bro
- [17.02.2018 22:21:22] <papiros> we talked about 18
- [17.02.2018 22:21:23] <papiros> i expected 18
- [17.02.2018 22:21:39] <papiros> i said i put 20 hours per day into dev if you exchange on 18 and i be done by 21
- [17.02.2018 22:21:45] <ZeTa on ROck> i didnt speak 18th
- [17.02.2018 22:21:47] <papiros> but now you saying not 18
- [17.02.2018 22:21:49] <ZeTa on ROck> check your message well
- [17.02.2018 22:21:53] <papiros> we talk about it yesterday
- [17.02.2018 22:21:58] <ZeTa on ROck> i didnt say i will pay you 18th
- [17.02.2018 22:22:09] <ZeTa on ROck> bro try read it well
- [17.02.2018 22:22:13] <papiros> so when i should wait ?
- [17.02.2018 22:22:23] <ZeTa on ROck> or will you finish it on 18th
- [17.02.2018 22:22:27] <papiros> i can wait 19 latest.
- [17.02.2018 22:22:29] <ZeTa on ROck> then you get your money on 18th
- [17.02.2018 22:22:42] <papiros> i finish by 21 earliest
- [17.02.2018 22:22:56] <papiros> but i need btc exchange by then as
- [17.02.2018 22:22:58] <ZeTa on ROck> when you finish i pay if you put more hours on it is for you to get your money fast
- [17.02.2018 22:23:02] <papiros> then i stick to roiginal day
- [17.02.2018 22:23:12] <papiros> i can finish by 19
- [17.02.2018 22:23:18] <papiros> if i work all day today/tomorrow
- [17.02.2018 22:23:21] <papiros> but its weekend
- [17.02.2018 22:23:52] <ZeTa on ROck> bro if you finish 19 you get your money on 19th
- [17.02.2018 22:24:07] <ZeTa on ROck> all depends how fast you want to get your money
- [17.02.2018 22:24:17] <ZeTa on ROck> if you finish 19 you get it
- [17.02.2018 22:24:26] <ZeTa on ROck> if i say Yes on it for sure you going to get it
- [17.02.2018 22:24:51] <papiros> bro in that case
- [17.02.2018 22:24:54] <papiros> i can even finish tomorrow..
- [17.02.2018 22:25:01] <papiros> but tomorrow night as
- [17.02.2018 22:25:08] <ZeTa on ROck> Okay bro
- [17.02.2018 22:25:08] <papiros> i need to work all day today and tomorrow
- [17.02.2018 22:25:29] <papiros> you will be here 21:00 moscow time ?
- [17.02.2018 22:25:42] <ZeTa on ROck> yes
- [17.02.2018 22:25:43] <papiros> on 18.02.2018
- [17.02.2018 22:25:47] <ZeTa on ROck> good
- [17.02.2018 22:25:51] <papiros> good
- [17.02.2018 22:25:53] <ZeTa on ROck> all will be set
- [17.02.2018 22:25:58] <ZeTa on ROck> Good
- [17.02.2018 22:26:10] <papiros> ok i will go off jabber now and work
- [17.02.2018 22:26:14] <ZeTa on ROck> cool
- [17.02.2018 22:26:19] <papiros> 10% + fee still good on my cut yes?
- [17.02.2018 22:26:28] <ZeTa on ROck> yes bro
- [17.02.2018 22:26:39] <papiros> and you get $2200 ready for tomorrow yes ?
- [17.02.2018 22:26:49] <ZeTa on ROck> Yes
- [17.02.2018 22:27:01] <papiros> as we agree $4000 and you so far give me $800 and $1000 - yes ?
- [17.02.2018 22:27:09] <ZeTa on ROck> all depends how fast you are mine no problem
- [17.02.2018 22:27:20] <papiros> ok good
- [17.02.2018 22:27:21] <ZeTa on ROck> Yes
- [17.02.2018 22:27:30] <papiros> i will see you 21:00 moscow time 18.02.2018
- [17.02.2018 22:27:40] <ZeTa on ROck> all i required need to be set as we talk about the soft
- [17.02.2018 22:27:41] <papiros> maybe will be 22:00 but its only if i need some extra time
- [17.02.2018 22:27:46] <papiros> but 21:00-22:00 will be here
- [17.02.2018 22:27:46] <ZeTa on ROck> we going to test it together
- [17.02.2018 22:27:54] <ZeTa on ROck> cool i will be
- [17.02.2018 22:28:08] <papiros> all you asked will be done bro, right now all i need to do is
- [17.02.2018 22:28:29] <papiros> make feature to ping local dns proxy server with report and send through the network to the host machine and send to server
- [17.02.2018 22:28:41] <ZeTa on ROck> OKay
- [17.02.2018 22:28:50] <ZeTa on ROck> you can start now working on it
- [17.02.2018 22:28:56] <papiros> ok i go work now
- [17.02.2018 22:29:02] <ZeTa on ROck> cool
- [17.02.2018 22:29:07] <papiros> see you 21:00-22:00 18.02.2018
- [17.02.2018 22:29:12] <ZeTa on ROck> ok bro
- [18.02.2018 19:13:34] <papiros> ?OTRv23?
- papiros@exploit.im/ has requested an Off-the-Record private conversation <https://otr.cypherpunks.ca/>. However, you do not have a plugin to support that.
- See https://otr.cypherpunks.ca/ for more information.
- [18.02.2018 19:13:38] <papiros> OK AM here
- [18.02.2018 19:13:59] <papiros> ?OTRv23?
- papiros@exploit.im/ has requested an Off-the-Record private conversation <https://otr.cypherpunks.ca/>. However, you do not have a plugin to support that.
- See https://otr.cypherpunks.ca/ for more information.
