FinFisher/database2

Aus Piratenwiki
Wechseln zu: Navigation, Suche

Hier der zweite Teil der database.sql von FinFishers Support-Website. Zum ersten Teil geht es hier ->

table extension_types

-- -- Table structure for table `extension_types` --

DROP TABLE IF EXISTS `extension_types`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `extension_types` (

 `ID` int(4) NOT NULL AUTO_INCREMENT,
 `Name` varchar(100) DEFAULT NULL,
 `Description` varchar(255) DEFAULT NULL,
 `Lanuage` char(2) DEFAULT 'en',
 `Enabled` tinyint(1) DEFAULT '1',
 PRIMARY KEY (`ID`)

) ENGINE=MyISAM AUTO_INCREMENT=4 DEFAULT CHARSET=cp1256 CHECKSUM=1 DELAY_KEY_WRITE=1 ROW_FORMAT=DYNAMIC; /*!40101 SET character_set_client = @saved_cs_client */;

-- -- Dumping data for table `extension_types` --

LOCK TABLES `extension_types` WRITE; /*!40000 ALTER TABLE `extension_types` DISABLE KEYS */; INSERT INTO `extension_types` VALUES (1,'Pictures',NULL,'en',1),(2,'Documents',NULL,'en',1),(3,'Video',NULL,'en',0); /*!40000 ALTER TABLE `extension_types` ENABLE KEYS */; UNLOCK TABLES;

table extensions

-- -- Table structure for table `extensions` --

DROP TABLE IF EXISTS `extensions`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `extensions` (

 `ID` int(4) NOT NULL AUTO_INCREMENT,
 `Name` varchar(5) DEFAULT NULL,
 `Description` varchar(255) DEFAULT NULL,
 `TypeID` int(4) DEFAULT NULL,
 `Enabled` tinyint(1) DEFAULT '1',
 PRIMARY KEY (`ID`)

) ENGINE=MyISAM AUTO_INCREMENT=14 DEFAULT CHARSET=latin1; /*!40101 SET character_set_client = @saved_cs_client */;

-- -- Dumping data for table `extensions` --

LOCK TABLES `extensions` WRITE; /*!40000 ALTER TABLE `extensions` DISABLE KEYS */; INSERT INTO `extensions` VALUES (1,'.gif',NULL,1,1),(2,'.jpg',NULL,1,1),(3,'.bmp',NULL,1,1),(4,'.png',NULL,1,1),(5,'.ico',NULL,1,1),(6,'.txt',NULL,2,1),(7,'.doc',NULL,2,1),(8,'.xls',NULL,2,1),(9,'.pps',NULL,2,1),(10,'.pdf',NULL,2,1),(11,'.zip',NULL,2,1),(12,'.html',NULL,2,1),(13,'.ppt',NULL,2,1); /*!40000 ALTER TABLE `extensions` ENABLE KEYS */; UNLOCK TABLES;

table feedback

-- -- Table structure for table `feedback` --

DROP TABLE IF EXISTS `feedback`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `feedback` (

 `ID` int(10) unsigned NOT NULL AUTO_INCREMENT,
 `FirstName` varchar(20) DEFAULT NULL,
 `To` varchar(100) DEFAULT NULL,
 `Subject` varchar(200) DEFAULT NULL,
 `Description` text,
 `Language` char(2) DEFAULT 'en',
 `CustomerID` int(11) DEFAULT NULL,
 `Timestamp` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
 PRIMARY KEY (`ID`)

) ENGINE=InnoDB AUTO_INCREMENT=29 DEFAULT CHARSET=utf8; /*!40101 SET character_set_client = @saved_cs_client */;

