//////
--------------------------------------------
God VPS for Botnetz
https://russiancarders.se/
-----------------------
Version: 1.8.0.11
Bot Updates:
BTC Miner proactive defense mode added. You can now set a new proactive option that only blocks BTC miners. In addition, the BTC miner detection for the botkiller/pro. defense is now more accurate (#1)
Bot now reports whether or not a samsung/apple phone/device (galaxy, iphone, ipad, etc) was ever connected to the PC.
Formgrabber/DNS hooks now more compatible if existing software is hooking relevant functions. Bot will hook the callback of an already installed hook, if necessary
Formgrabber can now handle filters by content. Instead of specifying URLs to grab from, you can alternatively have the bot search for specific content of a POST request and upload if found (eg: *&password=*)
POP3 grabber now can intercept logins over SSL-protected connections around 40%+ of the time. Outlook mail client x86 supported. (#2)
Live login grabber (pop3/ftp) now uploads the domain the captured login was associated with instead of the IP address of the server. If the domain is unable to be determined, the IP will be sent instead. (#2)
"Ignore child processes of bot process" option added to botkiller
HIPS bypass updated for:
* Norton AV/IS (HIPS)
* ESET products (HIPS)
* Microsoft Security Essentials - Fixed HIPS issues
* McAfee av killer fixed. Several other McAfee products are now detected and disabled
* Malwarebytes Pro
Download task / DLL load option is now fixed. Additional options added to run a CPL file, and an option to use Rundll32.exe instead of zombifying a trusted process for the downloaded DLL
Extra UAC bypass method implemented. It's not undiscovered, but it's relatively unused and viable for Windows 7+. Only used when bot is injected into Windows processes.
Disables core components of older Betabot versions (such as persistence, botkill (sometimes) and hook restoration). This functionality can be turned on/off.
Panel Updates:
You can now view what bots completed a specific task, and also specific error/success information (if available) (#3)
"Quick info" expandable area added for each bot entry on the main page. You can now see slightly more info on each bot by expanding it
Added more statistics and some graphs regarding dead bots to the statistics page
Individual grabbed login entries can now be deleted
Added more task filter options:
* Apply task only if bot is currently marked as dirty
* Do not apply task to any bots marked as a favorite
* Apply task only on bots older than 24 hours
* Apply task only on bots older than 6 hours
Added 'gate filters' to security settings. You can now block bot communications by country
Updated geoip CSV included in panel files
Changed look of parts of the panel
Added more log options for event monitor
Added a few options to panel settings to help optimize / speed up page loading
Added a new range of options in panel settings for changing minor aspects of bot functionality
gate_err.txt gate debug output (logs request failures) can now be toggled on/off
"View bot information" page added. In addition to all the other extended information (including some new attributes), you can configure the bot to upload the system process list, autostart entries from most commonly used autostart registry locations and the installed software list. These additions will give you a much greater ability to guage the usefulness of individual machines. As time goes on, more information can be collected and uploaded if useful enough
Panel alerts/notices feature has more options. Users can create notices in the red alert color and also create notices that are displayed on the tasks / statistics page for greater exposure. Up to 3 notices are now displayed so responses can be viewed, and the user will be notified if more than 3 notices exists.
Fixes/Tweaks:
Update functionality now slightly more reliable
Improved panel main bot list load time
Formgrab filters page now enforces filter limit. Although the bot has always refused to load a list of filters greater than 1024, now the panel actually prevents that many from ever being added
Fixed alignment issues on statistics page with large bot counts, as well as issue with current group display name
Bots marked as 'deleted' are now cleared when 'Delete dead bots' is clicked in panel settings
Minor changes to page numbering and the number of grabbed forms/logins displayed at one time
Misc tweaks made to AV killer
Bot now properly recognizes Windows 8.1 (as W8 on panel). Previously forgot to do this
Data for UDP ddos is now more randomized
C2 server requests optimized to consume slightly less bandwidth when bot registers with server on reboot
Fixed bug in formgrabber where URL filters were case-sensitive, resulting in some missed form captures if actual URL was a different case than the filter
Fixed a few bugs in botkiller and made some additional enhancements
Fixed injection issue related to low integrity processes (such as IE9+) that was causing seemingly random crashes from time to time
Fixed issue with memory cache support on panel where two different panels served by the same web daemon would use the same memory cache variable, thus producing very crazy results
Fixed encoding issue with database queries causing some characters to show up oddly
Fixed a bug with the login grabber sometimes (albeit rarely) mismatching credentials from different sessions
Fixed installation issue regarding improper DACL usage
Fixed issue where two updates at the same time could cause bot to corrupt installation and not come back
Fixed some improper uses of signed int by panel on 32-bit servers
Fixed by causing IP filters for tasks to not work
Fixed issue where log options could be unset even if user account has no privileges to view/configure logs
Significantly improved load time of grabbed forms/logins page
Made changes to reduce "duplicate bot" entries
Botkiller now disables unsigned BHOs for IE if option is selected. Previously was broken
Fixed crash issue on Windows 8 x64
/////
https://russiancarders.se/
12345
/////
Sources
https://russiancarders.se/