+'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''+
|   #xmrgang                                  _______________   |
|       |  undoxed    ELITE MONERO HACKERZ!  |   __________  |  |
|       `'\___/       *********************  | |  beep     | |  |
|   elite   |  #htp   ALL UR BASE  R BELONG  | |     boop  | |  |
|      \__/'|'__/             2 US.          |  \__________/ |  |
|         \_|_/       *********************  \_______________/  |
|                                                               |
|   XMR XMR XMR XMR!!                                           |
+---------------------------------------------------------------+
|                               #moneromonarchy                 |
|   * Table of Contents                                         |
|                                .-----------------.            |
|     - 0x01 (toc)               |  p.s fux these  |            |
|     - 0x02 (malware)           |  kids:          |            |
|     - 0x03 (fun or profit)     |                 |   #wtfux   |
|                                |  * hades        |            |
|   * Shoutouts                  |  * whitehats    |            |
|                                |  * doxbin       |            |
|     - whoremail                '-----------------'            |
|     - modbroker                                               |
|     - moleman         (swatnet)<-pikachu packetz              |
|                                       \_[packet]->BRRR        |
|                      [010101 010101110 10010100]              |
|       rw init=/bin/bash<-[payload]_/                          |
|                        \_[method]->zeroday_execution          |
|                                                               |
|       * ac1d_burn joined #xmr                                 |
|                                                               |
|            ac1d_burn: what's the score?                       |
|            zer0cool: let's hax the mufqn gibson!              |
|                                                               |
|       * sd joined #xmr                                        |
|                                                               |
|            sd: the gibson? nah let's hack the mufqn planet.   |
|                                                               |
|       #hacktheplanet.                                         |
+---------------------------------------------------------------+
| xmrxmrxmrxmrxmrxmrxmrxmrxmrxmrxmrxmrxmrxmrxmrxmrxmrxmrxmrxmr :|
'---------------------------------------------------------------'
|								|
|   * malware.							|
|								|
|	In this edition of eZine #2, I will be writing about	|
|       malware and why it can be fun & profitable.		|
|								|
|       Firstly, malware development is always expanding and	|
|       always moving forward. With new threat actors and new	|
|       techniques always appearing.				|
|								|
|       Writing malware for fun should always be a task that	|
|       you enjoy. Exploring the inner workings of the Win API	|
|       or the fundamentals of the Linux kernel. Your computer	|
|       is a canvas and your keyboard is your paint stick.	|
|								|
|       I have not yet finished this article so this will be	|
|       here as a "placeholder".				|
|								|
+---------------------------------------------------------------+
|								|
|   * fun / profit.						|
|								|
|	Writing malware for fun is probably your best way of	|
|       learning. Humans tend to enjoy things more if they are,	|
|	well, enjoyable. Writing for profit is something you	|
|	should only really do if you are proficient in malware	|
|	development. It's not a trivial task to make malware.	|
|								|
|	Regardless, writing malware is much like an art.	|
|	You must practice and learn by writing it. While malwa- |
|	re development is fun, it is insanely important to rem- |
|	ber that it requires a high level of programming skill  |
|	and intelligence to master.				|
|								|
|	Malware is such a unique and diverse topic to cover so  |
|	I will only be covering basics/fundamentals.		|
|								|
|								|
|   * introduction to windows malware.				|
|								|
|	The first technique I would like to cover is process	|
|	injection. This is one of the main fundamentals of mal- |
|	ware and it's important to understand how this works.	|
|								|
|	To begin, let me say that this is a vanilla method.     |
|	The general steps for this type of injection are:	|
|								|
|	  - Get a handle on process.				|
|	  - Allocate a buffer in the process memory.		|
|	  - Write the contents of your shellcode into		|
|	    the buffer.						|
|	  - Create a thread that will run the surgically	|
|	    allocated contents of the buffer you wrote.		|
|								|
|	To do this we need to use a language that can interact  |
|	with the Windows API or Kernel.				|
|	C is preferred by most developers but me and my pals,	|
|	are big fans of D. [https://dlang.org]			|
|								|
|	You will need to learn how to use these functions:	|
|								|
|	  - OpenProcess (HANDLE)				|
|	  - VirtualAllocEx (LPVOID)				|
|	  - WriteProcessMemory (BOOL)				|
|	  - CreateRemoteThreadEx (HANDLE)			|
|								|
|								|
|	Read the Win32 API documentation to learn the syntax.   |
|	https://learn.microsoft.com/en-us/windows/win32/api/	|
|								|
+---------------------------------------------------------------+
|								|
|   * profiting from malware					|
|								|
|	To profit from malware (which you should never do),	|
|	all you need to do is write something effective and	|
|	undetectable. Stealers sell stealer logs which contain	|
|	emails, usernames, passwords etc. Botnet's convert	|
| 	"zombies" or infected devices into DDoS power and sell	|
|	it as a service.					|
|								|
|	Alternatively, you may also indulge in ransomware.	|
|	(not a recommendation, as this is highly illegal)	|
|								|
|	However, ransomware is extremely profitable from a	|
|	blackhat's perspective. It does require a lot of skill  |
|	but I have seen a lot of idiots/skids social engineer   |
|	their way onto servers to ransomware them.	        |
|								|
+---------------------------------------------------------------+
|								|
|   * exotic malware						|
|								|
|	What is exotic malware? Essentially it is malware that	|
|	is written in an obscure language. Meaning a language,	|
|	that doesn't have many libraries, isn't a regular lang, |
|	or just isn't really known to many people.		|
|								|
|	Some of these languages are:				|
|	    - DLang [https://dlang.org]				|
|	    - Zig [https://ziglang.org]				|
|	    - Elixir [https://elixir-lang.org]			|
|	    - Nim [https://nim-lang.org]			|
|	    - VLang [https://vlang.io]				|
|								|
|	These languages are used to hinder analysis as they	|
|	are not as analysed as more commonly used languages	|
|	such as C or Python or Go.				|
|								|
|	Take "HawkLoader" as an example.			|
|	[https://github.com/dk0m/HawkLoader]			|
|								|
|	This is an indirect system call based shellcode loader	|
|	written fully in DLang. It utilize's the well known	|
|	method SysWhispers which was ported to DLang by mod-	|
|	broker.							|
|								|
+---------------------------------------------------------------+