hacker PC killer

Posted: Thu Nov 17, 2005 2:32 am

I was messing with this the other day. The code basically sends multiple pop-ups to the hackers machine if a hack attempt is detected. On my own site I have it set in Sentinel to activate when a union attack is detected.

I did find one gremlin though.
Make a forum post and when the forum page loads giving you the option to 'view forum' or 'view your post' - if you close that window (using IE) before the automatic redirect is executed, multiple pop-ups are despatched to your machine even with a protected IP.

I'm not overly worried by this behaviour as the chances of someone closing that particular browser window is pretty slim but I have noticed it works on other sites too - so you have been advised!

Site Admin/Owner Joined: Aug 27, 2002 Posts: 17088

I have tested this every which way I could think of and I cannot replicate that "gremlin" ???

Posted: Thu Nov 17, 2005 2:56 am

Interesting!
Will PM you.

Posted: Thu Nov 17, 2005 3:10 am

I tested it as per your instructions on your site and me thinks the gremlins are personal - I had no problems there either.

Posted: Thu Nov 17, 2005 3:46 am

Many thanks for taking the time to test this - I would agree with your conclusion, it seems to be specific to my machine /browser / toolbars configuration.
The likelihood of tracing this back seems remote but I'll leave this thread here in case anyone has a similar experience, in which case we can compare notes.

Regular Joined: Oct 17, 2005 Posts: 51

I found that it wasnt really hitting firefox so hard so I added the integer overflow exploit from milw0rm.com to abuse.html and union.html and It's worse on firefox than IE. Dont know about the new versions though. I think I got my last host's reseller suspended with them so I havent used em anymore. But they do get the point across..lol

Posted: Fri Nov 18, 2005 9:48 pm

Quote:

Dont know about the new versions though

There has never been a new version of PC Killer. Why mess with perfection ROTFL

?

Posted: Fri Nov 18, 2005 10:51 pm

I meant the new versions of firefox, The 1.5 rcs
The integer overflow woks with 1.0-1.07 but they may have fixed it, just a lil added bite for firefox lol Here it is, when you hit a page with this on firefox it will drain every bit of RAM on your computer and run your cpu to 100%
If anyone would like to try it make sure you have your task manager out and firefox process highlighted to kill..lol
Here is the link to the code:
http://www.milw0rm.com/id.php?id=1233
and here is a link to a live page to show you what it does, be careful though, Ive actually had hackers report me to my host for this..lol
http://www.milw0rm.com/exploit.php?id=1233

A very nice addition to the pc killers to insure script kiddies with firefox doesnt get away without taking some beating.
UPDATE: yep, works with new 1.5 version of firefox too, just as bad or even worse..lol

Posted: Fri Dec 23, 2005 5:59 am

would i just paste that code into the union.html and abuse.html to make this work.
i have had a bunch of hack attempts lately and they have all been using firefox.

Posted: Fri Dec 23, 2005 10:55 am

No. You must load the files in the abuse folder and then in each blocker setting use the Forward option to the killer page/file.

Posted: Fri Dec 23, 2005 12:06 pm

im sorry i should have been more explicit, i was asking about j_felosi's post about the milworm script for firefox. my pc killer is working fine. i tested it.
but a most of the attempted hackers were using firefox.

i was wondering were the code for that integer overflow goes.
thanks Raven.

Posted: Sun Oct 29, 2006 5:22 pm

I almost forgot about this and with the latest attempts to hack my site, any extra torture i can serv up for the script kiddies is more then welcome.

Can someone tell me exactly were i would place the milworm text in the abuse.html and union.html's. thanks.

" http://www.milw0rm.com/id.php?id=1233 "