- [18.02.2018 19:14:06] <ZeTa on ROck> good
- [18.02.2018 19:14:08] <ZeTa on ROck> you done
- [18.02.2018 19:14:18] <papiros> yes will be done in ~5mins
- [18.02.2018 19:14:26] <papiros> very tired worked all night
- [18.02.2018 19:14:36] <papiros> i will be up for 2 hours more so
- [18.02.2018 19:14:41] <papiros> we can wrap it up
- [18.02.2018 19:14:56] <ZeTa on ROck> ok let me know when done
- [18.02.2018 19:14:59] <ZeTa on ROck> so we can test
- [18.02.2018 19:15:58] <papiros> send me the BTC bro
- [18.02.2018 19:16:11] <ZeTa on ROck> when you done and tested
- [18.02.2018 19:16:14] <papiros> i will prepare test BIN for you, send your URL where to download/execute from
- [18.02.2018 19:16:15] <ZeTa on ROck> your btc is ready
- [18.02.2018 19:16:16] <ZeTa on ROck> ok
- [18.02.2018 19:16:33] <ZeTa on ROck> bro this is embedded i need
- [18.02.2018 19:16:38] <ZeTa on ROck> url cant work in bank
- [18.02.2018 19:16:46] <ZeTa on ROck> outside url is block
- [18.02.2018 19:16:46] <papiros> oh embedded its ok
- [18.02.2018 19:16:49] <ZeTa on ROck> dammit
- [18.02.2018 19:16:49] <ZeTa on ROck> bro
- [18.02.2018 19:16:50] <papiros> send EXE
- [18.02.2018 19:17:00] <papiros> i will encode it into BIN
- [18.02.2018 19:17:22] <ZeTa on ROck> bro 3 exe to be uploaded
- [18.02.2018 19:17:24] <ZeTa on ROck> for test
- [18.02.2018 19:14:06] <ZeTa on ROck> good
- [18.02.2018 19:14:08] <ZeTa on ROck> you done
- [18.02.2018 19:14:18] <papiros> yes will be done in ~5mins
- [18.02.2018 19:14:26] <papiros> very tired worked all night
- [18.02.2018 19:14:36] <papiros> i will be up for 2 hours more so
- [18.02.2018 19:14:41] <papiros> we can wrap it up
- [18.02.2018 19:14:56] <ZeTa on ROck> ok let me know when done
- [18.02.2018 19:14:59] <ZeTa on ROck> so we can test
- [18.02.2018 19:15:58] <papiros> send me the BTC bro
- [18.02.2018 19:16:11] <ZeTa on ROck> when you done and tested
- [18.02.2018 19:16:14] <papiros> i will prepare test BIN for you, send your URL where to download/execute from
- [18.02.2018 19:16:15] <ZeTa on ROck> your btc is ready
- [18.02.2018 19:16:16] <ZeTa on ROck> ok
- [18.02.2018 19:16:33] <ZeTa on ROck> bro this is embedded i need
- [18.02.2018 19:16:38] <ZeTa on ROck> url cant work in bank
- [18.02.2018 19:16:46] <ZeTa on ROck> outside url is block
- [18.02.2018 19:16:46] <papiros> oh embedded its ok
- [18.02.2018 19:16:49] <ZeTa on ROck> dammit
- [18.02.2018 19:16:49] <ZeTa on ROck> bro
- [18.02.2018 19:16:50] <papiros> send EXE
- [18.02.2018 19:17:00] <papiros> i will encode it into BIN
- [18.02.2018 19:17:22] <ZeTa on ROck> bro 3 exe to be uploaded
- [18.02.2018 19:17:24] <ZeTa on ROck> for test
- [18.02.2018 19:17:28] <papiros> its fine man
- [18.02.2018 19:17:31] <papiros> send EXE
- [18.02.2018 19:17:39] <papiros> here is my BTC wallet 1J92qAi8cTDodSvke26wUmavsEhLkNeeP7
- [18.02.2018 19:18:05] <papiros> I give you source code too
- [18.02.2018 19:18:11] <ZeTa on ROck> your btc is already here save dont worry about btc lets worry about the function of this exe
- [18.02.2018 19:18:30] <ZeTa on ROck> i need to verified it to know if ther is any mistake or omitted
- [18.02.2018 19:18:32] <papiros> bro , i ask you already you send me BTC and we test/you get source and all we talk about
- [18.02.2018 19:18:37] <ZeTa on ROck> give me 20mins
- [18.02.2018 19:18:39] <papiros> we will test anyway
- [18.02.2018 19:18:41] <ZeTa on ROck> to arrange the exe
- [18.02.2018 19:18:53] <papiros> ok
- [18.02.2018 19:19:05] <papiros> send in https://ge.tt
- [18.02.2018 19:21:38] <ZeTa on ROck> bro download teamviewer
- [18.02.2018 19:21:54] <ZeTa on ROck> you will enter the pc we will be testing on
- [18.02.2018 19:22:02] <ZeTa on ROck> for you to see result of what you build
- [18.02.2018 19:22:34] <papiros> i have team viewer
- [18.02.2018 19:23:10] <ZeTa on ROck> good
- [18.02.2018 19:23:17] <papiros> send your EXEs
- [18.02.2018 19:23:21] <ZeTa on ROck> give me some minutes to arrange exes
- [18.02.2018 19:23:25] <ZeTa on ROck> to make it fud
- [18.02.2018 19:23:27] <ZeTa on ROck> wait
- [18.02.2018 19:23:33] <papiros> okay and send the BTC to this address 1J92qAi8cTDodSvke26wUmavsEhLkNeeP7
- [18.02.2018 19:23:43] <papiros> when i got we will continue
- [18.02.2018 19:23:55] <ZeTa on ROck> bro do you trust me?
- [18.02.2018 19:23:59] <papiros> for sure man
- [18.02.2018 19:24:03] <papiros> but i told you
- [18.02.2018 19:24:13] <papiros> i will do this work if you give me BTC on 18 , am done now
- [18.02.2018 19:24:15] <papiros> but i wait BTC
- [18.02.2018 19:24:24] <ZeTa on ROck> you have my 1800 with you sent
- [18.02.2018 19:24:37] <ZeTa on ROck> remain 2200 to send you today
- [18.02.2018 19:24:41] <papiros> indeed , and if you not happy will give you money back
- [18.02.2018 19:24:42] <ZeTa on ROck> why in hurry
- [18.02.2018 19:24:56] <ZeTa on ROck> we will do all together
- [18.02.2018 19:25:13] <ZeTa on ROck> then i send you am not even collecting the program from you yet
- [18.02.2018 19:25:15] <papiros> because i asked 2 days ago , i said "i will work now 20 hours each day to finish"
- [18.02.2018 19:25:18] <ZeTa on ROck> we are doing beta testing
- [18.02.2018 19:25:39] <ZeTa on ROck> Yes you finished then you test it and get paid
- [18.02.2018 19:25:46] <ZeTa on ROck> you cant build exe without testing
- [18.02.2018 19:25:49] <ZeTa on ROck> where is it done bro
- [18.02.2018 19:25:50] <papiros> i already test in my virtual environment
- [18.02.2018 19:25:55] <ZeTa on ROck> but am not there
- [18.02.2018 19:26:05] <ZeTa on ROck> am the one to use it not you
- [18.02.2018 19:26:10] <ZeTa on ROck> so i need to be there
- [18.02.2018 19:26:16] <ZeTa on ROck> or let me connect to your team
- [18.02.2018 19:26:20] <ZeTa on ROck> and let me see the test
- [18.02.2018 19:26:33] <ZeTa on ROck> the test on your virtual machine
- [18.02.2018 19:27:13] <ZeTa on ROck> bro calm down and lets test it and i will send you 2200 today and we continue work on 10%
- [18.02.2018 19:27:16] <papiros> ok so
- 1. send BTC to 1J92qAi8cTDodSvke26wUmavsEhLkNeeP7
- 2. i send source to you in sendspace
- 3. you check source and see that it does all you need
- 4. we test bin in your teamviewer
- 5. if something you want me to fix , i fix it
- We are in contract here , you have our chat logs , and i have garuntee from you for 10% cut + fee
- [18.02.2018 19:27:55] <papiros> If you are not happy with terms , you can request moneyback , and i will sell this soft in public so i can get money back for my time
- [18.02.2018 19:28:08] <ZeTa on ROck> Yes i never change my word if i say this is how is going to be let it be so we have happy money making
- [18.02.2018 19:28:32] <papiros> bro i told you this 2 days ago , and you told me to proceed with coding ...
- [18.02.2018 19:28:38] <papiros> i am waiting for your answer
- [18.02.2018 19:28:54] <ZeTa on ROck> sure didnt i make upfront payment Yes or No?
