API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 7th, 2018
305
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.66 KB | None | 0 0
raw download clone embed print report
  1. ADVAPI32.DLL
  2. CryptGetUserKey
  3. KERNEL32.DLL
  4. LoadLibraryExW
  5. WS2_32.DLL
  6. WSARecv
  7. WSASend
  8. closesocket
  9. recv
  10. CHROME.DLL
  11. soft=%u&version=%u&user=%08x%08x%08x%08x&server=%u&id=%u&crc=%x
  12. version=%u&soft=%u&user=%08x%08x%08x%08x&server=%u&id=%u&type=%u&name=%s
  13. Mozilla/4.0 (compatible; MSIE 8.0; Windows NT %u.%u%s)
  14. http://
  15. https://
  16. file://
  17. USER.ID
  18. %lu.exe
  19. /upd %lu
  20. Software\AppDataLow\Software\Microsoft\
  21. Main
  22. Block
  23. Temp
  24. Client
  25. Ini
  26. Keys
  27. Scr
  28. LastTask
  29. LastConfig
  30. CrHook
  31. OpHook
  32. Exec
  33. http://ietf.org/rfc/rfc3022.txt
  34. C:\Program Files\Internet Explorer\iexplore.exe
  35. Software\Microsoft\Windows\CurrentVersion\Run
  36. System\CurrentControlSet\Control\Session Manager\AppCertDlls
  37. text
  38. image
  39. json
  40. html
  41. javascript
  42. xml
  43. URL: %s
  44. user=%s
  45. pass=%s
  46. URL: %s
  47. REF: %s
  48. LANG: %s
  49. AGENT: %s
  50. COOKIE: %s
  51. POST:
  52. USERID: %s
  53. USER: %s
  54. DEVICE: %s
  55. CLASS: %s
  56. INTERFACE: %s
  57. ADD: %u
  58. @%s@
  59. grabs=
  60. HIDDEN
  61. %08x%08x%08x%08x
  62. @ID@
  63. @GROUP@
  64. @RANDSTR@
  65. @URL=*@
  66. @CONFIG=*@
  67. @VIDEO=*@
  68. @SOCKS=*@
  69. @VNC=*@
  70. %s.%s
  71. http
  72. .bat
  73. .bin
  74. Local\
  75. \\.\pipe\
  76. %APPDATA%\Microsoft\
  77. %APPDATA%
  78. form
  79. log
  80. keys
  81. POST
  82. Content-Disposition: form-data; name="upload_file"; filename="%s"
  83. POST
  84. --%s
  85. --%s--
  86. GET
  87. GET
  88. -01
  89. %u%u%u
  90. Content-Type: multipart/form-data; boundary=%s
  91. Content-Disposition: form-data; name="upload_file"; filename="%.4u.%lu"
  92. Content-Type: application/octet-stream
  93. {%08X-%04X-%04X-%04X-%08X%04X}
  94. %08X-%04X-%04X-%04X-%08X%04X
  95. S:(ML;;NW;;;LW)D:(A;;0x1fffff;;;WD)(A;;0x1fffff;;;S-1-15-2-1)
  96. \Run
  97. open
  98. %lu.bat
  99. attrib -r -s -h %%1
  100. :%u
  101. del %%1
  102. if exist %%1 goto %u
  103. del %%0
  104. \Vars
  105. \Files
  106. \Config
  107. /data.php?version=%u&user=%08x%08x%08x%08x&server=%u&id=%u&type=%u&name=%s
  108. /UPD
  109. /SD
  110. /sd %lu
  111. SOFTWARE\Microsoft\Windows NT\CurrentVersion
  112. \Software\Microsoft\Windows\CurrentVersion
  113. SystemRoot
  114. *\Macromedia\Flash Player\
  115. %APPDATA%\Mozilla\Firefox\Profiles
  116. EnableSPDY3_0
  117. cookies.sqlite
  118. NSPR4.DLL
  119. cookies.sqlite-journal
  120. NSS3.DLL
  121. ieui
  122. *.sol
  123. *.txt
  124. \cookie.ff
  125. OPERA.EXE
  126. \cookie.ie
  127. NTDLL.DLL
  128. \sols
  129. \\?\
  130. ieapfltr
  131. Content-MD5:
  132. *.*
  133. ISFB
  134. Accept-Encoding:
  135. Cookie:
  136. --use-spdy=off --disable-http2
  137. gif
  138. jpeg
  139. SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
  140. Content-Encoding:
  141. %02u-%02u-%02u %02u:%02u:%02u
  142. %02u-%02u-%02u %02u:%02u:%02u
  143. Clipboard
  144. Host:
  145. Windows Explorer
  146. Content-Type:
  147. DelegateExecute
  148. SOFTWARE\Classes\Chrome
  149. command
  150. *.*
  151. WININET.DLL
  152. WSOCK32.DLL
  153. WININET.dll
  154. VERSION.dll
  155. kernelbase
  156. ieframe
  157. urlmon
  158. mshtml
  159. inetcpl.cpl
  160. NTDSAPI.DLL
  161. User-Agent:
  162. Connection:
  163. Content-Length:
  164. Transfer-Encoding:
  165. Referer:
  166. Accept-Language:
  167. Content-Security-Policy:
  168. Content-Security-Policy-Report-Only:
  169. X-Frame-Options
  170. Access-Control-Allow-Origin:
  171. Cache-Control:
  172. Last-Modified:
  173. Etag:
  174. no-cache, no-store, must-revalidate
  175. ocsp
  176. chunked
  177. identity
