News
//15 November 2008 //
VMprotect is the emulation software to run the miscellaneous file in simulation environment. Its for virus analysis purpose. Anyhow, we still can use vmware on this. But I can code the virus binary file to detect it is running in vmware. This software I never try. May be you can give it a try. Let me know if you success to code the virus which can detect it is running in vmprotect environment. :) Download from TOOLS SECTION.
//07 November 2008 //
I will publish and upload one simple heuristic engine to detect and cure the virus. Now busy to code the engine for my project :(
And I received alot of email ask the password of PEiD tool. I upload again and it is without password protected. Actually you can get all my tool if you download the F-13 LiveCD.
//02 November 2008 //
Just uploaded the different version of OllyDebug. Total 38. For F-13 Labs Collection.
Get it from Miscellaneous sections. Enjoy!
//26 October 2008 //
The following code will create the false alarms for two antivirus, :)!! It is infinite loop in the code, when the antivirus software detect it, will pop up alerts.
//--------
start:
jmp start
end start
//-----------------
When submitted to virustotal, 2 over 36 antivirus detected as malicious file. [Result] [Sourcecode] [Binary]
Thanks go to bi0n3xt
//02 October 2008 //
Virus applied the encryption or packer to avoid/bypass detection of antivirus. Antivirus need unpacking/cracking technique to step into the real code section in virus body and analyze the binary. hmm...Extreme Debugger Detector tool is interesting when you play around with your virus binary [Download].
//07 September 2008 //
Recently I quit busy on the study [boring security management]. Sigh, sometime the professional certificate just help you to show to others that you are really expert in security. Sad!!
Just received one sourcecode from my friend, NetSky Sourcecode. Please noted that this is just for education purpose. :P [Download]. Or download from virus section. Enjoy.
Kun Peter from china, just informed me that the binary file Iclord [Bios Rootkit]. As I know, 64K space in bios, would you able to code rootkit? hmmm...better we code it with virus ..hehehee..anyhow, this is the binary file [Download]. Please do not run in your notebook, I would not take any responsibility if the file destroy your PC. Take your own responsible if you want to come to my site and download the file. :P!!
//18 August 2008 //
This is the paper I published in DEFCON 16. Have fun!! [Download]
It's the comparison virus infection technic on windows platform and Linux platform. Do you believe that its more easier if code the virus on Unix/Linux platform?! :p
Get the full set of DEFCON 16 from here [Link]
//07 August 2008 //
Long time do not update my website. Today I received two great news from Izee and wargame:
1. EOF-Project/DR/RRLF second ezine available to download, check it out. and it's great virus ezine. [Link]
2. Welcome to our new member, vvilp. Welcome to virus scene. :)!!
//29 June 2008 //
Synge (our group member) has left F-13 Labs, we thank him for everything, and wish him all the best in his future life.
I put the links of my friend [AYANAMI REI] from China who are interesting in asm, reverse engineering, malware analysis etc. Refer to Link section. I know her becoz of the discussion on Flash Exploit.
//23 June 2008 //
Today is very great day for me. My paper "Comparison Virus on Windows Platform and Linux Platform" accepted in DEFCON (The largest Underground Hacking Convention) [Link]
But now another issue come in, is it suitable for vxer to present how to code virus in Windows and Linux platform..funny. right?! :p!!
//07 June 2008 //
Recently Flash exploit wild in internet. Everyone claim that he/she can code the exploit. But actually they are using exploit generator. Get it from the tool section. Check it out becoz the generator already cracked by china cracker. All the right reserved to author [Cracker Link].
It's very dangerous if the exploit *.swf download and execute malware/virus files. Consider another method to spread the virus.
//01 June 2008 //
For the "Race to zero" contest in Defcon [Link], you might need the website for training.
2. http://virusscan.jotti.org/
// 29 May 2008 //
I uploaded the complete set of OllyDebug script for cracking [867 scripts]. Test it when you wanna learn cracking or doing unpacking stuffs. [And, don't send the fucking emails ask me about the password. :p!!] Check it out in miscellaneous section.
// 13 May 2008 //
Another note for assembly, floating point in x86 assembly functions. Refer [URL]
// 12 May 2008 //
The F-13 LiveCD version 0.1 already include the antivirus software ESET NOD32 and Kaspersky 6.0. Actually I create for testing my virus code. Anyhow, the LiveCD would be useful if you use for hardisk scanning. You can shutdown the PC, insert the CD and boot it. Update the Virus Signature of NOD32 and Kaspersky with Thumbdrive [LiveCD will detect the thumbdrive, try to figure out by yourself how to update virus definition file :p!!] and doing the scanning on infected hardisk. Tested successful on Windows XP. Plus, LiveCD will auto detect the localdisk. Enjoy!! and any comment please drop me the email....[URL]
// 10 May 2008 //
I received alot of the email asking about the tool [Just for members] such as PEiD, OllyICE blah blah.....Now the F-13 LiveCD version 0.1 already done and ready to download [URL].
// 26 March 2008 //
Download the free version of visual c from this website [Download]
// 17 March 2008 //
Try this website [URL]. Its sandbox to run all the malware and auto generate the report. I code one virus file just for demo and upload to the sandbox's website. This is the report [Report]. If you want to download my demo binary files, please check "virus" section in this website.
hmm...the sandbox website is very interesting. :)
// 14 March 2008 //
Upload one virus sampel [Win32/Xorer]. According to Robinh00d, the virus already spreading in China. [Download] [Password = f-13labs]
Please remember the file is real virus and will infect your PC/Notebook. Be careful when you reverse engine/debug.
// 22 February 2008 //
Recently doing alot of research on Visual C++ and Assembly. [Until I not code the virus stuff for EOF-Project new Ezine :p] In my project, I want to mix asm with visual C++. This is the note for how to link the assembly program with visual C. [View]
Enjoy