- [18.02.2018 19:29:18] <ZeTa on ROck> now you finish the program we test and i will be happy for the work
- [18.02.2018 19:29:26] <ZeTa on ROck> i can add extra dollar for you
- [18.02.2018 19:29:29] <ZeTa on ROck> let me be happy
- [18.02.2018 19:29:32] <ZeTa on ROck> thats all
- [18.02.2018 19:29:37] <papiros> yes you did man , i have your $1800 , if you want money back becaue you not agree to my terms , you will get moneyback
- [18.02.2018 19:30:02] <papiros> man , i told you my terms 2 days ago , and you said "its ok , i take care of you , continue coding"
- [18.02.2018 19:30:10] <ZeTa on ROck> you know what give me your teamviewer and let me see the test on your system
- [18.02.2018 19:30:14] <ZeTa on ROck> how it works
- [18.02.2018 19:30:48] <ZeTa on ROck> then i can pay
- [18.02.2018 19:30:50] <papiros> i can show you it running on my PC sure bro, but you will not see destination PC because its in intranet
- [18.02.2018 19:30:59] <ZeTa on ROck> ah
- [18.02.2018 19:31:07] <ZeTa on ROck> i dont understand
- [18.02.2018 19:31:11] <papiros> ?
- [18.02.2018 19:31:45] <papiros> What not to understand, you ask me software which will spread your EXE to all PC in network, if my VM is not connected to internet but local LAN then you cannot see that target PC with teamviewer
- [18.02.2018 19:31:53] <papiros> you will only be able to connect to my host machine
- [18.02.2018 19:32:03] <papiros> you need to see it in local LAN to see result
- [18.02.2018 19:32:27] <ZeTa on ROck> what of the SAM
- [18.02.2018 19:32:31] <ZeTa on ROck> wont i see it
- [18.02.2018 19:32:33] <ZeTa on ROck> ?
- [18.02.2018 19:33:06] <ZeTa on ROck> bro you know what we will test it on my system here
- [18.02.2018 19:33:09] <ZeTa on ROck> i have 4 pc
- [18.02.2018 19:33:16] <ZeTa on ROck> to be assured
- [18.02.2018 19:33:23] <ZeTa on ROck> give me some minutes
- [18.02.2018 19:33:25] <papiros> you have pc in intranet set up ?
- [18.02.2018 19:33:34] <ZeTa on ROck> to arrange the exe
- [18.02.2018 19:33:37] <ZeTa on ROck> yes
- [18.02.2018 19:33:42] <papiros> ok great
- [18.02.2018 19:33:44] <ZeTa on ROck> i have 4 pc
- [18.02.2018 19:33:49] <papiros> just send me the EXE first so we can set it up
- [18.02.2018 19:33:54] <papiros> then we talk about rest
- [18.02.2018 19:52:14] <ZeTa on ROck> you there
- [18.02.2018 19:52:39] <papiros> yes
- [18.02.2018 19:53:42] <papiros> send the EXEs
- [18.02.2018 19:54:10] <papiros> ?OTRv23?
- papiros@exploit.im/ has requested an Off-the-Record private conversation <https://otr.cypherpunks.ca/>. However, you do not have a plugin to support that.
- See https://otr.cypherpunks.ca/ for more information.
- [18.02.2018 19:59:14] <ZeTa on ROck> bro
- [18.02.2018 19:59:39] <ZeTa on ROck> i need to see how you want to input the exe
- [18.02.2018 20:00:04] <ZeTa on ROck> let me do all myself by directing me
- [18.02.2018 20:00:41] <ZeTa on ROck> [12.02.2018 09:29:08] <papiros> man , can you prepare 1200 more in BTC ?
- [12.02.2018 09:31:02] <ZeTa on ROck> you mean tommorow
- [12.02.2018 09:31:09] <papiros> yes
- [12.02.2018 09:31:36] <ZeTa on ROck> ok lets see the test how it goes that wont be problem
- [12.02.2018 09:32:01] <papiros> so you will get it ?
- [12.02.2018 09:32:12] <papiros> as i agree for half of payment before project is done though
- [12.02.2018 09:32:17] <papiros> and other half after it is done
- [12.02.2018 09:32:20] <papiros> am already working all days
- [12.02.2018 09:33:03] <ZeTa on ROck> cool
- [12.02.2018 09:33:53] <ZeTa on ROck> ook tommorow bro
- [12.02.2018 09:34:10] <ZeTa on ROck> at least to see some part then will work on transfer
- [12.02.2018 09:35:47] <papiros> ok 1 moment
- [12.02.2018 09:45:30] <ZeTa on ROck> k
- [18.02.2018 20:01:36] <ZeTa on ROck> you there
- [18.02.2018 20:02:42] <ZeTa on ROck> you there
- [18.02.2018 20:02:49] <papiros> yeah bro
- [18.02.2018 20:02:55] <papiros> im here
- [18.02.2018 20:03:01] <papiros> but you didnt see what i said
- [18.02.2018 20:03:11] <papiros> [12.02.2018 09:32:12] <papiros> as i agree for half of payment before project is done though
- [12.02.2018 09:32:17] <papiros> and other half after it is done
- [18.02.2018 20:03:25] <ZeTa on ROck> read what i type
- [18.02.2018 20:03:25] <papiros> i can show you how to build it on your computer but
- [18.02.2018 20:03:34] <papiros> i need to give you the source code
- [18.02.2018 20:03:42] <papiros> and i need to show you how to compile it
- [18.02.2018 20:03:42] <ZeTa on ROck> [12.02.2018 09:31:36] <ZeTa on ROck> ok lets see the test how it goes that wont be problem
- [18.02.2018 20:03:43] <papiros> for that
- [18.02.2018 20:03:52] <ZeTa on ROck> the test
- [18.02.2018 20:03:58] <ZeTa on ROck> we need to do the test
- [18.02.2018 20:04:15] <ZeTa on ROck> here on my pc to see how you do it with the problem
- [18.02.2018 20:04:26] <ZeTa on ROck> and you will be the one to be doing the updates
- [18.02.2018 20:04:35] <ZeTa on ROck> join me on team here
- [18.02.2018 20:04:42] <ZeTa on ROck> let me paste you my team
- [18.02.2018 20:04:47] <ZeTa on ROck> the exe is on my desktop
- [18.02.2018 20:05:04] <papiros> bro i told you the terms above, you act on them how you want ...
- papiros@exploit.im: ok so
- 1. send BTC to 1J92qAi8cTDodSvke26wUmavsEhLkNeeP7
- 2. i send source to you in sendspace
- 3. you check source and see that it does all you need
- 4. we test bin in your teamviewer
- 5. if something you want me to fix , i fix it
- We are in contract here , you have our chat logs , and i have garuntee from you for 10% cut + fee
- [18.02.2018 20:05:20] <papiros> you need to give me the EXE
- [18.02.2018 20:05:34] <papiros> because i need to embed it into the source code as byte array
- [18.02.2018 20:05:57] <ZeTa on ROck> bro this is not what i requested for now you see what you build
- [18.02.2018 20:06:10] <ZeTa on ROck> i told you to put a place i can upload 3 exe type in GUI
- [18.02.2018 20:06:11] <papiros> yes and i know what i build its working
- [18.02.2018 20:06:41] <papiros> thats so much extra work...
- [18.02.2018 20:06:44] <ZeTa on ROck> the exe can be detected
- [18.02.2018 20:06:59] <papiros> yeah and you can FUD it and put it back in the source code yourself
- [18.02.2018 20:07:00] <ZeTa on ROck> now i see why you keep asking me this
- [18.02.2018 20:07:09] <ZeTa on ROck> bro do your work you doing something else for me
- [18.02.2018 20:07:27] <papiros> ?
