Antichat снова доступен.
Форум Antichat (Античат) возвращается и снова открыт для пользователей.
Здесь обсуждаются безопасность, программирование, технологии и многое другое.
Сообщество снова собирается вместе.
Новый адрес: forum.antichat.xyz
 |
03.10.2007, 19:59
|
|
Новичок
Регистрация: 30.09.2007
Сообщений: 17
Провел на форуме:
31256
Репутация:
9
|
|
Hexediting
So basically what i know, is that antiviruses search for some specific signatures in virus. I haven't been able to find these definitions ( it took 4 hours to clear this up for myself ), but basically, the idea is simple.
You just get hex editor, then open your virus with it, and remove certain signatures, that antivirus has in its database.
unfortunately i am too inexperienced in this, and thats why i am unable to find signatures in the internet, that antivirus searches for when scanning a file, though i see many people posting hints on how to do it, but i was unable to gather any important info for doing this.
Anyway, this is probably the best way to make your virus/keylogger undetectable, only if someone knew what to delete with the hexeditor.
So if anyone knows what to delete and how, could be kind enough to enlighten me?
more info ( well the basic idea is explained in here more specifically http://community.vietfun.com/printthread.php?t=279822)
-Nikize
|
|
|
03.10.2007, 20:10
|
|
Постоянный
Регистрация: 01.01.2007
Сообщений: 796
Провел на форуме:
2693408
Репутация:
861
|
|
There are alot of encrypting soft for such tasks. But if u want to wright your own soft i think it'll be easier with basic knowledge of Assembler and a bit of experience about encryption. For example download such public soft, encrypt any virus\trojan with it and compare to original one. Btw, i think google might help you with articles and sources of such things 
In google we trust. |
|
|
|
03.10.2007, 20:15
|
|
Постоянный
Регистрация: 01.01.2007
Сообщений: 796
Провел на форуме:
2693408
Репутация:
861
|
|
Btw, i think it'd be useful for u: read books written by Kris Kaspersky.
|
|
|
|
03.10.2007, 20:29
|
|
Новичок
Регистрация: 30.09.2007
Сообщений: 17
Провел на форуме:
31256
Репутация:
9
|
|
That book is about encryption and stuff? Is it written on English?
And guys, you can answer me in Russian, i am 100% Russian and its my mother language, but i am just having trouble writing it =P
I have a little experience in C++ and Php and Pascal, and sure i could learn them in a month or two, but i would need the keylogger ready to use as quickly as possible ( i am just lazy too )
-Nikize |
|
|
|
03.10.2007, 20:33
|
|
Постоянный
Регистрация: 01.01.2007
Сообщений: 796
Провел на форуме:
2693408
Репутация:
861
|
|
Nah, it's ok about English :P As i said you need to learn Assembler, i think basic knowledge'd be enough. Then find some sources and examine it  But if u need just to encrypt things - it cost about 0.5$-1$  What do u need exactly?\
Those books are originaly in English afaik. They are about career of Kris and he sharing his knowledge about viruses and stuff. |
|
|
|
03.10.2007, 20:39
|
|
Новичок
Регистрация: 30.09.2007
Сообщений: 17
Провел на форуме:
31256
Репутация:
9
|
|
Well the very basic thing what everyone in this section of forum are doing, i want to make my keylogger undetectable
Are you offering a service, i would be glad to discuss about it.
BUT!
I scanned in jottis virusscan my keylogger, and only avast detected it, but when i sent it to my victim, he detected it with avira, even though in the list avira didn't detect it!
Whats the problem? Is it about Jottis engine? |
|
|
|
03.10.2007, 20:55
|
|
Постоянный
Регистрация: 23.09.2007
Сообщений: 416
Провел на форуме:
1781065
Репутация:
869
|
|
u can try to make it undetectable with Daemon Cyrpt
|
|
|
|
03.10.2007, 21:00
|
|
Banned
Регистрация: 11.08.2006
Сообщений: 1,522
Провел на форуме:
5128756
Репутация:
2032
|
|
nikize that may be some proactive technologies in Avira engine (i donna exactly if they really exist), so they are detecting ur malware...
As for signatures, which are being detected by antiviruses, it's a very very private information, about of only AV developers are aware ^^
As to Russian or English language, answering in eng makes many понты=))
|
|
|
|
03.10.2007, 21:05
|
|
Новичок
Регистрация: 30.09.2007
Сообщений: 17
Провел на форуме:
31256
Репутация:
9
|
|
Сообщение от Piflit
nikize that may be some proactive technologies in Avira engine (i donna exactly if they really exist), so they are detecting ur malware...
As for signatures, which are being detected by antiviruses, it's a very very private information, about of only AV developers are aware ^^
As to Russian or English language, answering in eng makes many понты=))
you know, actually you can digg the information up from antiviruses database, some people post the information in the internet, but the site is quickly deleted.
But im sure someone knows some information, because hey, this is Russian forum, everyone here are basically hackers
Thats a good fact!
keep info coming, i appreciate this really much!
-Nikize
|
|
|
|
|
|
|
Здесь присутствуют: 1 (пользователей: 0 , гостей: 1)
|
|
|
|
Линейный вид
