REGISTER
desert eagle
main menu

home

forums
    Show me new threads!

bookmarks

view blogs

vault

you must be level 2 to upload files to your vault

downloads

you must be logged on, and level 1, to access downloads

Rootkit Collection

File Contributer Link
Hacker Def... hfn/a
HE4Hook adminn/a
BASIC CLAS... hoglundn/a
Vanquish xshadown/a
NT Rootkit hoglundn/a
FU fuzen_opn/a
WinlogonHi... JeFFOsZn/a
klister joannan/a
Patchfinde... joannan/a
MyNetwork hoglundn/a
MTDWin hoglundn/a
NTFSHider hoglundn/a
VideoCardK... hoglundn/a
VICE fuzen_opn/a
Klog Clandestin...n/a
NtIllusion Kdmn/a
AFX Rootki... TheRealAph...n/a
SInAR vulndevn/a
Shadow Wal... Clandestin...n/a
BootRootki... dereksoede...n/a
CHAZ - Nim... neocrackrn/a
Clandestin... merlvingia...n/a
FUTo petersilbe...n/a
Windows Me... alcapone66...n/a
RAIDE petersilbe...n/a
BOOT KIT vipinkumarn/a
BluePill Joanna and...n/a
DEFRAG blume1975n/a
Keyboard H... chpien/a
CheatEngin... DarkByten/a

search the site

WinlogonHijack : message board

post a message

Show all posts in this forum

view options: unpacked threads | collapsed threads | old style view

how many threads to display:

search board (text+titles):

Posted by DigitX32 (Untrusted stranger) [ip info hidden] - Sep 30 2007, 19:17 (UTC+0)
My version of a WinLogonHijacker
I developed a fully functioning version of a Windows Username/Password Logger; ok in terminal server environment: everytime a user (administrators, standar users, etc...) opens an interactive session, its username and clear text password are logged in an encrypted file; the whole application is a simple dll which implements a Winlogon Notification Package and hooks the function WlxLoggedOutSAS exported by msgina.dll. It uses AES (Rijndael) encryption to encrypt the log file. The program to decrypt the log file is also included. Full Delphi 7 source; decryption program uses KOL/MCK Library

http://pasotech.altervista.org/delphi/codice/WinLogonHijacker2.7z

   
Posted by Cr0wZz (Normal user) [ip info hidden] - Jun 11 2009, 03:36 (UTC+0)
Re: My version of a WinLogonHijacker
impressive


According to my calculations, this problem does not exist.