-- -- Dumping data for table `feedback` --

LOCK TABLES `feedback` WRITE; /*!40000 ALTER TABLE `feedback` DISABLE KEYS */; INSERT INTO `feedback` VALUES (1,'Hiwunet','support@gamma-international.de','License issues','we bought 60 licenses from your company , and we have currently 31 active targets. \r\n\r\nOur system shows the error:Remove target license no license found for target xxxxxxxxxxxxx','en',31,'2011-03-15 13:17:43'),(2,'Nazar','support@gamma-international.de','Deep Freeze','One of our target PC is with Deep Freeze 7 sw. And when we infected it we can not see that PC as online it is ofline','en',27,'2011-05-24 11:35:31'),(3,'Thanh','support@gamma-international.de','My license','Hi,\r\n\r\nas our contract, we have bought Finspy mobile with 2 years license and support, but when checking license in this website, it is only 01 year. Please check it for me.\r\n\r\nThanks,\r\n\r\nThanh','en',48,'2011-07-31 04:10:29'),(4,'Hiwunet','support@gamma-international.de','License problem ','Our FinUsb products licence was supposed to have expired on Sep 30, 2011, but it has expired since sep 1\r\n\r\nsecond , this same product is not able to import data that has been collected in the USB flashes.\r\n\r\nwith kind regards!','en',31,'2011-09-20 07:24:50'),(5,'E7549C72','so@gammagroup.com','FinSpy Mobile','To whom it may concern\r\n\r\nWe are currently investigating the possibility of adding the FinSpy Mobile package to our cyber solution.\r\n\r\nBrydon was always our contact person and he was in contact with our general manager, but he was moved to another structure. Can you please ask him to prepare a proposal and forward it to cyberiakicksass@gmail.com.\r\n\r\nRegards\r\nZAR','en',28,'2011-12-12 18:14:22'),(6,'Tomas','support@gamma-international.de','FinFly LAN license','Sir,\r\nwe have purchased lots of your systems including FinIntrusion and FinFly LAN. The FinIntrusion KIT was delivered with FinIntrusion KIT SW installed as well as with FinFly LAN. The FinIntrusin SW did not work, so it was replaced by a completely new KIT. In this new set there is Fintrusion installed, but FinFly is not. So we installed FinFly LAN from CD attached, but missing license. Machine ID for FinFly LAN matches papers sent to us and info from the SW: C5:82:22:87:34:78:56:A3. The machine ID mentioned at your support pages is wrong. Please send us the license file for FinFly LAN with installation manual and fix the wrong machine ID here.\r\nThx.\r\n Tom','en',52,'2012-01-16 10:07:46'),(7,'Nasser','support@gamma-international.de','Edit account information','I need to change the email address in my account','en',21,'2012-04-05 07:03:57'),(8,'test','support@gamma-international.de','test','test','en',19,'2012-04-20 15:30:24'),(9,'GID/User:7678CCD6','support@gamma-international.de','Problem With Activating The License For FinUSB Suite','Kindly Note\r\n\r\nWe Cannot Activate The Product Linked To Your Offer No. O-20110303-JOR-0431 dated 3rd March 2011. \r\nThe FinUSB HQ Application Asks For A *.ggpck File To Update The License, Where Can We Get This File.\r\nIn Addition To That, We Found On The Support Site That The Product Is Activated Since 27-11-2011 But We Did Not Activate The Product, Please Advice\r\n\r\nBest Regards','en',17,'2012-05-08 09:19:02'),(10,'Odmagnai','support@gamma-international.de','please give us reference as soon as possible','Dear Sirs. We tried to send infected pdf file to gmail account. It giving error message even we had zipped it\r\nplease give us reference as soon as possible\r\n\r\nHi. This is the qmail-send program at mail.mn.\r\nIm afraid I wasnt able to deliver your message to the following addresses.\r\nThis is a permanent error Ive given up. Sorry it didnt work out.\r\n\r\nodmagnai@gmail.com:\r\n173.194.79.26 failed after I sent the message.\r\nRemote host said: 552-5.7.0 Our system detected an illegal attachment on your message. Please\r\n552-5.7.0 visit http://support.google.com/mail/bin/answer.py?answer6590 to\r\n552 5.7.0 review our attachment guidelines. ou2si7873584pbb.339\r\n\r\n--- Below this line is a copy of the message.\r\n\r\nReturn-Path: info@future-mongolia.com\r\nReceived: qmail 7724 invoked by uid 1009 27 Apr 2012 20:24:44 -0000\r\nReceived: from unknown HELO progamer491hij info@future-mongolia.com@10.5.0.10\r\n by mail.mn with SMTP 27 Apr 2012 20:24:44 -0000\r\nFrom: Future Mongolia info@future-mongolia.com\r\nTo: odmagnai@gmail.com\r\n','en',18,'2012-05-17 02:30:16'),(11,'Odmagnai','support@gamma-international.de','please give us reference as soon as possible','Dear Sirs. We tried to send infected pdf file to gmail account. It giving error message even we had zipped it\r\nplease give us reference as soon as possible\r\n\r\nHi. This is the qmail-send program at mail.mn.\r\nIm afraid I wasnt able to deliver your message to the following addresses.\r\nThis is a permanent error Ive given up. Sorry it didnt work out.\r\n\r\nodmagnai@gmail.com:\r\n173.194.79.26 failed after I sent the message.\r\nRemote host said: 552-5.7.0 Our system detected an illegal attachment on your message. Please\r\n552-5.7.0 visit http://support.google.com/mail/bin/answer.py?answer6590 to\r\n552 5.7.0 review our attachment guidelines. ou2si7873584pbb.339\r\n\r\n--- Below this line is a copy of the message.\r\n\r\nReturn-Path: info@future-mongolia.com\r\nReceived: qmail 7724 invoked by uid 1009 27 Apr 2012 20:24:44 -0000\r\nReceived: from unknown HELO progamer491hij info@future-mongolia.com@10.5.0.10\r\n by mail.mn with SMTP 27 Apr 2012 20:24:44 -0000\r\nFrom: Future Mongolia info@future-mongolia.com\r\nTo: odmagnai@gmail.com\r\n','en',18,'2012-05-17 02:30:47'),(12,'Odmagnai','support@gamma-international.de','please give us reference as soon as possible','Dear Sirs. We tried to send infected pdf file to gmail account. It giving error message even we had zipped it\r\nplease give us reference as soon as possible\r\n\r\nOdmagnai.S\r\naltan_edu@yahoo.com\r\nmnkhzrg@yahoo.com\r\nodmagnai@yahoo.com','en',18,'2012-05-18 03:41:37'),(13,'GID','support@gamma-international.de','Update File Linked To Offer No. O-20110303-JOR-0431 dated 3rd March 2011','Hello\r\n\r\nWhen We Apply The New Update File Named *.ggpck On The Machine, The FinUSB HQ Give Message That The Machine UID Is Wrong.\r\nThen The FinUSB HQ Stoped Working Asking For The Suitable Update File.\r\n\r\nPlease Advice','en',17,'2012-05-28 16:33:46'),(14,'Khalid','support@gamma-international.de','Exploits not working.','Dear Support.\r\n\r\nWe bought the following:\r\n\r\nMicrosoft Office PowerPoint PPSX 2010-2007\r\nMicrosoft Office Excel XLS 2010-2007-2003-2002\r\nMicrosoft Office Word DOC 2010-2007-2003-2002\r\n\r\nAll seems very straight forward, and all were generated with the toolkit successfully. \r\n\r\nBut its not working.\r\n\r\nWe are testing on Microsoft 2010 and its not working with us. \r\n\r\nCan please tell me if I can install teamviewer and you can check why its not working.