Many years ago a friend of mine came around with an idea, not new even back on those days, but fun anyways.
The idea was to automate SQL Injection attacks by using search engines to find vulnerable targets.
Integrated with a tiny Delphi malware (yes, Delphi 0_o) it has became powerful.
This code lays in a separate part of my heart (yes, I do have a heart) not because it was 31337 (it wasn’t!) or extremely advanced but only because it was fun to write.
I did not run the code in the wild, not even once, truly. I wrote it with the help of other people testing it at the same time I was writing it down, back on 2006 when internet was a savage place with practically no rules. Nowadays things has changed a lot and everything you do is either illegal or shameful, so I do nothing else like this anymore.
This code is outdated and no longer work so it is not of much use, even less because the Deplhi malware is not included but I would like to share Volatile myself because other people already did this so it is my right, right?.
I believe I’ll sleep well and apart from that, this software is already out there on the internet since 2006 and it was used even for teaching computer security in few Universities.
It has basically three steps to accomplish complete control over remote computers running ASP + Windows:
– Find possible vulnerable targets using web search engine by applying an specific SQL command and testing its return, if it was an error then:
+ Perform cmd_shell command, pinging origin IP, Volatile would then start an ICMP sniffer to see if ICMP packets would arrive from remote target, if so;
– Execute a new cmd_shell command downloading and executing the malware from a different remote host. Such malware would take control over the box and then send a screenshot and star to listen an specific port (backdoor) , waiting for connections.
– It would keep running through hundreds of possible vulnerable machines , creating a list of compromised hosts.
Fun enough, but nowadays pretty illegal and I do not recommend anyone to do anything similar to this in the times we live, so it is a fossil , only, for posterity (myself) appreciation.
Here is the code: https://gist.github.com/carloslack/9f6348606c4447b89830