Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Pirated Windows 7 Builds Botnet with Trojan

13 May 2009   #41
Satch

Windows 7
 
 

Quote   Quote: Originally Posted by jimbo45 View Post
Hi all

Why don't people EVER give PROPER info for this stuff

1) If MS knows that these are "Infected" - give the hashes for the "Infected" builds -- we've all got the hashes for the Official builds so it's easy to check.

2) Say WHAT BUILDS are infected. Microsoft has been burying its head like an Osterich in the sand even refusing to ACKNOWLEGE any builds other than the BETA 7000 and the official 7100 EVEN EXIST.

3) If this stuff has a botnet / trojan in it publish a method of detection -- some people will ALWAYS use stuff from "dubious" sources -- and in doing so can transmit stuff to software obtained Legitimately.
By just saying certain downloads might contain a Botnet etc without publishing methods of detection etc is just being PLAIN IRRESPONSIBLE.

Information such as saying "XXXX" might contain a virus / malware etc doesn't actually help ANYBODY and merely re-inforces the perception that they are just scaremongering.

If your build matches the Official one it WON'T contain anything it shouldn't.

Of course with the Official RC being easily (and quickly) available it really doesn't make any sense to download it from a torrent -- but that is a TOTALLY different issue.

Cheers
jimbo
I agree 100% mate. But this has allowed Night Hawk to get going again! Still waiting for him to explain the hashes thing. He can't, therefore that's why he hasn't tried.


My System SpecsSystem Spec
.
13 May 2009   #42
Plantje

Windows 7 32 bit both Ultimate and Home Premium
 
 

Quote   Quote: Originally Posted by Satch View Post
I agree 100% mate. But this has allowed Night Hawk to get going again! Still waiting for him to explain the hashes thing. He can't, therefore that's why he hasn't tried.
Just READ the posts! In post #17 I have included a link to hash calculators. Just download one of them, select the file you want to be checked and have the programm calculate the hash value.
This value should be the same as the value that is available as "safe".

How hard can it be?!?
My System SpecsSystem Spec
13 May 2009   #43
mxosder16

Windows 7 Ultimate x86
 
 

Quote:
Just READ the posts! In post #17 I have included a link to hash calculators. Just download one of them, select the file you want to be checked and have the programm calculate the hash value.
This value should be the same as the value that is available as "safe".

How hard can it be?!?
no no. Satch is referring to when Night Hawk was going on about some windows.old file and some russian stuff in it or something, which then led to him saying even if the hashes match up from a leaked build to a MS released build there can be a difference...
logic says there can't be a difference.
Satch is waiting for Night Hawk to prove logic wrong.
Correct me if i'm wrong Satch

edit: i don't want to be dragged into the whole Night Hawk/Satch thing.
i was just trying to clear up what i saw satch as saying
My System SpecsSystem Spec
.

13 May 2009   #44
Plantje

Windows 7 32 bit both Ultimate and Home Premium
 
 

Quote   Quote: Originally Posted by redsoxm16 View Post
no no. Satch is referring to when Night Hawk was going on about some windows.old file and some russian stuff in it or something, which then led to him saying even if the hashes match up from a leaked build to a MS released build there can be a difference...
logic says there can't be a difference.
Satch is waiting for Night Hawk to prove logic wrong.
Correct me if i'm wrong Satch

edit: i don't want to be dragged into the whole Night Hawk/Satch thing.
i was just trying to clear up what i saw satch as saying
Ok, sorry, my bad
My System SpecsSystem Spec
14 May 2009   #45
PhreePhly

Windows 7 x64 (RTM via MSDN)
 
 

Quote   Quote: Originally Posted by redsoxm16 View Post
no no. Satch is referring to when Night Hawk was going on about some windows.old file and some russian stuff in it or something, which then led to him saying even if the hashes match up from a leaked build to a MS released build there can be a difference...
logic says there can't be a difference.
Satch is waiting for Night Hawk to prove logic wrong.
Correct me if i'm wrong Satch
To be fair, logically, there can be a difference, it's just astronomically difficult to do. I don't think Night Hawk has a great understanding of hashing functions, however, he's right to be concerned. Installing an already rootkitted OS is a great way to setup a botnet.