\r\n\r\nRegards.\r\n\r\n\r\n\r\n','en',66,'2012-08-20 08:09:05'),(15,'ZAR','support@gamma-international.de','Screensaver infection ','Hi,\r\n\r\nIn previous versions of Finspy, it was possible to embed the trojan into screensaver and the extension remains .scr. With V4.2 it changes the extension to .exe, any particular reason why this occurs.\r\n\r\nRegards','en',28,'2012-10-12 07:38:22'),(16,'Kien','support@gamma-international.de','Some ideas for the Finspy Mobile system to work better 1 ','1. Export SMS:\r\n- The system now exports SMS to txt files. But these files miss some important information such as: Incoming or outgoing phone numbers, IMEI, IMSI.\r\n- The system exports each SMS to 1 text files. It makes very difficult and takes a lot of time for us to summarize all information to generate a report for our boss.\r\nSuggenstion:\r\n- You should adjust the system to export SMS to only one and full .csv or excel files. These files include many columns, each column represents for an information, for example for Phone numbers or Time send, receive. If everything, every information stay together in one files so we are easy to summarize and make report.\r\n\r\n\r\n\r\n\r\n ','en',48,'2012-11-21 03:44:59'),(17,'Kien','support@gamma-international.de','Some ideas for the Finspy Mobile system to work better 1','1. SMS export:\r\n- The system generates exports to .txt files, one message to one .txt file. These txt files has missed some important information like incoming and outgoing phone numbers, Contact name, …\r\n- If the system exports one message to one txt files so it will takes us a lot of time to summarize everything and make reports. \r\nSuggestion: \r\n- Exports all of the new messages to single csv or excel file. You need to mark what messages has been exported before, so next time the system only exports the new messages. The file exported include many columns, each column represent for one information like: phone numbers, date time, content…\r\n2. The contact list\r\n- When the contact list is too long and the period of a connection is not enough for one time sending, then the next time the system will send the contact list from the beginning, not from where the last sending ended. Another problem is if the contact list haven’t sent completely, the sms and call logs are still on the queue. It will waste a lot of time. \r\nSuggestion:\r\n- Change the priority: SMS, Call log send first, Address book later.\r\n3. Bug with Android spyware generate:\r\nWe have tried to generate Android spyware before, it was ok. But now when we click Generate button, it take us quite a long time for waiting, and then the file being made was not .apk as usual, it was .dat files. We want to know how to fix this problems. \r\n','en',48,'2012-11-21 04:20:26'),(18,'Peter','support@gamma-international.de','New release','Hi,\r\n\r\nHow can I get the new, 4.30 release?\r\n\r\nRegards,\r\nPeter','en',73,'2013-03-12 09:15:46'),(19,'Juan','support@gamma-international.de','emails - gmail','since last Friday not being able to send trojans from a gmail account or a gmail account, the page gives a message that the file contains virus. From the hotmail page we don´t have problems and can send the Trojans.','en',84,'2013-09-03 19:23:41'),(20,'9772CC62','support@gamma-international.de','Аditional emaill ','Please add the following email and PGP our account .\r\n\r\nmoite.sk@gmail.com\r\n\r\n\r\n-----BEGIN PGP PUBLIC KEY BLOCK-----\r\nVersion: GnuPG v2.0.21 MingW32\r\n\r\nmQENBFJOjG8BCADvW5rqQ5wl7bvd51f4Hos+ITC986AIrkg8SvDeaNmhgTIo+vCQ\r\npsKvUEC04Oa9rNvgWsWvG/rSgBEQMT+3VDBPJLUw6DK8vcnUMnou8d+Z5jpLiZGh\r\nu1J3hYi71SMdZxPwNc4Us8KQP11mPkiigAcTZCVnAdIZMASlkFQVsu5GGc6nY4lI\r\ng/TrR4gkaWk71ZL4b5VA8npB4o4Zsis8AtqBfWsglsewt4+JpJex9HCOWJdOpUzH\r\njgSZP5PItvqhpwTm0sVkaKgeGG/DIYQPPV1ZfTC3NxN/kf2MADmWK21lKGfjDuih\r\n/U0Dm9PnJxH6ajv7NanWpjCpnefnSIxj83CLABEBAAG0Gm1vaXRlIDxtb2l0ZS5z\r\na0BnbWFpbC5jb20+iQE5BBMBAgAjBQJSToxvAhsPBwsJCAcDAgEGFQgCCQoLBBYC\r\nAwECHgECF4AACgkQj/VdKvbCh8E78wf7BQ7K26CsZV4eItuFGscJeVyjHotqIKDR\r\nYX+CTYEtVMXUhq4fTXKlhjofH2qsH4zpvehjHpj2uZAUiJ9F5irUVLfLxP+kbDYT\r\nFThVjqbI6b8Nwawk6zwWhVIXDFUP4rd/N/wnXyAFWiDBzZ5koBmz4tpXQUvwWfDK\r\naCC6YEOgS0da+zN9j+6CMi3TRmzgyYJs52fFALb6/4fOaNSArDhU4+n3g2pcTkgn\r\nG2yKpXeEAZTp/q5fMn+45Bq6xWooneGSPFXnA9oXkXRKUFwOGocM7tDGjVgWeavx\r\nGhEA95KsAKEk/v2/qIePg4VLS9DX15/G3gokYk/rRM2V8spgMrqBxg\r\neyhx\r\n-----END PGP PUBLIC KEY BLOCK-----','en',40,'2013-10-04 09:43:47'),(21,'ZAR','so@finfisher.com','FINSPY mobile','Hi Sales,\r\n\r\nWe are considering purchasing the FinSpy Mobile Package. \r\n\r\nWill you please supply us with a quotation as soon as possible.\r\n\r\nWe also had a demo a while ago, but you can supply us with the road map only.\r\n\r\nRegards\r\n','en',28,'2014-01-21 22:23:27'),(22,'Adham','support@gamma-international.de','errors on android','hello sirs.. we have the mobile system here and we have 2 problems shown to us so please inform it\r\n1- the application need more than 2 times to be installed in the target phone . tried on android 4.2 and up\r\n2- while the app installed in the target and while removed also from it , the sms shown to the target by hangouts and saved in the phone ','en',94,'2014-03-15 06:04:28'),(23,'NASSER','support@gamma-international.de','Changing email address','Could you change my email address from nas.qatar@gmail.com to n.alnuaimi@ssb.gov.qa','en',21,'2014-04-01 07:42:29'),(24,'NASSER','support@gamma-international.de','DOWNLOAD MATERIALS','Could you send me user manual and training slides for finspy and finusb.','en',21,'2014-04-01 07:47:16'),(25,'NASSER','support@gamma-international.de','FINUSB DONGALE ERR UPDATE ','i got this message when im trying to update the dongle \r\nopenssl not installed !\r\nplase install openssl and try agian !','en',21,'2014-04-01 18:10:06'),(26,'OSA/OBA Bosnia and H','support@gamma-international.de','License problem','Good afternoon support,\r\n\r\nWe have a problem with our agent client, when we try to login we get popup: Your license is expired. The software updates for this product are disabled. Please contact the Administrator or use the Import License button to install the license extension.\r\n\r\nWe didnt get any license for import, what to do?\r\n\r\nThanks,\r\n','en',82,'2014-05-29 13:16:50'),(27,'OSA/OBA Bosnia and H','support@gamma-international.de','License problem','Also if you use skype, please add me, my username is sanjin.custovic\r\n\r\nThanks,','en',82,'2014-05-29 13:17:36'),(28,'OSA/OBA','support@gamma-international.de','System administrator problem','Hello support,\r\n\r\nWe have problem when we try to login with system administrator account finspy on agent, password is not working, can you tell us how can we reset password for system administrator so we can import new license.\r\n\r\nThanks in advance,','en',82,'2014-07-15 10:03:37'); /*!40000 ALTER TABLE `feedback` ENABLE KEYS */; UNLOCK TABLES;