- [18.02.2018 20:08:31] <ZeTa on ROck> you need to show me how is use the oen you did now
- [18.02.2018 20:08:36] <ZeTa on ROck> is not like how i want it
- [18.02.2018 20:08:47] <papiros> basically bro
- [18.02.2018 20:08:48] <ZeTa on ROck> install all the tools needed to my pc here
- [18.02.2018 20:09:01] <ZeTa on ROck> and show me how this work
- [18.02.2018 20:09:07] <ZeTa on ROck> and teach me
- [18.02.2018 20:09:09] <ZeTa on ROck> on it
- [18.02.2018 20:09:26] <ZeTa on ROck> you only talking of money money but you see what you build
- [18.02.2018 20:09:33] <ZeTa on ROck> you never explain what you build
- [18.02.2018 20:09:34] <ZeTa on ROck> to me
- [18.02.2018 20:09:55] <papiros> you have source code of my project
- 1. open the source code directory in cmd.exe
- 2. type builder.exe <path_to_exe_1> <path_to_exe_2> <path_to_exe_....>
- 3. then you build the source code in MSVS
- 4. then you get your bin.exe
- bin.exe is the what you load victim PC
- [18.02.2018 20:10:33] <papiros> i can show you how to do it but i cant send you the source code yet man
- [18.02.2018 20:10:51] <ZeTa on ROck> while have told you manytimes your money is available kindly relax put me through on it and you will be doing the update time to time then you you keep insisting on btc at least have paid almost half of the payment never see how it works or even test
- [18.02.2018 20:10:54] <papiros> but follow those steps , its very easy
- [18.02.2018 20:11:10] <ZeTa on ROck> bro hold the source just use teh GUI here
- [18.02.2018 20:11:19] <ZeTa on ROck> the gui you build with it
- [18.02.2018 20:11:26] <ZeTa on ROck> or you didnt build GUI?
- [18.02.2018 20:11:28] <papiros> there is no gui right now
- [18.02.2018 20:11:30] <papiros> no
- [18.02.2018 20:11:35] <ZeTa on ROck> damm
- [18.02.2018 20:11:37] <ZeTa on ROck> again
- [18.02.2018 20:11:42] <papiros> just a panel where report is sent
- and the spreader
- [18.02.2018 20:11:53] <ZeTa on ROck> what kind of panel
- [18.02.2018 20:11:54] <papiros> that you deploy on victim
- [18.02.2018 20:12:04] <papiros> simple panel that lets you download the SAM file from the page
- [18.02.2018 20:12:05] <papiros> thats it
- [18.02.2018 20:12:09] <ZeTa on ROck> bro you need to show me all this if am satisfy with your work
- [18.02.2018 20:12:14] <papiros> it gets the SAM file + PC name + ip:port
- [18.02.2018 20:13:22] <ZeTa on ROck> you did something else
- [18.02.2018 20:13:37] <papiros> what you mean ? this is what you told me to do
- [18.02.2018 20:13:48] <ZeTa on ROck> the panel use host
- [18.02.2018 20:13:49] <ZeTa on ROck> ?
- [18.02.2018 20:14:08] <ZeTa on ROck> like upload panel to host?
- [18.02.2018 20:14:23] <papiros> yeah you host it in on internet and it will get the SAM file from the system and the IP/PORT and PC name that it infected with your EXE that you specify in the builder
- [18.02.2018 20:14:52] <papiros> the spreader will spread your EXE(s) to all PCs in the network
- [18.02.2018 20:15:08] <papiros> and send report of those infected PCs with SAM file , IP/PORT and PC Name to the panel
- [18.02.2018 20:15:45] <papiros> and in panel you can see a simple html table with
- id ip port pc_name sam_file
- and you can download sam_file part with a link on the panel
- [18.02.2018 20:16:05] <ZeTa on ROck> Did i said anything about hosting ? in all our message bro please go through all our chat because i told about GUI not hosting, host dont connect outside from back thats why i request ICMP ,DNS through GUI like RAT
- [18.02.2018 20:16:28] <papiros> yes , it send the request to the panel through DNS request bro
- [18.02.2018 20:16:30] <papiros> ...
- [18.02.2018 20:16:50] <papiros> pass DNS request through HTTP server and HTTP server sent to panel
- [18.02.2018 20:16:59] <papiros> in the bank network will only see DNS traffic
- [18.02.2018 20:17:35] <ZeTa on ROck> bro let me see what you build seriously am having headache
- [18.02.2018 20:17:50] <ZeTa on ROck> test it here
- [18.02.2018 20:17:55] <ZeTa on ROck> let me give you my team
- [18.02.2018 20:18:06] <papiros> you send the BTC to my wallet and i will show you everything , send you source code and change anything you want bro
- [18.02.2018 20:18:25] <ZeTa on ROck> bro this is not what i requested for you build
- [18.02.2018 20:18:28] <ZeTa on ROck> cant you see
- [18.02.2018 20:18:42] <papiros> the only difference is you wanted to see it in a GUI
- [18.02.2018 20:18:47] <papiros> that you launch on your PC
- [18.02.2018 20:18:50] <papiros> and it connect to your PC
- [18.02.2018 20:18:52] <papiros> yes ?
- [19.02.2018 09:16:06] <papiros> what news ? you bought server ?
- [19.02.2018 09:16:27] <ZeTa on ROck> IP: 185.206.145.66
- ROOT Password: eI9DqnQhNCCbbod
- [19.02.2018 09:16:40] <papiros> ok great , and btc sent ?
- [19.02.2018 09:17:24] <ZeTa on ROck> bro that is not problem do the panel and lets see bro i have put your wallet in my btc
- [19.02.2018 09:17:32] <ZeTa on ROck> only for me to see how it works
- [19.02.2018 09:17:38] <ZeTa on ROck> and click send from here
- [19.02.2018 09:17:57] <papiros> great bro , click send and we set everything up and i send you the source
- [19.02.2018 09:18:11] <ZeTa on ROck> i will do that when test done
- [19.02.2018 09:18:14] <papiros> i will set up the panel and deploy spreader on your network
- [19.02.2018 09:18:20] <ZeTa on ROck> we test first before send source
- [19.02.2018 09:18:53] <papiros> bro , i told you the terms last night , i am still waiting , i am done everything on my end
- [19.02.2018 09:19:43] <ZeTa on ROck> when i send the btc u send the source but we will test it first but i need to see how is done and i dont know what you did
- [19.02.2018 09:19:50] <ZeTa on ROck> so lets see it together
- [19.02.2018 09:20:00] <ZeTa on ROck> and test it together when it works as we said
- [19.02.2018 09:20:08] <ZeTa on ROck> your money is not problem is available
- [19.02.2018 09:20:21] <ZeTa on ROck> or you dont trust on what you build
- [19.02.2018 09:20:30] <ZeTa on ROck> that i may change my mind
- [19.02.2018 09:20:33] <ZeTa on ROck> ???
- [19.02.2018 09:20:55] <papiros> i understand bro , i am still waiting for 10% + cut of BTC fee but , i know what i build i already explain you everything over jabber ,its very simple , no complications
- [19.02.2018 09:21:21] <papiros> i am watiing for you to send BTC and we will continue
- [19.02.2018 09:21:25] <ZeTa on ROck> but i never see the test you got it
- [19.02.2018 09:21:31] <ZeTa on ROck> to know
- [19.02.2018 09:21:45] <ZeTa on ROck> you just explain with typing but never see the action
- [19.02.2018 09:22:09] <ZeTa on ROck> at least i have the right to see the test
- [19.02.2018 09:22:26] <ZeTa on ROck> since is my have paid part payment
- [19.02.2018 09:22:36] <ZeTa on ROck> or i dont have the right to see the test??
