Follow us on Twitter!
Things are more like they are now than they have ever been before. - Dwight D. Eisenhower
Thursday, April 17, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 33
Guests Online: 32
Members Online: 1

Registered Members: 82822
Newest Member: TheBunter
Latest Articles
View Thread

HellBound Hackers | Computer General | Programming

Author

Appending data


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 09-03-10 22:09
Hey guys, im currently developing a program that replaces another program exactally and logs data. it then uploads it to an ftp and then uses the normal programs shell to pass the data. I made the package commercial, it contains a remote install exe for distribution and an exe to edit the ftp settings. when the main exe is edited it appends the ftp host,uername and host to the end of the exe. at the time i diddnt realize what a security vulnerability this was until somebody got the info from the exe and jacked all my uploaded........ data..... after sniffing packets or reading the plain text settings in the exe. So i have 2 questions.

1. how could i make the the ftp setting secure in the main exe, i was thinking of writing an encryption algorithm to write the data and then reading it when the exe is executed, or is there a better way, while still keeping it in one exe file?

and 2. how can i protect the packets from being sniffed when the contents are being uploaded?

thanks in advance :]
Author

RE: Appending data


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 12-03-10 02:18
sk8more272 wrote:
1. how could i make the the ftp setting secure in the main exe, i was thinking of writing an encryption algorithm to write the data and then reading it when the exe is executed, or is there a better way, while still keeping it in one exe file?

and 2. how can i protect the packets from being sniffed when the contents are being uploaded?

Going to take a stab at this one.

1. If they're reversing the exe at all, then there are some good anti-reversal techniques here: http://www.codepr. . .ering.aspx

In particular, they address how to detect the presence of a debugger, which you could use to stop the execution of it.

2. SSH sounds like a first try. Smile