Get yourself a bankbot:):)>)

[Red Kat]

http://103.208.86.175/panel/index.phpOne guy tried to sell me bankbot: Here are results of our business!!
08:55:50 PM) mailto:[email protected]: wanted show test
(08:55:51 PM) mailto:[email protected]: of bot
(08:55:58 PM) mailto:[email protected]/c8847c7e-47d0-430e-8655-a56b1857daed: yes
(08:57:16 PM) mailto:[email protected]: i will show panel
(09:02:22 PM) mailto:[email protected]: toomuchsharp.faith/panel/index.php
(09:02:27 PM) mailto:[email protected]: admin / Passw0rd!
(09:02:51 PM) mailto:[email protected]/c8847c7e-47d0-430e-8655-a56b1857daed: ok give me 5 minutes i take look
(09:02:56 PM) mailto:[email protected]: ok
(09:03:55 PM) mailto:[email protected]/c8847c7e-47d0-430e-8655-a56b1857daed: connect some virtualmachine
(09:04:51 PM) mailto:[email protected]: wait
(09:05:31 PM) mailto:[email protected]/c8847c7e-47d0-430e-8655-a56b1857daed: Panel is minimalistic,what is good
(09:05:43 PM) mailto:[email protected]/c8847c7e-47d0-430e-8655-a56b1857daed: you coded it?
(09:05:56 PM) mailto:[email protected]: yes
(09:06:04 PM) mailto:[email protected]: you have vm
(09:06:06 PM) mailto:[email protected]: ?
(09:06:10 PM) mailto:[email protected]/c8847c7e-47d0-430e-8655-a56b1857daed: yes i have
(09:06:16 PM) mailto:[email protected]/c8847c7e-47d0-430e-8655-a56b1857daed: send me exe
(09:06:29 PM) mailto:[email protected]: http://dopefile.pk/dupbt3gvneea
(09:07:03 PM) mailto:[email protected]/c8847c7e-47d0-430e-8655-a56b1857daed: c++
(09:07:17 PM) mailto:[email protected]: yes
(09:08:00 PM) mailto:[email protected]/c8847c7e-47d0-430e-8655-a56b1857daed: x64 and x32 to upload to panel?
(09:08:17 PM) mailto:[email protected]: yes, to panel. but is already uploaded
(09:08:23 PM) mailto:[email protected]: its for vnc
(09:08:47 PM) mailto:[email protected]/c8847c7e-47d0-430e-8655-a56b1857daed: so when i spam or deliver i should do it with 3 files?
(09:08:53 PM) mailto:[email protected]: no, with 1
(09:08:59 PM) mailto:[email protected]/c8847c7e-47d0-430e-8655-a56b1857daed: bot.exe
(09:09:01 PM) mailto:[email protected]: yes
(09:09:04 PM) mailto:[email protected]: right
(09:11:07 PM) mailto:[email protected]/c8847c7e-47d0-430e-8655-a56b1857daed: one sec my virtualmachine crashed, was testing my mw and have some persistence problems!
(09:11:15 PM) mailto:[email protected]: okey
(09:11:16 PM) mailto:[email protected]: np
(09:11:16 PM) mailto:[email protected]/c8847c7e-47d0-430e-8655-a56b1857daed: How injections are working
(09:11:27 PM) mailto:[email protected]: on all browsers fine
(09:11:39 PM) mailto:[email protected]/c8847c7e-47d0-430e-8655-a56b1857daed: js injections
(09:11:42 PM) mailto:[email protected]: yes
(09:17:20 PM) mailto:[email protected]/c8847c7e-47d0-430e-8655-a56b1857daed: no connnection, wait i reboot virtualmachine
(09:17:28 PM) mailto:[email protected]: k
(09:21:11 PM) mailto:[email protected]/c8847c7e-47d0-430e-8655-a56b1857daed: not connecting
(09:21:18 PM) mailto:[email protected]/c8847c7e-47d0-430e-8655-a56b1857daed: no matter admin
(09:21:20 PM) mailto:[email protected]/c8847c7e-47d0-430e-8655-a56b1857daed: or no
(09:21:35 PM) mailto:[email protected]: hmm, wait
(09:24:00 PM) mailto:[email protected]/c8847c7e-47d0-430e-8655-a56b1857daed: and file dont melt
(09:25:33 PM) mailto:[email protected]: wait, i will give another panel, there is all working
(09:25:41 PM) mailto:[email protected]: i just didnt tested on this one
(09:25:43 PM) mailto:[email protected]/c8847c7e-47d0-430e-8655-a56b1857daed: ok
(09:29:54 PM) mailto:[email protected]: https://mega.nz/#!FJZyDYrC!E_JHsvbXz...fk78Twd9RiALvo
(09:30:02 PM) mailto:[email protected]: bolonka1 pass
(09:30:05 PM) mailto:[email protected]: its bot
(09:30:16 PM) mailto:[email protected]: http://103.208.86.175/panel/ login and password same
(09:30:31 PM) mailto:[email protected]: admin / Passw0rd!
