• XSS.stack #1 – первый литературный журнал от юзеров форума

[Mass-Automated RDP Exploiter: Private CVE Exploit].

В этой теме можно использовать автоматический гарант!

Новая сделка
Статус
Закрыто для дальнейших ответов.
Отслеживать

VoidZero

RAID-массив
Пользователь
Регистрация
01.10.2020
Сообщения
92
Реакции
16
Egregious community,
as title, I'm selling an "Automated RDP Exploiter". It exploit a "Private-Unknown-CVE".
It's fast, and efficient. Stable and fully working.

I found it as private leak, in a closed community, few years ago; that said, being not available publicly, I decided to sell it. (Please note): [If someone is able to find the latter in the Web; please make the link to it public by means of this thread. I will stop the sale instantly]. It is not, with absoluteness, my will to speculate in this sense.

[Features]:
A simple bash script, that use the tool called "rdesktop", as connection method.
It just require a list of RDP's to test, and will be done everything automatically. The results will be written in a "Text-file", and in a related folder, saved the screenshots of each RDP tested.

I attach the instructions, to give you a better, proper, idea.

Killer#1.png


Killer#2.png


CVE#1.png

CVE#4.png

CVE#3.png


#Mass-Automated RDP Exploiter, in action:
Killer.png

[GIF animated image, in action: "https://postimg.cc/d7czPD1G"].

[Tested on few, random, Italian RDP's: RESULTS: -after around 45 minutes of automated elaboration: -> 8 RDP's successfully exploited!].
Proof - Success.png

156.54.102.17.png


Price : "200 $" in Bitcoin .
(Included in the price: a wide/large RDP's list, related to several, highly developed/high GDP/rich countries. [Updated, approximately: to the end of May 2019]. The latter has been downloaded from "Shodan" Web service).


If you are interested to buy, or need more information / clear doubts, I'm fully available. [From: 10:00 AM to 11 PM - GMT: +03: 00. (Moscow-timezone)].
Contacts: using Private-Message function of the Forum, or external; 1) XMPP: "arsenic@thesecure.at". (OTR); 2) Telegram: "VoidZero_0".

Thanks in advance!
Best regards,
VoidZero.
 
Последнее редактирование модератором:
SPECIAL OFFER!
-Exclusively for the first two buyers: 12.5% discount on your copy!. (Total exceptional price: "175$").
[End of special offer: Monday, 01 November 2020].

Contacts: using Private-Message function of the Forum, or external; 1) XMPP: "arsenic@thesecure.at". (OTR); 2) Telegram: "VoidZero_0".

Thanks in advance!
Best regards,
VoidZero.
 
dyadka0220 сказал(а):
Looks safe
(Please note carefully, again): It's not a public CVE. For the latter reason is "Unknown". It's obvious. Can't you even get to these simple logical bases?!
[Next time, before open your mouth, count until 30 seconds]. I'm not offensive, it's just a reflex of your behaviour swagger/goffer. No personal offense.

I have explored everything in maximum transparency/detailed/completeness in the thread. Also adding various concrete demonstrations.

This is the thanks for giving you included, many RDP's lists; of high quality, already filtered and ready to use? (Worth hundreds of dollars. Only the cost spent on "Shodan" exceeds considerable figures).
Is this the trust for those who dedicate themselves with the utmost professionalism/dedication/commitment, to the full service/satistification of the customer? (I imagined it was clear from the quality of my sales threads).

Is this the thanks for a special discount on the "objective" value of the product?
Is this the thanks?!

[Meditate people, meditate!].
----------

Sales are continuing! ...
Guarantor is welcome!
(And if someone want to see the script live in action: I'm fully available for that; over "TeamViewer" or "AnyDesk").

Contacts: using Private-Message function of the Forum, or external; 1) XMPP: "arsenic@thesecure.at". (OTR); 2) Telegram: "VoidZero_0".

Thanks in advance!
Best regards,
VoidZero.
 
