Hello every one,
Just a post to upload some books that have been asked from some of you. I hope it will help some.
Here is the list of the books uploaded.
If you tell me what you need and if I've what you need, may be, it could upload them.
Link : http://dl.free.fr/vwZJyUszL
Please, have a lot of fun.
A1sS4wa.
A1sS4wa
mardi 27 novembre 2012
Hello everybody,
Here is a little post to upload some eaked sources from botnet that could be interesting to you.
http://dl.free.fr/hfeP4hT1V
Have a lot of fun with that.
Cheers,
A1sS4wa.
Here is a little post to upload some eaked sources from botnet that could be interesting to you.
http://dl.free.fr/hfeP4hT1V
Have a lot of fun with that.
Cheers,
A1sS4wa.
mercredi 21 novembre 2012
Hello everbody,
Just a qick post to re-upload one of the most famous cyber raid against israel made by Anonymous. I talk about the 5000's leak. I've heard that it was difficult to refind it. So, now, you can download it on the following link : http://dl.free.fr/rURdCcDIT
The password is : A1sS4wa.
Regards,
A1sS4wa
Ps: I know that there is a while that I've post anything Please, wait a bit more again, the next article is almost writen, but I'm just a bit booking this time...
Just a qick post to re-upload one of the most famous cyber raid against israel made by Anonymous. I talk about the 5000's leak. I've heard that it was difficult to refind it. So, now, you can download it on the following link : http://dl.free.fr/rURdCcDIT
The password is : A1sS4wa.
Regards,
A1sS4wa
Ps: I know that there is a while that I've post anything Please, wait a bit more again, the next article is almost writen, but I'm just a bit booking this time...
lundi 29 octobre 2012
Stuxnet or "who are behind the stage"
Hello everyone,
Today, it is a little special session because
it is the first of this blog and this is a first. Previously, I wrote this
article in French, but because it has been asked to me (the next time, use the
comments to do so ;-)) to translate it, I rewrite it in English.
The today's topic is not really new. It is
about the famous malware Stuxnet. This “smart” malware has been discovered in
June 2010 and it continues to cause much ink to flow.
Much ink for nothing by the way, because, as we will see it in this article,
the interesting things which should be published are – of course – never
published.
For a brief history, the Israeli, self
appointed leaders of the stupid Manicheans paranoids had called their typical
slave number one (i.e.: the USA) to require them to realize an informatics
virus which was supposed to neutralize the Iranian’s nuclear program (which
afraid so many peoples). They called this project “Olympic Games”. What a
terrific name. Anyway, the Zionists allied to the Yankees had decided to wreck
the Iranian’s centrifuges (which were legally acquired by Iran by the way)…
Just for now, I need to remind to the reader
some little things about history and the real truth which is too often forgotten
by journalism who are in the pay of the Occident. Iranians are a suzerain
nation and – like any suzerain nation – dislike seeing some countries make some
intrusions in their country. We need to remind us that, many years ago, Israel
had stolen its nuclear weapons to these fucking frogs of French (when we talk
about ass-kisser, we can be pretty sure to see a French with a holder of kippa)
and nobodies (if I remember well) had tell something wrong to Israel. But, to
convince the world that the nuclear bomb was a necessity to Israel, jews said
it was because there were surrounded by enemies who wanted the eradication of
their country. Fine, nevertheless, it is not really surprising to find some
people who want to kill these big pigs of jews who spend their time to steal
the earth of their neighbors (and it is still in process, thing about
Jerusalem, Gaza, etc...). Anyway, even if we would recognize that the situation
from the Zionist usurper justified such a behavior (and we talk about billons
of potential brothers killed, cities erased, etc…) in what and where is the
difference between Israel of the past and the Iran of today? Who is the
aggressor? USA! Who is the oppressed? Iran! How can we justify that? Just read
a map to convince you of what I say. Check the number of American bases around
the Persian territory and heard about the number of secret missions the
Americans perform above the Iran territory with their drones (cf 1 and 2). The
“yupins” said they were surrounded, here is now the turn of Iran to be in this
role (map extracted from http://fonzibrain.wordpress.com/).