(09:30:48 PM) mailto:[email protected]/c8847c7e-47d0-430e-8655-a56b1857daed: one sec
(09:38:56 PM) mailto:[email protected]/c8847c7e-47d0-430e-8655-a56b1857daed: what crypter use
(09:39:00 PM) mailto:[email protected]/c8847c7e-47d0-430e-8655-a56b1857daed: with it
(09:39:20 PM) mailto:[email protected]: any you want
(09:41:07 PM) mailto:[email protected]/c8847c7e-47d0-430e-8655-a56b1857daed: you got my contact from crdclub? Price is 1500? how you want payment? Can you give me your user in club2crd
(09:41:45 PM) mailto:[email protected]: yes from crdclub
(09:41:51 PM) mailto:[email protected]: yes, 1500 throw btc
(09:42:05 PM) mailto:[email protected]: ivanjkov71 my username on crdclub
(09:42:30 PM) mailto:[email protected]: but i cant login to it, reinstalled pc :/
(09:44:43 PM) mailto:[email protected]/c8847c7e-47d0-430e-8655-a56b1857daed: ok and you are Augustin Inzirillo (https://github.com/aainz)
(09:44:55 PM) mailto:[email protected]: not
(09:45:11 PM) mailto:[email protected]/c8847c7e-47d0-430e-8655-a56b1857daed: https://securityintelligence.com/the...rce-code-leak/
(09:45:19 PM) mailto:[email protected]/c8847c7e-47d0-430e-8655-a56b1857daed: and you coded NukeBot?
(09:45:33 PM) mailto:[email protected]: re-coded
(09:45:43 PM) mailto:[email protected]/c8847c7e-47d0-430e-8655-a56b1857daed: what part of it?
(09:46:17 PM) mailto:[email protected]: formgrabber and injects
(09:47:21 PM) mailto:[email protected]/c8847c7e-47d0-430e-8655-a56b1857daed: its pretty same it was when he posted it! Buddy have been in this probably when you were still shitting your pants! Open Source bank bot you sell me for 1500 USD!! But nice try
root@kali:~# whois 103.208.86.175
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '103.208.86.0 - 103.208.87.255'
inetnum: 103.208.86.0 - 103.208.87.255
netname: ZAPPIE-HOST-NZ-3
descr: Zappie Host - Auckland, New Zealand
country: NZ
admin-c: ZHA2-AP
tech-c: ZHA2-AP
status: ALLOCATED NON-PORTABLE
mnt-by: MAINT-ZAPPIEHOST-AP
mnt-irt: IRT-ZAPPIEHOST-AP
changed: mailto:[email protected] 20160331
geoloc: -36.848460 174.763332
source: APNIC
irt: IRT-ZAPPIEHOST-AP
address: 16192 Coastal HWY, Lewes Delaware 19958
e-mail: mailto:[email protected]
abuse-mailbox: mailto:[email protected]
admin-c: ZHA2-AP
tech-c: ZHA2-AP
auth: # Filtered
mnt-by: MAINT-ZAPPIEHOST-AP
changed: mailto:[email protected] 20160203
source: APNIC
role: Zappie Host administrator
address: 16192 Coastal HWY, Lewes Delaware 19958
country: US
phone: +13027037312
e-mail: mailto:[email protected]
admin-c: ZHA2-AP
tech-c: ZHA2-AP
nic-hdl: ZHA2-AP
mnt-by: MAINT-ZAPPIEHOST-AP
changed: mailto:[email protected] 20160203
abuse-mailbox: mailto:[email protected]
source: APNIC
% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (UNDEFINED)
root@kali:~# dig 103.208.86.175
; <<>> DiG 9.10.3-P4-Debian <<>> 103.208.86.175
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26390
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;103.208.86.175. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2017040201 1800 900 604800 86400
;; Query time: 41 msec
;; SERVER: 62.241.198.245#53(62.241.198.245)
;; WHEN: Sun Apr 02 21:53:45 EEST 2017
;; MSG SIZE rcvd: 107
22/tcp open ssh OpenSSH 5.3 (protocol 2.0)
| ssh-hostkey:
| 1024 7f:c1:58:32:22:ed:e9:61:29:2b:5a:be:18:41:f2:3b (DSA)
|_ 2048 06:8e:94:e1:56:aa:c7:f4:b7:d8:5d:c8:43:3c:49:27 (RSA)
25/tcp filtered smtp
80/tcp open http Apache httpd 2.2.15 ((CentOS))
| http-methods:
|_ Supported Methods: GET HEAD POST OPTIONS
|_http-server-header: Apache/2.2.15 (CentOS)
|_http-title: Did not follow redirect to http://agartha.world/blog/
3306/tcp open mysql MySQL (unauthorized)
Device type: general purpose|storage-misc|firewall|media device|broadband router|webcam|phone
Running (JUST GUESSING): Linux 3.X|2.6.X (90%), Synology DiskStation Manager 5.X (89%), WatchGuard Fireware 11.X (89%), Tiandy embedded (89%), Check Point embedded (89%), D-Link embedded (89%), Google Android 2.X (89%)
OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1 cpe:/o:watchguard:fireware:11.8 cpe:/h:dlink:dsl-2890al cpe:/h:dlink:dcs-2103 cpe:/o:google:android:2.3.7
Aggressive OS guesses: Linux 3.2 - 3.8 (90%), Linux 2.6.32 (89%), Linux 2.6.32 - 2.6.33 (89%), Linux 2.6.32 or 3.10 (89%), Linux 2.6.39 (89%), Linux 3.2 (89%), Linux 3.4 (89%), Linux 3.8 (89%), Synology DiskStation Manager 5.1 (89%), WatchGuard Fireware 11.8 (89%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 13 hops