 |
| (Lorenz-84 - For the thumbnail) |
 |
| Styx Logo |
In this post we'll just see how the panel looks like.
If you want to know more about the price and exploits included see the "Read more" part at the end.
However here is how look a successful attack with last (known to me) integrated exploit :
 |
| Urausy pushed by Styx Using CVE-2013-2423 with Security Bypass (jnlp) - 2013-04-27 |
 |
| Open, Seasam - Login Screen |
 |
| Statistics - Global - Styx |
 |
| All menus - Styx |
 |
| Statistics - Country - Styx |
 |
| Statistics - Browser & OS - Styx |
(i tried to land with IE10 last java...nothing terrible happen but I already badly failed in recognizing new bullet)
At the bottom of the API page :
![]()
Which you can get here : styxAPI-samples.7z
(unmodified files - Owncloud via Goo.gl - just remove the .zip extension)
And we'll finish by the 404 (have to admit i love it - Lorenz-84 rotating here too)
Styx Panel in one word ?
Professional.
Read more :
Presentation :
Crossing the Styx ( Styx Sploit Pack 2.0 ) - Meet CVE-2012-4969 via JS heapspray - 2012-12-22
Last integrated exploits :
CVE-2013-2423 integrating Exploit Kits (search for Styx) - 2013-04-23
CVE-2013-1493 (jre17u15 - jre16u41) integrating Exploit Kits (search for Styx) - 2013-03-09
CVE-2013-0431 (java 1.7 update 11) ermerging in Exploit Kits (search for Styx) - 2013-02-25
For fast network sigs :
Styx Exploit Kit by @malwaresigs
How is it being used :
The path to infection - Eye glance at the first line of "Russian Underground" - 2012-12-05
Some References :
An Overview of Exploit Packs - Contagio - Mila
Wild Wild West - Kahu Security
 |
| Flow - Styx (No Traffic. So Empty) |
 |
| Settings - Domains - Styx |
 |
| Settings - Files - Styx |
 |
| Settings - Filters - Styx (hello "402 Payment Required" :) ) |
 |
| Settings - Notifications - Styx |
 |
| Settings - API - Styx (Unfolded : /api/stats_global) |
Which you can get here : styxAPI-samples.7z
(unmodified files - Owncloud via Goo.gl - just remove the .zip extension)
 |
| "Another problem with your file, my Lord. Captain Checker says it's NOT ok" Screenshot of StyxAPI sample.php |
 |
| Settings - Global Settings - Styx |
 |
| Settings - Global Settings - Show BL Weigths - Styx |
And we'll finish by the 404 (have to admit i love it - Lorenz-84 rotating here too)
 |
| Great job! You've just broke it. |
Styx Panel in one word ?
Professional.
Read more :
Presentation :
Crossing the Styx ( Styx Sploit Pack 2.0 ) - Meet CVE-2012-4969 via JS heapspray - 2012-12-22
Last integrated exploits :
CVE-2013-2423 integrating Exploit Kits (search for Styx) - 2013-04-23
CVE-2013-1493 (jre17u15 - jre16u41) integrating Exploit Kits (search for Styx) - 2013-03-09
CVE-2013-0431 (java 1.7 update 11) ermerging in Exploit Kits (search for Styx) - 2013-02-25
For fast network sigs :
Styx Exploit Kit by @malwaresigs
How is it being used :
The path to infection - Eye glance at the first line of "Russian Underground" - 2012-12-05
Some References :
An Overview of Exploit Packs - Contagio - Mila
Wild Wild West - Kahu Security