- [19.02.2018 09:22:41] <ZeTa on ROck> tell me
- [19.02.2018 09:23:07] <ZeTa on ROck> do the panel and let see it
- [19.02.2018 09:23:13] <papiros> i told you bro , if you dont want to continue as i said in my 5 steps last night , you can get your money back , and i will sell the product in public to get my money back
- [19.02.2018 09:23:13] <ZeTa on ROck> now am cross checking
- [19.02.2018 09:23:43] <ZeTa on ROck> so you mean you want to return my money
- [19.02.2018 09:23:45] <ZeTa on ROck> ???
- [19.02.2018 09:24:11] <papiros> if you are not happy with my terms , then yes
- [19.02.2018 09:24:54] <ZeTa on ROck> but the terms and procedure of my work you didnt do it the way i want
- [19.02.2018 09:25:03] <papiros> or just send the rest and i will show you all the test you need , send you the source , and we will adjust it if you are not happy , but i dont see why yo uwill not be happy because i did everything like you wanted .
- [19.02.2018 09:25:06] <ZeTa on ROck> so i just need to cross check
- [19.02.2018 09:25:16] <papiros> man , last night i made the GUI for you
- [19.02.2018 09:25:24] <ZeTa on ROck> let me see it
- [19.02.2018 09:25:43] <papiros> its same as panel just simple table with
- id ip port pc_name sam_file
- [19.02.2018 09:25:51] <ZeTa on ROck> have already bought the host
- [19.02.2018 09:25:52] <papiros> saves to a .txt file
- [19.02.2018 09:25:58] <ZeTa on ROck> so let use it
- [19.02.2018 09:26:01] <ZeTa on ROck> and the exe
- [19.02.2018 09:26:04] <papiros> you can use either the host or the GUI
- [19.02.2018 09:26:10] <ZeTa on ROck> need to be upload on host
- [19.02.2018 09:26:23] <ZeTa on ROck> or how to upload it
- [19.02.2018 09:27:16] <papiros> i will upload it for you , and set up the server , and provide support in return for the 10% like we agreed , but send the BTC remaining to my address
- [19.02.2018 09:27:29] <ZeTa on ROck> can i see the GUI
- [19.02.2018 09:27:32] <ZeTa on ROck> png
- [19.02.2018 09:27:35] <ZeTa on ROck> to see it
- [19.02.2018 09:27:36] <ZeTa on ROck> now
- [19.02.2018 09:29:39] <ZeTa on ROck> ?
- [19.02.2018 09:30:17] <papiros> papiros@exploit.im: its same as panel just simple table with
- id ip port pc_name sam_file
- zetaboy@jabb.im: have already bought the host
- papiros@exploit.im: saves to a .txt file
- [19.02.2018 09:30:34] <papiros> output per knock outputs to a .txt file
- [19.02.2018 09:30:37] <ZeTa on ROck> let me see it
- [19.02.2018 09:30:39] <ZeTa on ROck> the gui
- [19.02.2018 09:31:01] <papiros> theres no interface visible its just a .txt file logger
- [19.02.2018 09:31:08] <ZeTa on ROck> LOL
- [19.02.2018 09:31:09] <papiros> instead of logging to web panel
- [19.02.2018 09:31:35] <ZeTa on ROck> let me see the screenshot
- [19.02.2018 09:31:37] <ZeTa on ROck> of it
- [19.02.2018 09:31:39] <papiros> what is the difference? you get path to sam file for each bot
- [19.02.2018 09:32:00] <ZeTa on ROck> cant you show it on PNG again
- [19.02.2018 09:32:52] <ZeTa on ROck> and send me the screen shot of the localhost panel you hard on your system you used for testing
- [19.02.2018 09:36:42] <ZeTa on ROck> waiting?
- [19.02.2018 09:38:27] <papiros> https://i.gyazo.com/faa45a621eefac2afc2d2b98b7cf3ed5.png
- https://i.gyazo.com/ed1d8350b4a8abb9ad8e5f7eb620dc1b.png
- [19.02.2018 09:39:08] <papiros> i dont see why this information should be generated in some fancy GUI or panel
- [19.02.2018 09:39:15] <papiros> its not a lot of info like my bot for example
- [19.02.2018 09:39:21] <papiros> its just a simple spreader
- [19.02.2018 09:39:26] <papiros> or you wanted something more ?
- [19.02.2018 09:39:28] <ZeTa on ROck> bro the panel for host
- [19.02.2018 09:39:38] <ZeTa on ROck> the one you used in testing
- [19.02.2018 09:39:50] <ZeTa on ROck> send me screen shot to see how it is
- [19.02.2018 09:39:58] <papiros> bro this is the same info there is in the panel except its in html table :)
- [19.02.2018 09:41:13] <ZeTa on ROck> yes let me see the screen shot
- [19.02.2018 09:41:21] <papiros> one moment
- [19.02.2018 09:41:25] <ZeTa on ROck> ok
- [19.02.2018 09:52:08] <ZeTa on ROck> waiting
- [19.02.2018 09:52:10] <ZeTa on ROck> ??
- [19.02.2018 09:52:28] <ZeTa on ROck> or you just start the code
- [19.02.2018 09:52:49] <ZeTa on ROck> i just want to see all the old jobs on it and how you got result in it
- [19.02.2018 09:53:50] <papiros> i just had to connect back to panel in source code and run in my Virtual environment
- [19.02.2018 09:53:52] <papiros> 1 moment please
- [19.02.2018 09:56:42] <papiros> https://i.gyazo.com/1c72d10f523eeee04014eb2da440b41a.png
- [19.02.2018 09:59:51] <ZeTa on ROck> bro the sam file is not like this the one you show me
- [19.02.2018 10:00:23] <ZeTa on ROck> no ntlm
- [19.02.2018 10:00:41] <ZeTa on ROck> i didnt see anything like user and hash pass
- [19.02.2018 10:01:02] <papiros> thats in the text file but you can dump the binary in a PE viewer
- [19.02.2018 10:01:10] <papiros> and you will see the NTLM hashes
- [19.02.2018 10:03:04] <ZeTa on ROck> the port is used for what
- [19.02.2018 10:03:05] <ZeTa on ROck> ???
- [19.02.2018 10:03:14] <ZeTa on ROck> is it for RDP open port
- [19.02.2018 10:03:17] <ZeTa on ROck> ?