table material

-- -- Table structure for table `material` --

DROP TABLE IF EXISTS `material`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `material` (

 `MaterialID` int(4) NOT NULL AUTO_INCREMENT,
 `Author` varchar(50) DEFAULT NULL,
 `SrcName` varchar(100) DEFAULT NULL,
 `SrcDisplayURL` varchar(100) DEFAULT NULL,
 `SrcSiteURL` varchar(100) DEFAULT NULL,
 `Date` date NOT NULL DEFAULT '0000-00-00',
 `Title` varchar(250) NOT NULL DEFAULT ,
 `OriginalTitle` varchar(250) DEFAULT NULL,
 `Abstract` longtext NOT NULL,
 `HtmlText` longtext,
 `TimeStamp` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
 `DataEntryDate` datetime DEFAULT NULL,
 `Language` char(2) DEFAULT 'en',
 `TypeID` smallint(2) DEFAULT NULL,
 `UserID` int(4) NOT NULL DEFAULT '0',
 `ShowDate` tinyint(1) DEFAULT '0',
 `Deleted` tinyint(1) DEFAULT '0',
 PRIMARY KEY (`MaterialID`)

) ENGINE=MyISAM AUTO_INCREMENT=4 DEFAULT CHARSET=latin1 CHECKSUM=1 DELAY_KEY_WRITE=1 ROW_FORMAT=DYNAMIC; /*!40101 SET character_set_client = @saved_cs_client */;

-- -- Dumping data for table `material` --

LOCK TABLES `material` WRITE; /*!40000 ALTER TABLE `material` DISABLE KEYS */;

INSERT INTO `material` VALUES (1,,,,,'2009-09-28','About Us',,,'

Our company

\r\n

FinFisher is a dynamic and client dedicated company that employs some of the best specialists world-wide in the field of research, development and offensive IT intrusion.

\r\n

While the Munich based developers constantly seek to use the latest technologies available for their products, the global sales team ensures that all innovations are driven by marked demand or in some cases specific customer requirements.

\r\n

\r\n

FinFisher stands for

\r\n
\r\n
\r\n
    \r\n
  • Top quality end-to-end solutions, developed for and introduced to clients by world-class specialists
  • \r\n
  • Unique portfolio and expertise to build up effective cyber security departments
  • \r\n
\r\n
\r\n
\r\n
    \r\n
  • Trustworthy and reliable partners that treat their customers with the utmost confidentiality
  • \r\n
  • More than ten years of experience in the field of innovative IT intrusion
  • \r\n
\r\n

Company profile

\r\n
\r\n
    \r\n
  • Headquartered in Munich, Germany
  • \r\n
  • Global Sales and Representative Offices
  • \r\n
  • Over 40 employees
  • \r\n
  • Established in 2007 as part of the Gamma Group
  • \r\n
  • Independent organization and owned since 1st October 2013
  • \r\n
  • Financially independent and privately owned
  • \r\n
\r\n
\r\n
\r\n
\r\n

','2014-02-18 13:17:47','2009-09-28 00:00:00','en',1,1,0,0),(3,,,,,'2009-10-04','Sales & Marketing',,,'

\r\n <tbody>\r\n \r\n \r\n \r\n \r\n </tbody>\r\n
<img width=\"115\" border=\"1\" align=\"top\" height=\"73\" src=\"/GGI/UserFiles/Image/Globe-with-Europe-&-Asia-Region_27-03-09.png\" alt=\"Sales & Marketing\" />\r\n