PhreePhly
My System SpecsSystem Spec
14 May 2009   #46
mxosder16

Windows 7 Ultimate x86
 
 

Quote:
To be fair, logically, there can be a difference
i know, maybe logically was a bad choice of word...but...
Quote:
it's just astronomically difficult to do.
that's the point
My System SpecsSystem Spec
14 May 2009   #47
andych

Windows 7 RTM Ultimate - Activated (Technet)
 
 

Quote   Quote: Originally Posted by PhreePhly View Post
To be fair, logically, there can be a difference, it's just astronomically difficult to do. I don't think Night Hawk has a great understanding of hashing functions, however, he's right to be concerned. Installing an already rootkitted OS is a great way to setup a botnet.

PhreePhly
Maybe not as difficult as we might think.
Peter Selinger: MD5 Collision Demo
My System SpecsSystem Spec
14 May 2009   #48
holo88

Windows 7 Ultimate x32
 
 

just asking here ... where is this # that determine legitimacy?
and how in the world would you know if your copy is infected?

-btw-
some people use torrent sites for thing like this (win 7 iso) for d/l speed.
i had my copy in 17 minutes, where as it would've taken 1-2 hours from M$ directly.
My System SpecsSystem Spec
14 May 2009   #49
PhreePhly

Windows 7 x64 (RTM via MSDN)
 
 

Quote   Quote: Originally Posted by andych View Post
Maybe not as difficult as we might think.
Peter Selinger: MD5 Collision Demo
From Software Integrity Checksum and Code Signing Vulnerability which is one of the exploits referenced from your reference:

Excerpt:
"It is important to note that the hash value shared by the two different files is a result of the collision construction process. We cannot target a given hash value, and produce a (meaningful) input bit string hashing to that given value. In cryptographic terms: our attack is an attack on collision resistance, not on preimage or second preimage resistance. This implies that both colliding files have to be specially prepared by the attacker, before they are published on a download site or presented for signing by a code signing scheme. Existing files with a known hash that have not been prepared in this way are not vulnerable."

Basically the MD5 exploit can create two files with the same hash, but it can't produce a file to match a given hash.

PhreePhly
My System SpecsSystem Spec
14 May 2009   #50
jimbo45

Linux CENTOS 7 / various Windows OS'es and servers
 
 

Hi all
It CAN be done using modern cryptology methods
BUT you need these in place to be able to do it.

1) The ENTIRE computing resources of the planet at your disposal
2) A time period longer than the estimated remaining lifetime of the Sun (around 4.5 Billion years - but mankind will be extinct LONG LONG before that).

Once we get into the realms of "Quantum Computing" then it can be done quickly and easily --in fact any current encryption - even DES 128 bit stuff etc etc can be broken -- the problem is that nobody has built a Quantum computer yet that contain more than a few "Qubits" which have a "coherence" i.e lifetime of more than a few seconds.

As far as people on these Forums are concerned if the set of Hashes match then the image is 100% OK. No if's, no Buts. It's just a fact - unless you've found a way of circumventing the laws of Physics and Mathematics.

Cheers
jimbo
My System SpecsSystem Spec
Reply

 Pirated Windows 7 Builds Botnet with Trojan




Thread Tools




Similar help and support threads
Thread Forum
Getting rid of a pirated copy of windows 7
Hi, I have recently been stupid enough to let someone install a ''genuine'' copy of windows 7 home premium on my computer and now it has all gone wrong, recognising that my copy is not genuine and insisting that I activate the account. Unfortuanetly the system restore does not work and I have...
Installation & Setup
Windows 7 Pirated version to Legit Win 7 Pro
I have a computer with a Win 7 Ultimate 64 bit operatiing system. I have taken hours setting it up only to find out that the win 7 product key was already used on another computer in my office. I have an unused Win Professional 7 64-bit I want to use. I tried simply using the new product key but of...
Installation & Setup
How to know if your windows 7 is pirated/illegal copy?
not that i have an illegal copy but just wondering how can you tell from the original/legal copy and the pirated/bootleg one?
General Discussion


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 09:47.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App