- [19.02.2018 10:03:30] <papiros> yes
- [19.02.2018 10:03:42] <papiros> like you asked
- [19.02.2018 10:04:50] <papiros> the ip is to connect to the rdp from intranet
- [19.02.2018 10:05:05] <papiros> the password is blank for the newly created username
- [19.02.2018 10:05:13] <papiros> user is hidden from system
- [19.02.2018 10:05:35] <ZeTa on ROck> bro will this disconnect the person working on the system
- [19.02.2018 10:05:59] <ZeTa on ROck> like if i get the sam and try to crack the hash and connect to the pc the person will be disconnect
- [19.02.2018 10:06:04] <papiros> at the moment, yes it would, i would need to create a hidden rdp client interface to not make it so
- [19.02.2018 10:06:06] <ZeTa on ROck> automatic
- [19.02.2018 10:06:39] <papiros> but you can use the hvnc from my bot to do that
- [19.02.2018 10:06:53] <papiros> i can configure it to work in intranet, i would just need 1 day of time
- [19.02.2018 10:07:46] <papiros> i can include it free of charge, as there is already some things you that bother you
- [19.02.2018 10:08:47] <ZeTa on ROck> the HVNC has to get privilege
- [19.02.2018 10:09:10] <papiros> the program that we deploy it from already has prvilege because of the exploit
- [19.02.2018 10:09:20] <papiros> so hvnc will have same privileges
- [19.02.2018 10:09:53] <papiros> as we can SetSecurityDescriptorInfo to the same as dropper
- [19.02.2018 10:10:17] <ZeTa on ROck> and has to bypass firewall bro to be able to communicate outside
- [19.02.2018 10:10:35] <papiros> my hvnc already bypass NAT
- [19.02.2018 10:10:39] <papiros> so its not a problem
- [19.02.2018 10:10:45] <papiros> as it works with backconnect
- [19.02.2018 10:11:02] <ZeTa on ROck> the endpoint antivirus
- [19.02.2018 10:11:05] <ZeTa on ROck> you know about it
- [19.02.2018 10:11:13] <papiros> endpoint security , yes
- [19.02.2018 10:11:26] <ZeTa on ROck> and most bank do close port thats why i request it to open rdp port
- [19.02.2018 10:11:49] <papiros> i understand , and like i said its already open a port
- [19.02.2018 10:13:07] <papiros> this reg key is changed to our target port to avoid endpoint security from worrying about port 3389
- HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\PortNumber
- [19.02.2018 10:15:34] <ZeTa on ROck> ok
- [19.02.2018 10:15:44] <ZeTa on ROck> do it
- [19.02.2018 10:16:14] <papiros> i will do it bro, but send the BTC transfer
- [19.02.2018 10:17:23] <ZeTa on ROck> how long to finish it
- [19.02.2018 10:17:38] <ZeTa on ROck> upload the panel
- [19.02.2018 10:17:43] <ZeTa on ROck> i want it to be done today
- [19.02.2018 10:17:58] <papiros> 21.02.2018
- [19.02.2018 10:18:07] <papiros> Send the BTC , i will upload the panel and get to work
- [19.02.2018 10:18:17] <papiros> and i will send you the latest source code
- [19.02.2018 10:18:28] <ZeTa on ROck> well you can upload teh panel like that to start using it
- [19.02.2018 10:18:37] <ZeTa on ROck> then you can have time building it
- [19.02.2018 10:18:47] <papiros> what do you mean ?
- [19.02.2018 10:19:05] <ZeTa on ROck> i mean upload the panel to the vps i bought
- [19.02.2018 10:19:12] <ZeTa on ROck> and we can use the test today
- [19.02.2018 10:19:23] <papiros> i will but send the BTC transfer
- [19.02.2018 10:19:27] <ZeTa on ROck> then on 21 when the hvnc is done it will be like updates of it
- [19.02.2018 10:19:43] <papiros> yes , exactly
- [19.02.2018 10:19:44] <ZeTa on ROck> how to upload my exe
- [19.02.2018 10:19:48] <ZeTa on ROck> in the panel
- [19.02.2018 10:19:51] <ZeTa on ROck> or where
- [19.02.2018 10:19:57] <ZeTa on ROck> is confusing bro
- [19.02.2018 10:20:05] <papiros> you will put the EXE in uploads folder bro
- [19.02.2018 10:20:12] <ZeTa on ROck> in the panel
- [19.02.2018 10:20:17] <papiros> yes
- [19.02.2018 10:20:26] <ZeTa on ROck> can i see the screen shot
- [19.02.2018 10:20:31] <papiros> yes
- [19.02.2018 10:20:45] <ZeTa on ROck> ok show me bro
- [19.02.2018 10:22:06] <papiros> https://i.gyazo.com/a36925d1f215ada5dd68f5e527d37720.png
- [19.02.2018 10:22:34] <papiros> there is uploads folder
- [19.02.2018 10:22:40] <papiros> you place EXEs in there
- [19.02.2018 10:23:06] <ZeTa on ROck> how
- [19.02.2018 10:23:09] <ZeTa on ROck> in webpanel
- [19.02.2018 10:23:09] <papiros> and spreader will download them
- [19.02.2018 10:23:17] <ZeTa on ROck> or in host
- [19.02.2018 10:23:26] <ZeTa on ROck> or i have to login to ftp to do that
- [19.02.2018 10:23:32] <papiros> oh simple there is this tool "winscp" you connect to host from there and you can drag/drop the EXE to there
- [19.02.2018 10:23:48] <papiros> https://winscp.net/eng/docs/lang:ru
- [19.02.2018 10:24:49] <ZeTa on ROck> OK hope it the spreader will be able to connect to host to download without detection
- [19.02.2018 10:24:59] <ZeTa on ROck> because most pagest is block
- [19.02.2018 10:25:28] <papiros> since the spreader connect through local DNS proxy , it will not be blocked
- [19.02.2018 10:25:50] <papiros> in my virtual machine am running Comodo Endpoint Protection
- [19.02.2018 10:25:57] <papiros> and have webfilter set up
- [19.02.2018 10:26:22] <papiros> and its not blocked , no reason in bank network there will be block as comodo is corporate endpoint solution
- [19.02.2018 10:26:51] <ZeTa on ROck> bro they have symatec
- [19.02.2018 10:27:00] <ZeTa on ROck> symatec endpoint
- [19.02.2018 10:27:05] <papiros> Symantec Endpoint 14?
- [19.02.2018 10:27:25] <ZeTa on ROck> yes
- [19.02.2018 10:27:31] <papiros> Great !
- [19.02.2018 10:27:45] <papiros> Its not a problem then , here is the runtime dyncheck
- [19.02.2018 10:28:04] <papiros> 1 moment
- [19.02.2018 10:30:17] <ZeTa on ROck> ok
- [19.02.2018 10:31:08] <papiros> https://dyncheck.com/scan/id/d0a39960d5e0c74fba6ab084d933064f#collapse_info
- [19.02.2018 10:32:08] <papiros> as you see only one we need to worry about is norton and kaspersky
- [19.02.2018 10:32:51] <papiros> and even these i can bypass if needed
- [19.02.2018 10:33:20] <papiros> send me BTC
- [19.02.2018 10:33:33] <papiros> oh and also will scan 19.02.2018 version of spreader in there and you will see
- [19.02.2018 10:34:18] <ZeTa on ROck> so you show me your botnet while not my spreader
- [19.02.2018 10:34:29] <papiros> where you see botnet
- [19.02.2018 10:34:38] <ZeTa on ROck> i see bot.exe
- [19.02.2018 10:34:46] <papiros> Бот.ехе is name for the file
- [19.02.2018 10:35:20] <papiros> if you want i can rescan it and show you
- [19.02.2018 10:35:34] <papiros> my botnet is 8/23
- [19.02.2018 10:35:36] <papiros> not 2/23
- [19.02.2018 10:35:40] <papiros> look on my thread
- [19.02.2018 10:36:26] <papiros> i will call it spreader.exe if you want
- [19.02.2018 10:36:36] <papiros> doesnt matter though what you see there is scan result
- [19.02.2018 10:36:37] <papiros> not file name
- [19.02.2018 10:37:04] <ZeTa on ROck> okay and the spreader is the one i will use to infect
- [19.02.2018 10:37:21] <papiros> indeed
- [19.02.2018 10:37:24] <ZeTa on ROck> and it will go and download my exe??
- [19.02.2018 10:37:24] <papiros> this file
- [19.02.2018 10:37:33] <papiros> the ones that you will place in the uploads folder
- [19.02.2018 10:37:39] <papiros> it will download all the exes from that folder
- [19.02.2018 10:37:47] <papiros> and execute them in memory
- [19.02.2018 10:37:49] <ZeTa on ROck> with the upload now can i upload my exe with any name
- [19.02.2018 10:37:51] <ZeTa on ROck> ?,
- [19.02.2018 10:37:57] <papiros> yes
- [19.02.2018 10:38:18] <ZeTa on ROck> so now you will have to modified the exe to work with the IP??
