gunzip the archive then use tar. I also made a zip file which contains the extracted .dll and the .sys file and uploaded it here<http://www.2shared.com/file/QWyk-yCp/bundestrojaner.html> .
2011/10/10 xD 0x41 <[email protected]> > Interesting... although that archive seems corrupt... id like to see abit > more about this but, very interesting indeed.. specially skype id > harvesting, what could this be for. > hrms > xd > > > On 10 October 2011 07:13, <[email protected]> wrote: > >> On Sun, 9 Oct 2011 16:31:53 +0200, You Got Pwned >> <[email protected]> wrote: >> > Hi List, >> > >> > i thougt this could be interesting. My english is not very good so i >> > copied the following information from FSecure >> > (http://www.f-secure.com/weblog/archives/00002249.html [1]) >> > >> > "Chaos Computer Club from Germany has tonight announced that they >> > have located a backdoor trojan used by the German Goverment. >> > >> > The announcment was made public on ccc.de [2] with a detailed 20-page >> > analysis of the functionality of the malware. Download the report in >> > PDF [3] (in German) >> > >> > The malware in question is a Windows backdoor consisting of a DLL and >> > a kernel driver. >> > >> > The backdoor includes a keylogger that targets certain applications. >> > These applications include FIREFOX, SKYPE, MSN MESSENGER, ICQ and >> > others. >> > >> > The backdoor also contains code intended to take screenshots and >> > record audio, including recording Skype calls. >> > >> > In addition, the backdoor can be remotely updated. Servers that it >> > connects to include 83.236.140.90 [4] and 207.158.22.134" >> > >> > According to CCC Germany the backdoor could also be exploited by >> > third parties. You can download it from >> > http://www.ccc.de/system/uploads/77/original/0zapftis-release.tgz >> > [5] . You'll need gzip and tar to get the .dll and the .sys file. >> > >> > >> > Links: >> > ------ >> > [1] http://www.f-secure.com/weblog/archives/00002249.html >> > [2] http://www.ccc.de/ >> > [3] >> > >> > >> http://www.ccc.de/system/uploads/76/original/staatstrojaner-report23.pdf >> > [4] http://webmail.0m3ga.net/tel:83.236.140.90 >> > [5] http://www.ccc.de/system/uploads/77/original/0zapftis-release.tgz >> >> I was looking at this just late last night. >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