FinFisher GmbH

Munich
Germany

Tel. +49 89 785 76175

=\"mailto:so@finfisher.com\">dm@finfisher.com</a>

\r\n

','2014-02-18 13:17:34','2009-10-04 13:38:29','en',1,1,0,0),(2,,,,,'2009-10-04','Support',,,'

\r\n <tbody>\r\n \r\n \r\n \r\n \r\n </tbody>\r\n
<img align=\"top\" width=\"115\" height=\"82\" border=\"1\" alt=\"Support\" src=\"/GGI/UserFiles/Image/4970628.jpg\" />\r\n

FinFisher GmbH

Munich
Germany

Tel. +49 89 78576175

=\"mailto:support@finfisher.com\">support@finfisher.com</a>

\r\n

','2014-01-18 20:40:13','2009-10-04 13:42:25','en',1,1,0,0);

/*!40000 ALTER TABLE `material` ENABLE KEYS */; UNLOCK TABLES;

table material_sitemap_section

-- -- Table structure for table `material_sitemap_section` --

DROP TABLE IF EXISTS `material_sitemap_section`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `material_sitemap_section` (

 `ID` int(4) NOT NULL AUTO_INCREMENT,
 `MaterialID` int(4) NOT NULL DEFAULT '0',
 `SiteMapSectionID` int(4) NOT NULL DEFAULT '0',
 `Priority` smallint(2) DEFAULT '1',
 `Enabled` tinyint(1) DEFAULT '1',
 PRIMARY KEY (`ID`)

) ENGINE=MyISAM AUTO_INCREMENT=66 DEFAULT CHARSET=latin1 CHECKSUM=1 DELAY_KEY_WRITE=1 ROW_FORMAT=FIXED; /*!40101 SET character_set_client = @saved_cs_client */;

-- -- Dumping data for table `material_sitemap_section` --

LOCK TABLES `material_sitemap_section` WRITE; /*!40000 ALTER TABLE `material_sitemap_section` DISABLE KEYS */; INSERT INTO `material_sitemap_section` VALUES (65,1,1,1,1),(63,2,5,1,1),(64,3,6,1,1); /*!40000 ALTER TABLE `material_sitemap_section` ENABLE KEYS */; UNLOCK TABLES;

table material_types

-- -- Table structure for table `material_types` --

DROP TABLE IF EXISTS `material_types`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `material_types` (

 `TypeID` smallint(2) NOT NULL AUTO_INCREMENT,
 `Name` varchar(100) DEFAULT NULL,
 `Description` tinyblob,
 `Language` char(2) DEFAULT 'en',
 `Enabled` tinyint(1) DEFAULT '1',
 PRIMARY KEY (`TypeID`)

) ENGINE=MyISAM AUTO_INCREMENT=4 DEFAULT CHARSET=latin1 ROW_FORMAT=DYNAMIC; /*!40101 SET character_set_client = @saved_cs_client */;

-- -- Dumping data for table `material_types` --

LOCK TABLES `material_types` WRITE; /*!40000 ALTER TABLE `material_types` DISABLE KEYS */; INSERT INTO `material_types` VALUES (1,'Document',,'en',1),(2,'DVD',,'en',1),(3,'Article',,'en',1); /*!40000 ALTER TABLE `material_types` ENABLE KEYS */; UNLOCK TABLES;

table menu_items

-- -- Table structure for table `menu_items` --

DROP TABLE IF EXISTS `menu_items`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `menu_items` (

 `ItemID` int(4) NOT NULL AUTO_INCREMENT,
 `ItemName_Ar` varchar(100) DEFAULT NULL,
 `ItemName_En` varchar(100) DEFAULT NULL,
 `PageLink` varchar(255) DEFAULT '#',
 `PageTarget` varchar(10) DEFAULT '_self',
 `DisplayOrder` smallint(2) DEFAULT '50',
 `IsForAdmin` tinyint(1) DEFAULT '1',
 `IsForNonAdmin` tinyint(1) DEFAULT '0',
 `Enabled` tinyint(1) DEFAULT '1',
 `PermissionID` int(4) DEFAULT NULL,
 `KSMParentID` varchar(100) DEFAULT 'root' COMMENT 'Kool Slide Menu ID',
 `KSMID` varchar(100) DEFAULT NULL COMMENT 'Kool Slide Menu Parent ID',
 `IsChild` tinyint(1) DEFAULT '1',
 PRIMARY KEY (`ItemID`)

) ENGINE=MyISAM AUTO_INCREMENT=27 DEFAULT CHARSET=latin1; /*!40101 SET character_set_client = @saved_cs_client */;

