• XSS.stack #1 – первый литературный журнал от юзеров форума

Android and IOS 1click 0day Trojan with persistence (IOS 15.5/Android 12)

В этой теме можно использовать автоматический гарант!

Новая сделка
Статус
Закрыто для дальнейших ответов.
Отслеживать
TheProfessor786 сказал(а):
Как будет работать демонстрация?
Ссылки не работают!
свяжитесь со мной в PM, чтобы увидеть живую демонстрацию (через общий доступ к рабочему столу через масштабирование).
Для изображений не должно быть ссылок, но вы должны видеть вложения в конце сообщения.
 
I know a friend who provided service to this company there, but 50 million hard to get here.
Yes, it's worth the 50 million if it's the full Chain...
But if it's just the implant maybe 5 million..
But it's hard here, you can try to sell to a company bro

One thing I found interesting is that this project supports "reboot"
Leave me your contact in PM so we can talk
 
Пожалуйста, обратите внимание, что пользователь заблокирован
jolkha сказал(а):
social-security-phone-fraud.jpg

imagine someone falling for this shit, damn
No need guarantee. I will give you my number, send me link I'll click it and download all the chats and post here for proof.
this is the first proof i will need if i want to buy it. hack my iphone and android with just 1 click and trust me, i will buy it. if not, forget it
 
Пожалуйста, обратите внимание, что пользователь заблокирован
i think this was used on Dark Night botnet ? was a private multi hack botnet for mobile devices.
9e19c19a3ab210a4b5785ce7c65cf869.png

e061110b16d912df6b6b04bfd4bc99eb.png
 
Последнее редактирование:
Logs3ll3r сказал(а):
i think this was used on Dark Night botnet ? was a private multi hack botnet for mobile devices.
I don't know about the botnet, and from the dates we are talking about 5 years ago, so iOS 10, nowadays the version of iOS 15 is much harder to hit
for the live demo on your device I can't do it because you could try to grab the payload and then do reversing and get the vulnerability used or simply report to get the bug bounty of the various companies. It looks like you've never worked with 0 day exploits, you don't work that way with 0days.
 
bigpussi сказал(а):
I know a friend who provided service to this company there, but 50 million hard to get here.
Yes, it's worth the 50 million if it's the full Chain...
But if it's just the implant maybe 5 million..
But it's hard here, you can try to sell to a company bro

One thing I found interesting is that this project supports "reboot"
Leave me your contact in PM so we can talk
Is full chain RCE with root privilege from apple webkit means sanbox escape( r/w full file system) and LPE too.
it is persistent and overcomes the reboot, and also has the function to do fake reboot (the phone seems to shut down but it actually softkills the springboard but leaves the camera, microphone and localization active)
 
oDmC3oJrrSuZLhp сказал(а):
Is full chain RCE with root privilege from apple webkit means sanbox escape( r/w full file system) and LPE too.
it is persistent and overcomes the reboot, and also has the function to do fake reboot (the phone seems to shut down but it actually softkills the springboard but leaves the camera, microphone and localization active)
Я думал этот баг пофиксили)
 
Статус
Закрыто для дальнейших ответов.
Верх