Oh! It looks the same. It surprising to see the
rights of some becomes the prohibition imposed by those. And if talk about the
threats coming from the white house, this is the straw that broke the camel’s
back.
Even if the occidentals live in world of
paradoxes, they try to make us consider that these types of things are normal.
And, to do so, all the ways are right. Media pressure, international sanctions
(by jewish media conspiracy, it is better), public assassinations and now
virtual strikes. Let’s come to the virtual strikes now. Fucking jewish allied
to their yankee bulldog have – until now – the military power and the physical
advantage. But the fact that they have challenged us in the virtual world has
been a huge mistake for them. With our computer, we can compete effectively
with the U.S. We could even take the advantage. They have always considered us
as great innocents, as some young children (I’ve head that recently). But they
are wrong. They have made a mistake, a big mistake, they are heavily mistaken.
They have underestimated us. We won’t do such a mistake because we know (us, at
least) our enemies. And this is one the goal of this article to identify the
all protagonists behind the conspiracy “Olympic Games”.
We have all, I think, read or head about, that
the malware Stuxnet was one of the most powerful virus that has never been
observed. We have told us that is was sophisticated, revolutionary… We have a
lot talked about its stealth capabilities (even if the last one is not really
revolutionary, we could talk about in a next article). But, for today, the goal
is not to talk about pure hacking technics. I would prefer to start slowly,
smoothly…
My today’s article will be about the
explanation of the sabotage done against our Iranian’s brothers in order to
show you who is behind the stage… First thing to say, the goal of stuxnet was
about to wreck the PLC (programmer logic controller) made by Siemens which were
supposed to control the centrifuges. You can easily find some illustrations of
such tools (3) on internet. In our case, we talk about the S7-200 and the
S8-1200 made in Germany by Siemens.
These tools are quite simple to use. We just
need to program them (in an informatics language which is purely owned by
Siemens) in order to make the machines driven by the PLC work properly. These
black boxes are able to receive some information from the driven machines to
influence on the flux of the program or to signal some results to the humans.
Nothing very complicated. In the location where Stuxnet had operated, we know
that these PLC where connected to a network (the network of the nuclear
installations) of servers and computers. The network should look like the
following one:
The entry point on the network for the malware
is just before the DMZ. The spread of the virus could be done by a USB stick
infected and the infection could spread itself on several versions of Windows
(from XP to 7 including the Windows Server 2003 and 2008 versions). We need to
see that the exploits used by Stuxnet to launch itself from a USB stick (a
threat theoretically eradicated since Windows Vista because of the UAC is suddenly
becoming possible, Uhm!). This exploit was almost the same between all the
version of Windows and it was able to be launch by all of the Operating
Systems. I’m not pretty sure that this exploit had been discovered by the
Americano-jewish by chance… Anyway, the virus using several types of exploit
had passed through the DMZ and had accessed the PLC (we note that the servers
targeted by Stuxnet to spread its malicious actions were WinCC and the servers
used MySQL)…
The final goal of Stuxnet was to inject its own
malicious MC7 code inside the PLC in order to wreck the work of the
centrifuges. The type of the PLCs which were under attack were the 417 and the
315-2.
The PLCs are some big state machines. That is
to say, they have got a cycle of several subroutines that are used in order to
arrive in a final wanted state for the driver machine. It’s the conventional
way to drive the machines connected to theses PLC. The malware had the
objective to modify the code of the PLCs programmed by our Iranian’s brothers
in order to disrupt the normal work of the centrifuges.
At the beginning – and after the infection
module has been launched and executed (which means that the code obfuscated has
been disobfuscated) – there is a Dll called s7otbxdx.dll. Inside this Dll,
there were all the malicious actions made by the malware (hooks, injection,
exploits, disruption code, some obfuscation tools, binaries, etc…). This Dll
was responsible of the launch and the well coordination of all these embedded
malicious modules. s7otbxdx.dll were supposed to set the hooks for the stealth
of the malware but the Dll was also responsible to hijack the PLCs to modify
their behavior and to coordinate the attack on all the PLCs. The action of
disruption is particularly vicious because it tends to hide the existence of
possible malicious actions.
