iExploit

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Apply for Membership

Top Posters

Who's Online (2)

Powered by Vanilla. Made with Bootstrap.
Looking to introduce yourself? Look no further, and click here! We also have IRC! [irc.evilzone.org #iexploit]
iExploit Official Malware Competition #1
  • Xin
    Posts: 3,251
    Hey Guys this is the first of a number of iExploit Competitions.

    Briefing
    Rather than create a whole piece of malware/virus for this competition you will be focusing on only one part, persistance.

    The aim of this competition will be to make the most persistant piece of malware, the winner will be who's malware is the hardest to remove when ran in our virtual box.

    To make it a bit harder, you must be able to connect to the infected computer and get a shell, which will also be tested by us. This should make it harder to get this past the AV/firewall.

    The box will be a Windows XP SP2. So focus your binaries on Windows.

    Useful Links
    - http://en.wikipedia.org/wiki/Metamorphic_code
    - http://en.wikipedia.org/wiki/Polymorphic_code

    Competition Close Date
    - The competition will close April 1 2011 for evaluation
    - We will announce the winners shortly after.

    Rules/Guidelines
    - Must provide a .exe that will run on the system.
    - No additional programs can be used with your virus to improve it, such as worms/crypters etc
    - Must provide full source code
    - Must link to iExploit in source code
    - Prizes to be confirmed
    - Must spawn a shell as a backdoor
    - Points will be awarded for the origionality and complexity of your malware
    - Points will be awarded for commented code
    - Points will be awarded for good coding techniques and clean code

    Tips

    - Helps if it can survive reboot
    - Helps if its FUD

    Prizes
    1st. Not decided yet
    2nd. Not decided yet

    All malware in the top 3 will have a video made to shown the malware in action and put on the youtube channel and website.
    Xin
  • sangf
    Posts: 203
    ooh this is interesting~~ definietely entering, i especially like the rules in regards to 3rd party tools.
  • Xin
    Posts: 3,251
    said:


    ooh this is interesting~~ definietely entering, i especially like the rules in regards to 3rd party tools.



    Yeah otherwise it would be cheating if you could just use a crypter and bind to a worm. ;)
    Xin
  • sangf
    Posts: 203
    one curious thing: how exactly will it be judged? i mean if you have source code it will be too easy to remove unless we obfuscate like hell which misses the point of providing source.
  • Xin
    Posts: 3,251
    said:


    one curious thing: how exactly will it be judged? i mean if you have source code it will be too easy to remove unless we obfuscate like hell which misses the point of providing source.



    You can provide the source after it is judged.
    Xin
  • Sh3llc0d3
    Posts: 1,910
    Might have a crack at this ;) Do staff get prizes if we enter or is it having the knowledge we're still awesome? :P
  • Xin
    Posts: 3,251
    said:


    Might have a crack at this ;) Do staff get prizes if we enter or is it having the knowledge we're still awesome? :P



    Yeah staff get prizes if they win i dont even know what to do for the prize yet :p
    Xin
  • Sh3llc0d3
    Posts: 1,910
    PM'd you with one suggestion... how about free lesson from a choice of techniques :P
  • chroniccommand
    Posts: 1,389
    Hm I'll see what I can do. Not much of a winblows expert but you know I'll fire up th VBox and see what I can do.

    Edit:
    Could I possibly make a version of pyBackdoor for iExploit? Like iBackdoor version 1.0? I'd make it more geared towards windows and such.
  • Xin
    Posts: 3,251
    said:


    Hm I'll see what I can do. Not much of a winblows expert but you know I'll fire up th VBox and see what I can do.

    Edit:
    Could I possibly make a version of pyBackdoor for iExploit? Like iBackdoor version 1.0? I'd make it more geared towards windows and such.



    Yeah thats fine, remember it will have to be persisant and hard to remove
    Xin
  • chroniccommand
    Posts: 1,389
    said:


    said:


    Hm I'll see what I can do. Not much of a winblows expert but you know I'll fire up th VBox and see what I can do.

    Edit:
    Could I possibly make a version of pyBackdoor for iExploit? Like iBackdoor version 1.0? I'd make it more geared towards windows and such.



    Yeah thats fine, remember it will have to be persisant and hard to remove

    That's the key thing I'm working on ;)
    Making it FUD + Making it hard to remove.
  • Xin
    Posts: 3,251
    said:


    said:


    said:


    Hm I'll see what I can do. Not much of a winblows expert but you know I'll fire up th VBox and see what I can do.

    Edit:
    Could I possibly make a version of pyBackdoor for iExploit? Like iBackdoor version 1.0? I'd make it more geared towards windows and such.



    Yeah thats fine, remember it will have to be persisant and hard to remove

    That's the key thing I'm working on ;)
    Making it FUD + Making it hard to remove.


    Chances are it will already be FUD, based on the pyBackdoor i've seen.
    Xin
  • chroniccommand
    Posts: 1,389
    said:


    said:


    said:


    said:


    Hm I'll see what I can do. Not much of a winblows expert but you know I'll fire up th VBox and see what I can do.

    Edit:
    Could I possibly make a version of pyBackdoor for iExploit? Like iBackdoor version 1.0? I'd make it more geared towards windows and such.



    Yeah thats fine, remember it will have to be persisant and hard to remove

    That's the key thing I'm working on ;)
    Making it FUD + Making it hard to remove.


    Chances are it will already be FUD, based on the pyBackdoor i've seen.


    True but I'll add some polymorphism for extra FUD'ness(if thats a word). Python scripts are usually FUD.
  • D0WNGRADE
    Posts: 220
    Sounds nice! I'll be entering! :D
  • Xin
    Posts: 3,251
    Reminder for anyone that doesnt know the deadlines in around 3 weeks!
    Xin
  • chroniccommand
    Posts: 1,389
    said:


    Reminder for anyone that doesnt know the deadlines in around 3 weeks!



    I've already entered in the competition hopefully you find my code pretty good :p

    I wish I knew some more object oriented programming to make my backdoor better.
  • CustomiZer
    Posts: 87
    I wish I was better at programming to enter this contest. :/

    In my opinion we should have more of tutoring initially than contests.
  • Xin
    Posts: 3,251
    said:


    I wish I was better at programming to enter this contest. :/

    In my opinion we should have more of tutoring initially than contests.



    In my opinion its very hard to teach a person to code, they have to learn themselves as everyone has their own techniques for learning.
    Xin
  • Sh3llc0d3
    Posts: 1,910
    Teaching someone to code is very hard unless a number of variables are all good, willingness to learn, commitment etc. I just point people in the direction of resources i've used :)
  • sangf
    Posts: 203
    am i right in assuming this will be executed in admin mode initially?
  • Xin
    Posts: 3,251
    said:


    am i right in assuming this will be executed in admin mode initially?



    Yes if you want in this competition it doesnt matter how its executed.
    Xin
Add a Comment