Последнее редактирование:
Пожалуйста, обратите внимание, что пользователь заблокирован
if you smart enaugh to think to sell this kind of RDP; you can earn minimum 10k or more for one week!!

don't be stupid and sale this kind of vulnerabilites... you can be rich in one week; otherwise maybe you looking to hunt people who looking for RDP vulnerabilities !
 
Pernat1y сказал(а):
What type of exploit? It does not looks like RCE. Something like auth bypass?
I also am curious how you claim this to be an exploit. Please provide more information about this. Only 8 after 45 minutes is not a big number for a true exploit, but maybe patched? If patched, probably an existing CVE somewhere already. It more sounds like just brute forcer from what you say. I am interested to see more if I am wrong!
 
Pernat1y сказал(а):
What type of exploit? It does not looks like RCE. Something like auth bypass?

r1z сказал(а):
if you smart enaugh to think to sell this kind of RDP; you can earn minimum 10k or more for one week!!

don't be stupid and sale this kind of vulnerabilites... you can be rich in one week; otherwise maybe you looking to hunt people who looking for RDP vulnerabilities !

Дьяволдьявола сказал(а):
I also am curious how you claim this to be an exploit. Please provide more information about this. Only 8 after 45 minutes is not a big number for a true exploit, but maybe patched? If patched, probably an existing CVE somewhere already. It more sounds like just brute forcer from what you say. I am interested to see more if I am wrong!

boriselcin сказал(а):
https://github.com/worawit/MS17-010/blob/master/checker.py
чекер кстати вот отсюда взят
https://github.com/cb4cb4/EternalBlue-EK-Auto-Mode/blob/master/auto_mode.py
а вот отсюда код взят
тут баннер переделан

можете банить америкоса за паблик)

Pent сказал(а):
Это не уязвимость, он пытается заюзать чужие закладки, по типу 5 нажатий кнопки shift.
[Solution]: to each doubt/question: -> I'll contact a Moderator and I'll show him the source of the script. Then, he will report his judgement/analysis in this thread, to clear the ideas.

Thanks in advance.
Best regards,
VoidZero.
 
Гражданин слился - когда я предложил ему список своих Ипов для просмотра конверта
 
Пожалуйста, обратите внимание, что пользователь заблокирован
italianez сказал(а):
Гражданин слился - когда я предложил ему список своих Ипов для просмотра конверта
да я писал что амер паблик продает)
 
boriselcin сказал(а):
да я писал что амер паблик продает)
Дело не в паблике) А в том что я сам не хочу сам сидеть и собирать паблик
Пусть он будет пабликом - но рабочим)
 
italianez сказал(а):
Дело не в паблике) А в том что я сам не хочу сам сидеть и собирать паблик
Пусть он будет пабликом - но рабочим)
Он рабочий взял его ip со скрина и прогнал, в папке появились скрины с тачками
 
(Please note): since my script it's easier to use/configure, with an optimized code: I'll ask to a Moderator to judge/
analyze if can be sold equally for: "50$".
(As an optimized version of the latter).

Thanks in advance!
Best regards,
VoidZero.
 
[After a quick scan]: (No done by me. -Small quantity of check.).
Just to give an idea of the potential of this "backdoor" scanner.
rdp-result.png

Around the: 1.2% of vulnerable RDP's. (On little numbers. May grow on higher statistical samples).
I'm going, right now: to test on "490.818" RDP's. (I'll update about the results).

Here is an exploited RDP by me:
RDP-Exploited.png
RDP-Exploited#2.png



(Please note, again): since my script it's easier to use/configure, with an optimized code: I'll ask to a Moderator to judge
analyze if can be sold equally for: "50$".
(As an optimized version of the latter).

Contacts: using Private-Message function of the Forum, or external; 1) XMPP: "arsenic@thesecure.at". (OTR); 2) Telegram: "VoidZero_0".

Thanks in advance!
Best regards,
VoidZero.
 
Последнее редактирование:
Статус
Закрыто для дальнейших ответов.
Верх