It is interesting to try to understand why our
brothers in Iran didn’t realize that there were under attack before a while.
Why did they not see that the centrifuges didn’t work correctly? Several possible reasons could explain
that. The first is about the low disturbance inducted by the virus on the
centrifuges. At first glance, everything looked to be fine. Nevertheless, the
disturbance inducted was enough to destroy in a long period of time, the
centrifuges. The second reason was to hide the virus to the eyes of our
brothers. Because of the trickster jewish had thought that the Iranians would
quickly discover the problem and would have stopped everything before that the
centrifuges explode. An other explanation (which may be speculative) could be
about the fact that is all the centrifuges would have been destroyed in a short
period of time, people would have questioned about the fact that there could
have had flaws in the structure of the centrifuges sold to Iran (which would
immediately blamed the Germans and the Siemens company which is the servant of
the Americans).
In order to hide the malfunctions to the
Iranians eyes, the virus were charged to deceive the Iranians scientific who
were supposed to monitor the centrifuges. In particular, the virus was supposed
to change the normal display of the Iranian GUI responsible to monitor the
network of PLCs. How to do that? We simply need to “hook” the function
responsible to display the information from the PLCs in order to change the true
values returned by the false ones responsible to deceive the Iranians. To do
so, the malware needed to simulate the “normal” behavior of the PLC according
to the input values configured by the Iranians scientists. In this manner, the
Iranians who monitor the centrifuges had always some good and coherent values.
But, in reality, it was the malicious actions launched by Stuxnet which were
executed by the PLC for the centrifuges. I explain the situation with some
pictures to be clearer, here is the normal behavior of a PLC which is correctly
programmed (we need to keep at mind that the PLC and the centrifuge are
strongly linked because one drives the other):
It the PLC is compromised, normally the state
machine should not work as it is supposed to do and this one is supposed to trace
back the information. That is to say:
But, it the outputs of the PLC are wrong and –
more important – are not in agreement with the input of the Iranians, the virus
would be quickly detected. Our brothers in Iran would have seen the problem. To
counteract this, the pirates who had made stuxnet had decided to send back the
information simulated by the virus according to the input of the Iranians. In
this way, everything looks good for people who monitor the system even if it
the hell in the system. The fallowing pictures sum up the situation:
This is what has really happened in Iran. These
are the weapons used by our enemies against us. I think the detection and the
discovery of the attack was a very painful sport. But our brothers did it! We
finally won the battle against the occidentals terrorists. Our bothers had very
few chances to discover such a sophisticated attack. Let’s congratulate them.
Now, it’s time to pay the bill. About what has
been written in this article, we can say that these fucking jewish and this
fucking yankees were not alone in this conspiracy. We need to add the Germans
as a protagonist in this huge operation. Otherwise, how to explain the fact
that the designers of the virus known so well how the PLC worked, how to
program them to destroy the centrifuges, how the network behind the nuclear
installations was (to spread the virus), how to know which type of PLCs were
used, how to simulate the action of the PLC according to any input if they had
never access to the data of the constructor… So many questions that have for
only answer the fact that the Germans were implicated in this operation. It is
obvious! Germans want to be forgiven about what they done against the jewish
during the second world war. To do so, they are ready to do everything (even
the most immoral and stupid things, and we can thing about the sell of the
submarines able to launch nuclear weapon by the Germans to Israel (4)). But,
what need to be forgiven to the German’s Nazi? What is the price of the jewish
forgiveness? We preferred when the Germans burnt them. At least, their action,
these days, were public health!
For those who want, I will post the previous message in french in pdf. Here, you will find the current one in english. Please, enjoy : http://dl.free.fr/nxuowhXag (psd : A1sS4wa)
Inscription à :
Articles (Atom)