Version 2.1 and Version 5.0:
and for interests sake platters out of some old hard-drives. (vernier caliper is showing 3.5inches):
R.A.M Network Security Services encompasses a broad range of security-testing methods known as Ethical Hacking. It is the practice of assessing the security posture of a given security system, using the same tools and techniques employed by blackhat-hackers on a daily basis. These techniques can be performed against system Operating Systems, services, software and website-applications. There are a number of ways to achieve various results, according to your business needs.
The benefits of a comprehensive analysis can range from reducing the likely hood of downtime and financial or other business implications and damage to electronic assets.
According to the currently available statistics at the time of writing, the document “Net Losses: Estimating the Global Cost of Cybercrime Economic impact of cybercrime II Center for Strategic and international Studies – June 2014” by the renowned global Security company, McAffee, estimates that 0.14% of South Africa’s GPD is lost through cyber-crime. This equates to just less than five (R4.91 Billion) Billion Rand that is stolen. Additionally South Africa ranks number six amongst the most targeted counties for cyber-crime globally by the U.S. Federal Bureau of Investigation (FBI), whilst another renowned security company, Symantec, listed South Africa as the third worst hit country globally by cyber-crime.
Here is a basic trainer for Assassins Creed 4 – Black Sails.
The game, although fun, is full of annoying sneaking missions. This trainer can assist here.
By searching for a specific array of bytes that represent a compare and a jump and replacing them with no-operation commands a sort of invisibility hack is created. By searching for an array of bytes and not relying on fixed addresses it is possible for this trainer to work on multiple versions, if not all versions.
The array of bytes to search for is: 0x80, 0x7d, 0xff, 0x00, 0x74, 0x0a, 0x5e
This should be replaced with six NOP’s.
The Address in my version of the game is 0x018a239b
Image of memory before patching:
Image of memory after patching:
I have attached source code to automatically patch it.
The trainer is designed as a launcher, and as such must be placed within the games root directory and then executed. The trainer will then launch Assassins creed, whilst searching for the relevant arrays to patch. The hack is completed once a call to WriteProcessMemory is made and six NOP’s are written to the address determined through pattern-searching.
Image of the trainer/launcher is displayed below:
This application is a rewrite of my original fuzzer. Several features have been added as well as a full user-friendly GUI.
Additionally the major change in this version is the ability to modify and add the attack strings through the provided sample list. This adds to the overall flexibility of the application.
Additionally the application now supports both POST and GET requests.
The provided text file “attackstrings.txt” contains a list of attack request strings, this file must reside in the applications root directory.
This can also be used to determine whether vulnerability “CVE-2007-1036 JBoss JMX-Console Access Vulnerability” exists on a particular server.
You can try for yourself a target with google, and a google dork: inurl: /reports/rwservlet/help?
As mentioned the contents can be modified to suit the attackers needs.
The sample contents of the “attackstrings.txt” file are as below:
The application and code can be downloaded and viewed below:
SMARTERMAIL 12.0.x FREE EDITION:
Contact Book XSS:
It is possible to send someone a vulnerable .vcf contact file, assuming they are accessing it through Smartermail. The code is executed upon viewing the contact book.
Version 5.5 Enterprise:
The below fields can be seen below:
FN:foo1 foo2 foo3 foo4
The result can be seen below by visiting the contacts page, the code is executed:
This issue was reported to Smartertools and I am happy to report that the issues have been resolved speedily with a new build with version numbers after and including: 12.0.5197.19984