-- -- Dumping data for table `menu_items` --

LOCK TABLES `menu_items` WRITE; /*!40000 ALTER TABLE `menu_items` DISABLE KEYS */; INSERT INTO `menu_items` VALUES (2,'User Management System','User Management System','#','_self',1,1,0,1,NULL,'root','UMS',0),(3,'Manage Users','Manage Users','../Admin/user_index.php','_self',2,1,0,1,1,'UMS','ManageUsers',1),(4,'Manage Roles & Permissions','Manage Roles & Permissions','../Admin/role_index.php','_self',3,1,0,1,2,'UMS','ManagerRolesPermissions',1),(5,'Content Management System','Content Management System','#','_self',4,1,0,1,NULL,'root','CMS',0),(6,'Manage Material Types','Manage Material Types','../Admin/mt_index.php','_self',5,1,0,1,4,'CMS','ManageMaterialTypes',1),(7,'Manage Attachment Types','Manage Attachment Types','../Admin/att_index.php','_self',6,1,0,1,5,'CMS','ManageAttachmentTypes',1),(8,'Manage Site Map','Manage Site Map','../Admin/sitemap_sections.php','_self',7,1,0,1,3,'CMS','ManageSiteMap',1),(9,'Manage Site Materials','Manage Site Materials','../Admin/materials_index.php','_self',8,0,1,1,6,'CMS','ManageSiteMaterials',1),(10,'News Management System','News Management System','#','_self',9,1,0,1,NULL,'root','NMS',0),(11,'Manage News & Events','Manage News & Events','../Admin/news_index.php','_self',10,1,0,1,15,'NMS','ManageNewsEvents',1),(12,'Manage Newsletters','Manage Newsletters','../Admin/newsletter_index.php','_self',11,1,0,1,14,'NMS','ManageNewsletter',1),(13,'Customer Management System','Customer Management System','#','_self',12,1,0,1,NULL,'root','CUMS',0),(14,'Manage Customers','Manage Customers','../Admin/customers_index.php','_self',13,1,0,1,8,'CUMS','ManageCustomers',1),(15,'Manage Customer Licenses','Manage Customer Licenses','../Admin/customer_license_index.php','_self',14,1,0,1,9,'CUMS','ManageCustomerLicenses',1),(16,'Product Management System','Product Management System','#','_self',15,1,0,1,NULL,'root','PMS',0),(17,'Manage Products','Manage Products','../Admin/product_index.php','_self',16,1,0,1,10,'PMS','ManageProducts',1),(19,'Manage Products Updates','Manage Products Updates','../Admin/product_update_index.php','_self',17,1,0,1,11,'PMS','ManageProductUpdates',1),(20,'Manage Products FAQs','Manage Products FAQs','../Admin/product_faq_index.php','_self',18,1,0,1,12,'PMS','ManageProductFAQ',1),(21,'Manage Products Documents','Manage Products Documents','../Admin/product_documents_index.php','_self',19,1,0,1,13,'PMS','ManageProductDocuments',1),(23,'Manage Support Request Types','Manage Support Request Types','../Admin/support_requesttype_index.php','_self',21,1,0,1,16,'BRT','ManageSupportRequestTypes',1),(22,'Bug Reporting & Tracking','Bug Reporting & Tracking','#','_self',20,1,0,1,NULL,'root','BRT',0),(24,'Manage Support Request Statuses','Manage Support Request Statuses','../Admin/support_requeststatus_index.php','_self',22,1,0,1,17,'BRT','ManageSupportRequestStatuses',1),(26,'Manage Support Requests','Manage Support Requests','../Admin/customer_requests_index.php','_self',23,1,0,1,18,'BRT','ManageSupportRequests',1); /*!40000 ALTER TABLE `menu_items` ENABLE KEYS */; UNLOCK TABLES;

table news

-- -- Table structure for table `news` --

DROP TABLE IF EXISTS `news`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `news` (

 `NewsID` int(4) unsigned NOT NULL AUTO_INCREMENT,
 `Title` varchar(100) DEFAULT NULL,
 `Description` text,
 `PictureName` varchar(20) DEFAULT NULL,
 `NewsDate` varchar(100) DEFAULT NULL,
 `URL` mediumtext,
 `Target` varchar(10) DEFAULT '_blank',
 `NewsTypeID` tinyint(1) DEFAULT '1',
 `Enabled` tinyint(1) unsigned NOT NULL DEFAULT '1',
 `Deleted` tinyint(1) unsigned NOT NULL DEFAULT '0',
 `Language` char(2) DEFAULT 'en',
 `UserID` int(11) DEFAULT NULL,
 `DataEntryDate` datetime DEFAULT NULL,
 `LastUpdated` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
 PRIMARY KEY (`NewsID`)

) ENGINE=MyISAM AUTO_INCREMENT=72 DEFAULT CHARSET=latin1; /*!40101 SET character_set_client = @saved_cs_client */;

-- -- Dumping data for table `news` --

LOCK TABLES `news` WRITE; /*!40000 ALTER TABLE `news` DISABLE KEYS */; INSERT INTO `news` VALUES (29,'Link: The H-Security','Daily updated news-site that covers mostly all important security related news.\r\n',,'2010-01-01','www.h-online.com/security/','_blank',2,1,0,'en',5,'2010-03-12 17:09:39','2010-05-25 14:58:11'),(30,'Link: Cheat-Sheets','Amazing collection of professional cheat-sheets for all many topics including network protocols and application syntaxes.\r\n',,'2010-01-01','packetlife.net/library/cheat-sheets/','_blank',2,1,0,'en',5,'2010-03-12 17:11:47','2010-03-12 17:11:47'),(28,'Book: The Web Application Hacker\'s Handbook','This book is a practical guide to discovering and exploiting security flaws in web applications. The authors explain each category of vulnerability using real-world examples, screen shots and code extracts. The book is extremely practical in focus, and describes in detail the steps involved in detecting and exploiting each kind of security weakness found within a variety of applications such as online banking, e-commerce and other web applications.\r\n','News28.jpg','2010-03-12','www.amazon.com/Web-Application-Hackers-Handbook-Discovering/dp/0470170778/ref=sr_1_1?ie=UTF8&s=books&qid=1268332313&sr=8-1 --','_blank',2,1,0,'en',5,'2010-03-12 17:06:49','2010-03-12 17:07:45'),(27,'Book: The Art of Deception','Considering Mitnick\'s reputation as a hacker guru, it\'s ironic that the last point of attack for hackers using social engineering are computers. Most of the scenarios in The Art of Deception work just as well against computer-free organizations and were probably known to the Phoenicians; technology simply makes it all easier. Phones are faster than letters, after all, and having large organizations means dealing with lots of strangers.\r\n','News27.jpg','2010-03-12','www.amazon.com/Art-Deception-Controlling-Element-Security/dp/076454280X/ref=sr_1_3?ie=UTF8&s=books&qid=1268331543&sr=8-3','_blank',2,1,0,'en',5,'2010-03-12 17:04:35','2010-03-12 17:05:25'),(26,'Book: The Art of Intrusion','Infamous criminal hacker turned computer security consultant Mitnick offers an expert sequel to his best-selling The Art of Deception, this time supplying real-life rather than fictionalized stories of contemporary hackers sneaking into corporate servers worldwide.\r\n','News26.jpg','2010-03-10','www.amazon.com/Art-Intrusion-Exploits-Intruders-Deceivers/dp/0471782661/ref=sr_1_1?ie=UTF8&s=books&qid=1268331543&sr=8-1','_blank',2,1,0,'en',5,'2010-03-12 17:01:09','2010-03-12 17:02:27'),(56,'ISS World Europe','Prague, Czech Republic','News56.png','Jun. 5-7, 2012','www.issworldtraining.com/ISS_EUROPE/','_blank',1,1,1,'en',5,'2011-12-13 15:07:30','2011-12-13 14:09:55'),(25,'Book: Hacking: The Art of Exploitation','Hackers are always pushing the boundaries, investigating the unknown, and evolving their art. Even if you don\'t already know how to program, Hacking: The Art of Exploitation, 2nd Edition will give you a complete picture of programming, machine architecture, network communications, and existing hacking techniques. Combine this knowledge with the included Linux environment, and all you need is your own creativity.\r\n','News25.jpg','2010-02-28','www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441/ref=sr_1_1?ie=UTF8&s=books&qid=1268331537&sr=8-1','_blank',2,1,0,'en',5,'2010-03-12 13:14:02','2010-03-12 13:18:33'),(24,'Book: Gray Hat Hacking','Find out how to execute effective penetration tests, use fuzzers and sniffers, perform reverse engineering, and find security holes in Windows and Linux applications. You\'ll also learn how to trap and autopsy stealth worms, viruses, rootkits, adware, and malware.\r\n\r\n','News24.jpg','2010-03-01','www.amazon.com/Gray-Hat-Hacking-Second-Handbook/dp/0071495681/ref=sr_1_1?ie=UTF8&s=books&qid=1268331511&sr=8-1','_blank',2,1,0,'en',5,'2010-03-12 13:05:34','2010-03-12 13:11:40'),(31,'Link: TinEye: Reverse Image Search Engine','TinEye is a reverse image search engine. You can submit an image to TinEye to find out where it came from, how it is being used, if modified versions of the image exist, or to find higher resolution versions.\r\n\r\n',,'2010-01-01','www.tineye.com/','_blank',2,1,0,'en',5,'2010-03-12 17:13:24','2010-03-12 17:13:24'),(32,'Link: Read Notify','ReadNotify tells you when email you sent gets opened by a Target and displays you the Target\'s IP address, browser version and much more. It\'s a very powerful services for identifying Targets behind webmail accounts.\r\n',,'2010-01-01','www.readnotify.com/','_blank',2,1,0,'en',5,'2010-03-12 17:15:31','2010-03-12 17:16:44'),(55,'ISS World Europe','Prague, Czech Republic','News55.png','Jun. 5-7, 2012','www.issworldtraining.com/ISS_EUROPE/','_blank',1,1,1,'en',5,'2011-12-13 15:04:37','2011-12-13 14:05:51'),(54,'HOSDB 2012','Farnborough, UK','News54.png','Jan. 31-Feb. 02, 2012','www.adsgroup.org.uk/pages/25413149.asp','_blank',1,1,1,'en',5,'2011-12-13 14:59:41','2011-12-13 14:05:57'),(53,'ISS World Europe','Prague, Czech Republic','News53.png','Jun. 5-7, 2012','www.issworldtraining.com/ISS_EUROPE/','_blank',1,1,1,'en',5,'2011-12-12 18:40:05','2011-12-13 14:00:51'),(36,'Book: SQL Injection Attacks and Defense','This title is the winner of the Best Book Bejtlich Read in 2009 award! \'SQL injection is probably the number one problem for any server-side application, and this book is unequaled in its coverage\' - Richard Bejtlich. SQL injection represents one of the most dangerous and well-known, yet misunderstood, security vulnerabilities on the internet, largely because there is no central repository of information to turn to for help. This is the only book devoted exclusively to this long-established but recently growing threat. It includes all the currently known information about these attacks and significant