- [19.02.2018 10:38:19] <papiros> it will grab all the file names from the index and download them
- [19.02.2018 10:38:24] <ZeTa on ROck> the vps i bought
- [10:46:39] <ZeTa on ROck> i will process it
- [10:46:47] <ZeTa on ROck> when upload and we can do the test
- [10:47:09] <papiros@exploit.im> bro i told you already , send the BTC and then we will do all that
- [10:50:11] <papiros@exploit.im> i will wait till i see the BTC transfer bro , and then i will set up the server / panel and send exe and guide you over teamviewer , and continue working
- [10:50:16] <papiros@exploit.im> till then , i am waiting
- [10:52:02] <ZeTa on ROck> the sam file
- [10:52:08] <ZeTa on ROck> how to see the user and pass
- [10:52:15] <ZeTa on ROck> the one you show me is different
- [10:52:45] <papiros@exploit.im> must decrypt the NTLM hash , you need to dump the contents of that file into binary viewer and extract hash from hex dump
- [10:54:37] <ZeTa on ROck> wait give me some minutes
- [10:54:45] <ZeTa on ROck> to ask we will finish all today
- [10:54:45] <papiros@exploit.im> okay bro
- [10:54:50] <ZeTa on ROck> and you will get your btc
- [10:54:57] <papiros@exploit.im> what do you mean ?
- [10:54:58] <ZeTa on ROck> but need to confirm very well
- [10:55:24] <ZeTa on ROck> i want to ask about the sam from somone
- [10:55:27] <ZeTa on ROck> here
- [10:55:30] <ZeTa on ROck> if is like that
- [10:55:31] <papiros@exploit.im> okay bro
- [10:55:40] <papiros@exploit.im>
- > must decrypt the NTLM hash , you need to dump the contents of that file into binary viewer and extract hash from hex dump
- [10:55:41] <papiros@exploit.im> like this bro
- [11:01:07] *** papiros@exploit.im is now Offline
- [11:01:25] *** Contact has been switched: papiros@exploit.im/385095953815193016740321
- [11:01:25] *** papiros@exploit.im is now Online [1]
- [11:07:10] <papiros@exploit.im> so whats the news bro ?
- [11:07:17] <papiros@exploit.im> whats going on ?
- [11:07:28] <ZeTa on ROck> on phone
- [11:07:34] <ZeTa on ROck> giver me 30mins
- [11:08:20] <papiros@exploit.im> ok bro , i will wait , in 30 mins you will give me answer ?
- [11:08:23] <papiros@exploit.im> i need to go after that
- [11:33:40] *** papiros@exploit.im is now Away: I'm not here right now
- [11:36:34] *** papiros@exploit.im is now Online [1]
- [11:36:37] <papiros@exploit.im> okay bro , ready ?
- [11:38:45] <papiros@exploit.im> ?
- [11:42:19] <papiros@exploit.im> bro , what is going on ?
- [11:44:44] <papiros@exploit.im> okay listen , i waited long enough , i have to go now , i will be back in 5 hours . if i am not seeing BTC transfer then , i will assume that you are not interested to work with me . you told me to wait 30 mins, and now its been 35 mins and you are not here . i am done wating , we talked 150 minutes , i am waiting on BTC transfer from your side . see you later .
- [11:45:38] <ZeTa on ROck> back
- [11:45:42] <ZeTa on ROck> bro hold pls
- [11:46:20] <papiros@exploit.im> ok im holding
- [11:46:26] <ZeTa on ROck> am sending 2200
- [11:46:35] <papiros@exploit.im> ok , am waiting bro
- [11:46:40] <ZeTa on ROck> but bro you need to do your part well
- [11:47:02] <ZeTa on ROck> the HRDP will be ready on 21:02:2017
- [11:47:05] <ZeTa on ROck> right?
- [11:47:16] <papiros@exploit.im> yes , i will set up server , upload panel , send you source code and HVNC bro , it will be just like HRDP
- [11:47:28] <papiros@exploit.im> 21.02.2017
- [11:47:35] <papiros@exploit.im> agreed?
- [11:47:40] <ZeTa on ROck> what of HRDP
- [11:47:50] <ZeTa on ROck> is far better than HVNC
- [11:47:50] <papiros@exploit.im> HVNC bro , its same as HRDP
- [11:47:57] <papiros@exploit.im> i can do HRDP too
- [11:48:09] <papiros@exploit.im> 21.02.2018 like we agreed
- [11:48:12] <ZeTa on ROck> do HRDP
- [11:48:17] <ZeTa on ROck> since is Windows
- [11:48:25] <ZeTa on ROck> so the interface will be good
- [11:48:42] <papiros@exploit.im> the interface will be same as what you see in desktop but in hidden windows
- [11:48:56] <papiros@exploit.im> user will not see the interaction you make from interface with his desktop
- [11:49:01] <papiros@exploit.im> but you can have 2 at the same time
- [11:49:02] <ZeTa on ROck> does it creat session id and pass
- [11:49:10] <papiros@exploit.im> yes
- [11:49:13] <papiros@exploit.im> and send to the panel
- [11:49:13] <ZeTa on ROck> like user and pass to connect
- [11:49:16] <papiros@exploit.im> yes
- [11:49:33] <ZeTa on ROck> parrelle
- [11:49:54] <papiros@exploit.im> the logged in user with not be disconnected
- [11:50:49] <papiros@exploit.im> agreed bro ?
- [11:51:29] <ZeTa on ROck> with privilege
- [11:51:31] <ZeTa on ROck> Yes
- [11:51:42] <papiros@exploit.im> Yes, it will have the same privilege as the spreader
- [11:51:47] <papiros@exploit.im> since it is elevated from exploit chain
- [11:52:08] <ZeTa on ROck> what about the detections
- [11:52:11] <ZeTa on ROck> the 2
- [11:52:23] <papiros@exploit.im> are the norton and kaspersky detection important for our task bro ?
- [11:52:29] <papiros@exploit.im> you said target has symantec endpoint 14
- [11:52:33] <ZeTa on ROck> yes
- [11:52:38] <ZeTa on ROck> ther are many banks
- [11:52:44] <papiros@exploit.im> norton and kaspersky is important to remove ?
- [11:52:44] <ZeTa on ROck> not all banks use symantec
- [11:52:59] <ZeTa on ROck> the one i need to attack now is symantec
- [11:53:04] <papiros@exploit.im> okay , i will work to remove them bro , but first HRDP 21.02.2018
- [11:53:05] <ZeTa on ROck> which we going to work it together
- [11:53:08] <papiros@exploit.im> then i will remove those 2 detections
- [11:53:22] <papiros@exploit.im> agreed.
- [11:53:33] <papiros@exploit.im> do you know how much money we are going to take ?
- [11:53:35] <papiros@exploit.im> just approx
- [11:54:48] <papiros@exploit.im> also bro , let me know when you sent the transfer , i will start setup panel on server and start work
- [11:55:54] <ZeTa on ROck> ok
- [11:57:24] <papiros@exploit.im> i should wait ?
