Skip to content
/ XWorm-Trojan Public

Exploit for the vulnerability null pointer derefrence to in XWorm RAT

19 stars 6 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

sqrtZeroKnowledge/XWorm-Trojan

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
DoS_XWorm.cpp
DoS_XWorm.cpp
 
 
README.md
README.md
 
 
XWorm-5.6-Source Code.7z
XWorm-5.6-Source Code.7z
 
 

Repository files navigation

Intro:

During my investigation to analyze a sample of the XWorm Trojan, I decided to learn more about its behavior in the wild and examine its builder. After obtaining the builder, I discovered a security vulnerability that could assist security analysts in disrupting the builder's functionality or causing a Denial of Service (DoS) of the XWorm RAT C2 panel.

To exploit the vulnerability, one would need the IP address of the C2 and the port for the reverse connection. It is possible to build the exploit using Visual Studio and modify the indicators of compromise (IOCs) to suit your needs. For those seeking additional samples.

PoC Validation : https://packetstormsecurity.com/files/170981/XWorm-Trojan-2.1-NULL-Pointer-Dereference.html

Malware Bazzar : https://bazaar.abuse.ch/browse/signature/Xworm/

Resources such as screenshots of the Trojan may prove helpful:

PoC

Crash PoC

Src: Cyble

XSS.IS FORUM

Developer Website

Cyble - Archvie.

About

Exploit for the vulnerability null pointer derefrence to in XWorm RAT

Resources

Readme
Activity

Stars

19 stars

Watchers

2 watching

Forks

6 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages