Malware | T1EH’s Blog

T1EH's Blog

A blog covering my homelab, projects and hacking activities

View on GitHub

Over the years I have made several pieces of malware, some better than others. And I feel as though it is a large part of my journy in cybersecurity and should be for most people as malware often will use hacking methods and exploits that hackers themself will also use.

You Make MALWARE?!

Yes, yes I do. It used to be the only thing I would program, and I used to program quite often. There is no law against making malware, however it is illegal to spread malware and use it against computers or networks that you are not allowed to or with malicious intent, just like hacking.

Malware I Have Made

Fair warning that not all of my malware is opensource and avaliable to the public, the most destructive malware I write is not even mentioned outside of closed circles of friends who never get the binary themself, if there is a Github repo for the project it will be next to it’s name.

Jack_Ketch Source Code

Jack_Ketch is a series / family of ransomware, while it started in Python it is now developed in Rust for not only a performance boost but more avalible methods to hide from Anti Virus solutions.

Read more about how Jack_Ketch works here

ErroxPerms Source Code

ErroxPerms is a program written in Rust designed to abuse security misconfigurations inside of the Windows operating system to gain access to SYSTEM from a Local Administrator while starting as a local user with no permissions. While it currently does not work, I am actively working on it behind the scenes of everything.

Errox_CMD Source Code

Errox_CMD is a collection of scripts designed to gain access to a local instance of CMD when normally it would be blocked. It has two main ways of doing this, one is through a python script that would spawn an instance of CMD, the other is running a Batch script as if the block of CMD is not set correctly a batch program can still run which is effectively nothing more a a scripted CMD instance.

Read more about how Errox_CMD works here

ErroxMalware Source Code

Erroxmalware is a C library designed to handle basic malware operations for C programs. While this isnt malware itself it does allow for malware to work without the author needing to write some code, which is always a plus.

Errox_7 Source Code

Errox_7 was a piece of remote access software, while developed in Bash I am currently in reworking it to be made in Python and Rust to be platform agnostic. It came with a direct connection which is being replaced by HTTPS traffic using TLS / SSL to look like normal web data.