- [11:58:44] <ZeTa on ROck> yes
- [11:58:59] <ZeTa on ROck> do you have perfect money
- [11:59:05] <ZeTa on ROck> the tax fee
- [11:59:08] <ZeTa on ROck> is much
- [11:59:10] <papiros@exploit.im> yes , i have
- [11:59:23] <papiros@exploit.im> 1 min
- [11:59:52] <ZeTa on ROck> the money is in the btc
- [12:00:00] <ZeTa on ROck> but i need to add more for transfer fee
- [12:00:25] <ZeTa on ROck> bro can you give the tools needed to decrypte the sam file
- [12:00:26] <papiros@exploit.im> oh
- [12:00:30] <ZeTa on ROck> where to download it
- [12:01:28] <papiros@exploit.im>
- http://passwords.openwall.net/b/pwdump/pwdump2.zip
- [12:01:42] <papiros@exploit.im> wait so bro easier to send by BTC or PM
- [12:01:49] <papiros@exploit.im> as in BTC there is small transfer fee
- [12:01:52] <papiros@exploit.im> its like $5
- [12:02:07] <ZeTa on ROck> btc
- [12:02:24] <ZeTa on ROck> i need fees to be added to it so your 2200can complete
- [12:02:25] <papiros@exploit.im> so you can send BTC ?
- [12:02:28] <ZeTa on ROck> i paid vps
- [12:02:32] <papiros@exploit.im> oh
- [12:02:32] <ZeTa on ROck> yesterday
- [12:02:52] <ZeTa on ROck> am i have already call for small btc to be send to send ur btc out
- [12:03:13] <papiros@exploit.im> oh , i understand , do you know how long it will take for it to come ?
- [12:03:31] <papiros@exploit.im> the transfer fee
- [12:03:34] <ZeTa on ROck> it wont take time am waiting for it now
- [12:03:44] <papiros@exploit.im> oh , great then i will wait !
- [12:03:58] <ZeTa on ROck> due to i deduct 9 euro from it yesterday
- [12:04:00] <ZeTa on ROck> for vps
- [12:04:03] <ZeTa on ROck> ok cool
- [12:04:04] <ZeTa on ROck> bro
- [12:04:06] <papiros@exploit.im> thats fine bro
- [12:04:14] <ZeTa on ROck> is this only tool needed
- [12:04:19] <ZeTa on ROck> to work on sam
- [12:05:02] <papiros@exploit.im>
- You can use that tool , or you can also use John The Ripper which you can download from here http://www.openwall.com/john/
- [12:05:31] <papiros@exploit.im> Either one of those will work for SAM file bro
- [12:06:10] <ZeTa on ROck> the pwddump is not opening
- [12:06:15] <ZeTa on ROck> it open cmd and close
- [12:06:23] <papiros@exploit.im> its a cmdline tool bro
- [12:06:28] <papiros@exploit.im> you need to run it with cmd.exe
- [12:06:34] <papiros@exploit.im> i will show you how to use it man
- [12:07:16] <ZeTa on ROck> okay
- [12:12:24] <papiros@exploit.im> BTC sending bro ?
- [12:16:59] <papiros@exploit.im> bro ?
- [12:17:27] <papiros@exploit.im> How long i should wait ... ?
- [12:19:00] <papiros@exploit.im> I am going to go off now bro , I will be back in 5 hours , hope i will hear from you then . for now , bye
- [12:19:15] <ZeTa on ROck> wait
- [12:19:20] <papiros@exploit.im> ?
- [12:19:27] <papiros@exploit.im> where you go bro ?
- [12:19:32] <ZeTa on ROck> lets start
- [12:19:42] <ZeTa on ROck> give me again for verifications
- [12:19:48] <papiros@exploit.im> you send BTC ?
- [12:20:00] <papiros@exploit.im> my wallet you mean ?
- [12:20:11] <ZeTa on ROck> yes your wallet
- [12:20:18] <papiros@exploit.im> i need to generate new one here
- [12:20:29] <papiros@exploit.im> 1J92qAi8cTDodSvke26wUmavsEhLkNeeP7
- [12:20:29] <ZeTa on ROck> the btc address
- [12:20:34] <ZeTa on ROck> ok
- [12:22:57] <papiros@exploit.im> you sent bro ?
- [12:25:28] <papiros@exploit.im> ?
- [12:25:41] <ZeTa on ROck> hold my bro
- [12:25:45] <ZeTa on ROck> login to another pc
- [12:25:48] <ZeTa on ROck> to trf
- [12:26:12] <papiros@exploit.im> okay i will wait 9 mins more bro
- [12:26:49] <papiros@exploit.im> if sent then i will start setup panel and server with BIN now , if not , i need to go and will be back 5 hours
- [12:29:11] <ZeTa on ROck> hold
- [12:29:13] <ZeTa on ROck> sending
- [12:29:33] <papiros@exploit.im> okay holding
- [12:31:11] <ZeTa on ROck> check
- [12:31:13] <ZeTa on ROck> sent
- [12:31:54] <ZeTa on ROck> https://blockchain.info/tx/f97f8f995ff418ec5ae6f1d8c190d1f99fc994f15a7fe120ad96b61afe5ea3e6
- [12:33:45] <papiros@exploit.im> okay i got it
- [12:33:57] <papiros@exploit.im>
- IP: 185.206.145.66
- ROOT Password: eI9DqnQhNCCbbod
- [12:34:00] <papiros@exploit.im> will start to set up now
- [12:34:06] <ZeTa on ROck> okay
- [12:34:10] <papiros@exploit.im> where you want me to upload source of spreader
- [12:34:20] <papiros@exploit.im> and you want me to just link this ip to the spreader ?
- [12:34:31] <ZeTa on ROck> i dont understand
- [12:34:43] <papiros@exploit.im> you want the source code of the spreader now or after hrdp is done ?
- [12:34:52] <ZeTa on ROck> now
- [12:34:59] <papiros@exploit.im> so where do you want me to upload it
- [12:35:05] <ZeTa on ROck> i want to the source code then when done hrdp you can send it again
- [12:35:09] <papiros@exploit.im> and which ip you want me to connect to spreader
- [12:35:15] <papiros@exploit.im> okay
- [12:35:23] <papiros@exploit.im> just this server ip?
- [12:35:38] <papiros@exploit.im> i will setup lamp stack on there now and setup the panel
- [12:36:06] <ZeTa on ROck> i dont know how it work if ip is good or
- [12:36:11] <ZeTa on ROck> you need to know the best
- [12:36:44] <ZeTa on ROck> can you send the file through jabber
- [12:39:11] <papiros@exploit.im> ok i will set up this ip , it is good
- [12:40:55] <ZeTa on ROck> OKay
- [12:41:00] <ZeTa on ROck> send the source also
- [12:42:34] <papiros@exploit.im>
- https://0bin.net/paste/GW4P6iHVNX+e3wZa#sUw2A50p79kMGd17phZc00GM+-UvaziZs/7bqM6yuMw
- [12:42:42] <papiros@exploit.im> i will setup server now
- [12:42:54] <ZeTa on ROck> ok
- [12:42:58] <papiros@exploit.im> i will update you when ready
- [12:43:02] <ZeTa on ROck> ok
- [12:43:08] <ZeTa on ROck> what about the exe to lunch
- [12:43:17] <ZeTa on ROck> is it when you done the setting
- [12:43:22] <ZeTa on ROck> the exe will be available
- [12:58:55] *** papiros@exploit.im is now Offline
- [13:46:09] <ZeTa on ROck> bro have you fnished
- [18:10:54] *** Contact has been switched: papiros@exploit.im/1507998799151963851814475
- [18:10:54] *** papiros@exploit.im is now Online [1]
- [18:19:41] <ZeTa on ROck> hello you done??
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement