Login Register






SMTPMart - Buy Inbox SMTP | Leads | Shell | cPanel 100% Bonus on 1st deposit | Instant Refunds
ProxyByte $2/GB | Residential IPv4 - No Logs - 26M+ IPs - All unblocked
REFUNDING.GG | #1 REFUND SERVICE | SAME DAY REFUNDS | WORLDWIDE ORDERS | GET ITEMS 85% OFF
The stories and information posted here are artistic works of fiction and falsehood. Only a fool would take anything posted here as fact.
Thread Rating:
  • 3 Vote(s) - 3.67 Average


Leak BoosTHTTPv3.0 Mega PowerFul FasT Pr0xy | SockeT filter_list
Author
Message
m0dem Offline
Oni 2.0
 *******
Registered (Diamond)
Ten Years of Service
Posts: 1,310
Threads: 66
Reputation: 103

Points: 433NSP
CookieGoldReputable
RE: BoosTHTTPv3.0 Mega PowerFul FasT Pr0xy | SockeT 11-23-2015, 04:31 PM #14
(11-23-2015, 03:50 PM)The Real Slim Shady Wrote: https://www.virustotal.com/en/file/777ef...448289292/

1. Detection rate 46/54

2. Behavioural Information reports http requests that are highly suspicious for what is supposed to be an http flooder. The site is now offline so its hard to tell exactly what it was doing, but based on the file names being remotely accessed, it's clearly not just an http flooder

3. His Youtube demo used a Python script, where as the file he provided was a .NET application. If this was a py2exe application (which is a plausible reason it's an exe instead of .py) then VT would have shown some file creation activity under Behavioural Information, which it does not. (it would create DLL's and what not to run the the script). So major discrepancy between the video and the application.

Well that's convincing information.
Thanks for the writeup @The Real Slim Shady

Reply





Messages In This Thread
RE: BoosTHTTPv3.0 Mega PowerFul FasT Pr0xy | SockeT - by m0dem - 11-23-2015, 04:31 PM



Users browsing this thread: 1 Guest(s)