Carnivore - Predator
Formerly known as THC HackSuite, Carnivore - Predator stands at the forefront of cutting-edge cybersecurity tools, redefining the landscape of penetration testing with unparalleled innovation. Designed to empower ethical hackers, security professionals, and enthusiasts alike, Carnivore - Predator is the ultimate Pentest CMS that puts you in command.
current version: 0.7.0 - PREDATOR
home > documentation > apps > How to use Parasite
This article explains how to effectively make use of Parasite.
author: Remco Kouw
created: 04-Jun-2024
updated: 04-Jun-2024

How to Use Parasite

This document will guide you through the functionalities of the Parasite application.

Parasite has multiple uses. Initially developed to rapidly create fake accounts on forums, it was later enhanced in 2017 to include more malicious features. Parasite became the first software capable of hijacking all accounts on forums by resetting user passwords. This process is reversible, as Parasite always creates backups of the original data.

Currently, Parasite supports two forum systems: MyBB 1.8 and SMF 2.0. Other versions may work if their MySQL database tables and configurations align with these versions. Parasite requires specific configurations, limiting its support to fewer software systems compared to Medusa.

Interface Parameters:

The user interface provides ten options:

  • Test Connection: Verify connection settings.
  • Test Table: Verify the correctness of table settings.
  • Dump Setup: Export the setup of the specified product.
  • Backup Table: Backup the database table into a text file in the backup folder.
  • Parasite Accounts: Hijack one, multiple, or all forum accounts.
  • Recover Table: Restore all user passwords.
  • Create Accounts: Create fake user accounts.
  • Truncate Username File: Clear data in the username file.
  • Remove Backup Files: Delete recovery data from the backup folder.
  • Create New Profile: Set up a new profile to connect to databases.

Options:

  • Hijack Forum: Hijack accounts and change their passwords.
  • Backup Forum: Create a backup of user account credentials.
  • Recover Forum: Restore hijacked accounts.

Supported Applications:

  • MyBB 1.8
  • SMF 2.x

Resource Settings:

  • Time Limit: PHP default
  • Memory Limit: PHP default

Dependencies:

N/A

Expanding Parasite:

Adding new products to Parasite requires significant effort, as it involves updating data across four folders to ensure proper functionality:

  1. Backup Folder: Stores backups of the parasited forums, with each product having its own folder.
  2. Classes Folder: Each product contains a class called ProductSpecific that extends the main class GenContent. The ProductSpecific class requires four methods:
    1. UserExists($sUser): Validates if the user exists.
    2. PassHashing($sSalt, $sPass): Encrypts a password.
    3. SetAccountSettings($aQuery): Creates query values for adding users.
    4. ParasiteAccount($aData, $aUsers): Hijacks user accounts by updating passwords with bogus passwords.
  3. Query Data Folder: Contains table fields and values for querying the target product database:
    1. insert_user.php: Contains the fields created when the product inserts a new user.
    2. parasite_db.php: Contains field and table values for the target product database.
  4. Connect Data Folder: When a profile is created for connecting to a target MySQL database, it will be added to accounts.php in the corresponding product folder.

Known Issues:

New products can be added to Parasite only if the user account creation process inserts all user information into a single table.

How to use Medusa Black || How to use ModGlue
similar content
How to use Medusa WhiteHow to use Medusa BlackHow to use ModGlueHow to add content to MedusaHow to create a ModGlue application
Created by Remco Kouw: 2008-2024