  178. gzip, deflate
  179. gzip
  180. HTTP/1.1 404 Not Found
  181. %02u:%02u:%02u
  182. EMPTY
  183. Cmd %s processed: %u
  184. | "%s" | %u
  185. Cmd %u parsing: %u
  186. PR_Read
  187. PR_Write
  188. PR_Close
  189. cmd /C "%s> %s1"
  190. systeminfo.exe
  191. tasklist.exe /SVC >
  192. driverquery.exe >
  193. reg.exe query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall" /s >
  194. cmd /U /C "type %s1 > %s & del %s1"
  195. net view >
  196. nslookup 127.0.0.1 >
  197. echo -------- >
  198. nslookup myip.opendns.com resolver1.opendns.com
  199. ss: *.*.*.*
  200. Unknown
  201. .pfx
  202. AddressBook
  203. AuthRoot
  204. CertificateAuthority
  205. Disallowed
  206. Root
  207. TrustedPeople
  208. TrustedPublisher
  209. InternetSetStatusCallback
  210. HttpAddRequestHeadersW
  211. HttpAddRequestHeadersA
  212. HttpQueryInfoW
  213. HttpQueryInfoA
  214. InternetConnectW
  215. InternetConnectA
  216. InternetQueryDataAvailable
  217. HttpSendRequestW
  218. HttpSendRequestA
  219. InternetReadFileExW
  220. InternetReadFileExA
  221. InternetWriteFile
  222. InternetReadFile
  223. HttpOpenRequestW
  224. RegQueryValueExW
  225. RegGetValueW
  226. PR_Poll
  227. PR_GetError
  228. PR_SetError
  229. ExitProcess
  230. LdrRegisterDllNotification
  231. LdrUnregisterDllNotification
  232. CreateProcessA
  233. CreateProcessW
  234. CreateProcessAsUserA
  235. CreateProcessAsUserW
  236. ZwGetContextThread
  237. ZwSetContextThread
  238. ZwWriteVirtualMemory
  239. ZwWow64QueryInformationProcess64
  240. ZwWow64ReadVirtualMemory64
  241. ZwProtectVirtualMemory
  242. LdrLoadDll
  243. LdrGetProcedureAddress
  244. RtlSetUnhandledExceptionFilter
  245. LoadLibraryA
  246. RtlExitUserThread
  247. CreateRemoteThread
  248. %02u-%02u-%02u %02u:%02u:%02u
  249. PluginRegisterCallbacks
  250. .rdata
  251. .text
  252. .data
  253. DLL load status: %u
  254. %s=%s&
  255. 0123456789ABCDEF
  256. Main
  257. Blocked
  258. user_pref("network.http.spdy.enabled", false);
  259. /images/
  260. .avi
  261. prefs.js
  262. %s=%s&
  263. HTTPMail
  264. SMTP
  265. POP3
  266. IMAP
  267. none
  268. WABOpen
  269. Software\Microsoft\Windows Mail
  270. Software\Microsoft\Windows Live Mail
  271. Store Root
  272. Salt
  273. account{*}.oeaccount
  274. Server
  275. User_Name
  276. Password2
  277. Port
  278. Secure_Connection
  279. NSS_Init
  280. NSS_Shutdown
  281. type=%S, name=%S, address=%S, server=%S, port=%u, ssl=%S, user=%S, password=%S
  282. PK11_Authenticate
  283. type=%S, name=%s, address=%s, server=%s, port=%u, ssl=%s, user=%s, password=%s
  284. PK11_FreeSlot
  285. MessageAccount
  286. hostname
  287. .gif
  288. Account_Name
  289. encryptedUsername
  290. SMTP_Email_Address
  291. encryptedPassword
  292. %S_%S
  293. %systemroot%\system32\c_1252.nls
  294. EmailAddressCollection/EmailAddress[%u]/Address
  295. Software\Microsoft\Office\15.0\Outlook\Profiles\Outlook\
  296. DllRegisterServer
  297. Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\
  298. Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\
  299. Email
  300. Account Name
  301. IMAP Server
  302. IMAP Port
  303. IMAP User
  304. IMAP Password
  305. IMAP Use SSL
  306. POP3 User
  307. POP3 Server
  308. POP3 Port
  309. POP3 Password
  310. POP3 Use SSL
  311. SMTP User
  312. SMTP Server
  313. SMTP Port
  314. SMTP Password
  315. SMTP Use SSL
  316. A8000A
  317. 1.0
  318. nss3.dll
  319. PK11_GetInternalKeySlot
  320. PK11SDR_Decrypt
  321. %PROGRAMFILES%\Mozilla Thunderbird
  322. %USERPROFILE%\AppData\Roaming\Thunderbird\Profiles\*.default
  323. \logins.json
  324. ://
  325. %systemroot%\syswow64\cmd.exe
  326. /C pause mail
  327. .jpeg
  328. .bmp
  329. %c%02X
  330. \\.\%s
  331. \*.dll
  332. rundll32 "%s",%S
  333. .exe
  334. .dll
  335. IsWow64Process
  336. Wow64EnableWow64FsRedirection
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!