Hello guys, im new in this forum, i have profles and sales threads in exploit.in and 0day forums. Today im starting sales here with my project know has GlitchPOS, it is a RAM scraper with some loader capabilities.
Panel:
Video proof: https://streamable.com/nl4j4
Loader:
Panel:
Prices:
Contact:
Changelog:
28.04.2019
[+] Updated and improved HWID function.
[+] Improved Startup Method (cant be seen on msconfig).
[+] Added Anti-Emulation function (VirtualBox, Sandboxie, VMWare, Avast sandbox, sniffers).
[+] Added enable/disable Startup.
17.04.2019
[+] Improved melt function.
[+] Improved Update function.
[+] Startup method updated.
[+] Removed vbs use (some POS have disabled Windows Script Host).
[+] Improved scan velocity.
[+] When a process with valid track data its found it will only look for it. Each five minutes it will do a full memory scan to check for other processes with valid data.
[+] Fixed random problem with the algorithm in charge to decrypt and read bot configurations.
[+] Fixed problem delaying update the info in dashboard
[+] Fixed random problem in the HWID identification function.
[+] Improved Memory Use.
[+] Improved check of luhn and valid year of cards.
[+] Added Offline Mode (Now it can exfiltrate data without connect to the panel)
[+] Option on the panel to run EXE from external URL (no need to upload your file on the panel)
[+] UNICODE SUPPORT: No more problems on chinese, arabic or any other language PC. Take the world!
[+] Updated track regex.
[+] New crypto routine (safer)
Panel:
LOGIN:
DASHBOARD:
CLIENTS:
TASKS:
CARDS:
CARD INFO:
EXPORTED CARDS:
SETTINGS:
DASHBOARD:
CLIENTS:
TASKS:
CARDS:
CARD INFO:
EXPORTED CARDS:
SETTINGS:
Video proof: https://streamable.com/nl4j4
Loader:
- File size: 9kb (10kb with configurations).
- Grab Track1 and Track2 Data.
- No dependencies.
- File tested from XP to W10 (x86 and x64).
- Communication between loader and panel are encrypted.
- Configurations encrypted and mixed inside the loader.
- Fully compatibility with crypters.
- Non common way to get commands from the panel (bypass AVs).
- File melted after execution.
- Loader detects human activity to execute the payload (avoid analysis).
Panel:
- Dashboard:
- information about online bots, offline bots, infected POS and cards data.
- Graphic map with infections by country.
- Top 5 infected countrys.
- Top 5 card senders.
- Clients:
- Shows HWID, IP, country, PC-name, cards received from bot and bot status
- Tasks:
- Filter for individual targeting (HWID).
- Filter for GeoIP targeting.
- Commands: [Download & execute (Memory), Download & execute (Disk), Update, Uninstall]
- Tasks Types: [Single execution, Each Restart, Only New bots, Only Active POS]
- Tasks Status: [Active, Suspended]
- Cards:
- Panel detects card type.
- You can export all the cards in xls format.
- Show HWID, Country, Card number, card type and date.
- Settings:
- Connection settings [User-Agent, Encryption key]
- Panel Password change
- Custom blacklist for processes to avoid on RAM scraping.
Prices:
- Build: 250.
- Builder: $600.
- Gate address change: $50.
- Panel installation service: $50.
- Builder HWID change: $80.
Contact:
- Jabber: edbitss@blah.im
- Jabber: edbits@exploit.im
- Email: riumkavodki@protonmail.ch
Changelog:
28.04.2019
[+] Updated and improved HWID function.
[+] Improved Startup Method (cant be seen on msconfig).
[+] Added Anti-Emulation function (VirtualBox, Sandboxie, VMWare, Avast sandbox, sniffers).
[+] Added enable/disable Startup.
17.04.2019
[+] Improved melt function.
[+] Improved Update function.
[+] Startup method updated.
[+] Removed vbs use (some POS have disabled Windows Script Host).
[+] Improved scan velocity.
[+] When a process with valid track data its found it will only look for it. Each five minutes it will do a full memory scan to check for other processes with valid data.
[+] Fixed random problem with the algorithm in charge to decrypt and read bot configurations.
[+] Fixed problem delaying update the info in dashboard
[+] Fixed random problem in the HWID identification function.
[+] Improved Memory Use.
[+] Improved check of luhn and valid year of cards.
[+] Added Offline Mode (Now it can exfiltrate data without connect to the panel)
[+] Option on the panel to run EXE from external URL (no need to upload your file on the panel)
[+] UNICODE SUPPORT: No more problems on chinese, arabic or any other language PC. Take the world!
[+] Updated track regex.
[+] New crypto routine (safer)