insight from its contributing team of SQL injection experts. What is SQL injection? Understand what it is and how it works. Find, confirm, and automate SQL injection discovery. Discover tips and tricks for finding SQL injection within the code. Create exploits using SQL injection. Design to avoid the dangers of these attacks.','News36.jpg','2010-05-18','www.amazon.de/Injection-Attacks-Defense-Justin-Clarke/dp/1597494240/ref=sr_1_1?ie=UTF8&s=books-intl-de&qid=1274184797&sr=8-1','_blank',2,1,0,'en',5,'2010-05-18 12:15:49','2010-05-18 12:28:01'),(37,'Book: Scene of the Cybercrime','When it comes to computer crimes, the criminals got a big head start. But the law enforcement and IT security communities are now working diligently to develop the knowledge, skills, and tools to successfully investigate and prosecute Cybercrime cases. When the first edition of \"Scene of the Cybercrime\" published in 2002, it was one of the first books that educated IT security professionals and law enforcement how to fight Cybercrime. Over the past 5 years a great deal has changed in how computer crimes are perpetrated and subsequently investigated. Also, the IT security and law enforcement communities have dramatically improved their ability to deal with Cybercrime, largely as a result of increased spending and training.','News37.jpg','2010-05-18','www.amazon.de/Scene-Cybercrime-Debra-Littlejohn-Shinder/dp/1597492760/ref=sr_1_1?ie=UTF8&s=books-intl-de&qid=1274185158&sr=1-1','_blank',2,1,0,'en',5,'2010-05-18 12:20:17','2010-05-25 14:56:41'),(38,'Book: CD and DVD Forensics','\"CD and DVD Forensics\" will take the reader through all facets of handling, examining, and processing CD and DVD evidence for computer forensics. At a time where data forensics is becoming a major part of law enforcement and prosecution in the public sector, and corporate and system security in the private sector, the interest in this subject has just begun to blossom. \"CD and DVD Forensics\" is a how to book that will give the reader tools to be able to open CDs and DVDs in an effort to identify evidence of a crime. These tools can be applied in both the public and private sectors. Armed with this information, law enforcement, corporate security, and private investigators will be able to be more effective in their evidence related tasks','News38.jpg','2010-05-18','www.amazon.de/CD-DVD-Forensics-Syngress-Media/dp/1597491284/ref=sr_1_1?ie=UTF8&s=books-intl-de&qid=1274185596&sr=1-1','_blank',2,1,0,'en',5,'2010-05-18 12:27:16','2010-05-18 12:29:00'),(48,'Cyber Warfare Europe','Berlin, Germany','News48.png','September 26-29, 2011','www.cyberwarfare-europe.com/Event.aspx?id=512314','_blank',1,1,1,'en',5,'2011-06-30 14:54:21','2011-09-30 08:36:57'),(40,'Milipol Paris','Paris, France','News40.png','October 18-21, 2011','en.milipol.com/','_blank',1,1,1,'en',5,'2011-01-03 11:31:52','2011-10-24 13:09:32'),(49,'ICPO 2011','Hanoi, Vietnam','News49.png','Oct. 31-Nov. 03, 2011','www.interpol.int/','_blank',1,1,1,'en',5,'2011-09-30 10:35:50','2011-12-12 17:37:08'),(50,'ISS Asia Pacific','Kuala Lumpur, Malaysia','News50.png','Dec. 6-8, 2011','www.issworldtraining.com/ISS_AP/','_blank',1,1,1,'en',5,'2011-10-24 15:10:56','2011-12-12 17:37:04'),(51,'ISS World Europe','Prague, Czech Republic','News51.png','Jun. 5-7, 2012','www.issworldtraining.com/ISS_EUROPE/','_blank',1,1,1,'en',5,'2011-10-24 15:12:12','2011-12-13 14:03:10'),(45,'ISS World Latin America','Brasilia, Brazil','News45.png','July 26-28, 2011','www.issworldtraining.com/ISS_BRASILIA/index.htm','_blank',1,1,1,'en',5,'2011-03-29 11:44:12','2011-06-30 12:52:58'),(52,'ISS World MEA','Dubai, UAE','News52.png','Feb. 13-15, 2012','www.issworldtraining.com/ISS_MEA/index.htm','_blank',1,1,1,'en',5,'2011-12-12 18:38:56','2011-12-13 14:06:03'),(47,'ISS World Americas','Washington DC, USA','News47.png','October 11-13, 2011','www.issworldtraining.com/ISS_WASH/','_blank',1,1,1,'en',5,'2011-03-29 11:49:24','2011-10-24 13:09:28'),(57,'ISS World MEA','Dubai, UAE','News57.png','Feb. 13-15, 2012','www.issworldtraining.com/ISS_MEA/index.htm','_blank',1,1,1,'en',5,'2011-12-13 15:09:11','2011-12-13 14:09:48'),(58,'ISS World Latin America','Brazilia, Brazil','News58.png','July 24-26, 2012','www.issworldtraining.com/ISS_BRASILIA/index1.htm','_blank',1,1,1,'en',5,'2011-12-13 15:11:04','2012-10-10 09:17:43'),(59,'ISS World MEA','Dubai, UAE','News59.png','March 4-6, 2013','www.issworldtraining.com/iss_mea/','_blank',1,1,1,'en',5,'2011-12-13 15:12:56','2013-07-08 09:45:41'),(60,'ISS World Asia Pacific','Kuala Lumpur, Malaysia','News60.png','December 11-13, 2012','www.issworldtraining.com/iss_ap/','_blank',1,1,1,'en',5,'2011-12-13 15:14:20','2013-07-08 09:45:38'),(61,'Home Office (Security & Policing 2013)','Farnborough, UK ','News61.png','March 12-14, 2013','www.adsgroup.org.uk/articles/29679','_blank',1,1,1,'en',5,'2012-10-10 10:58:11','2013-07-08 09:45:34'),(62,'ISS World Americas','Washington, DC','News62.jpg','October 10-12, 2012','www.issworldtraining.com/ISS_WASH/index.htm','_blank',1,1,1,'en',5,'2012-10-10 11:17:11','2013-07-08 09:45:30'),(63,'ISS Latin America','Brasilia, Brazil','News63.png','July 23-25, 2013','www.issworldtraining.com/ISS_BRASILIA/index1.htm','_blank',1,1,1,'en',5,'2013-07-08 11:47:31','2014-02-17 14:57:12'),(64,'ISS World Americas','Washington, D.C.','News64.png','September 25-27, 2013','www.issworldtraining.com/ISS_WASH/index.htm','_blank',1,1,1,'en',5,'2013-07-08 11:49:03','2014-02-17 14:57:18'),(65,'Milipol Paris','Paris, France','News65.png','November 19-22, 2013','en.milipol.com/','_blank',1,1,1,'en',5,'2013-07-08 11:50:41','2014-02-17 14:57:27'),(66,'ISS World Middle East','Dubai, UAE','News66.png','March 3-5, 2014','www.issworldtraining.com/ISS_MEA/index.htm','_blank',1,1,1,'en',10,'2014-02-17 15:19:47','2014-03-10 09:43:37'),(67,'ISS World Europe','Prague, Czech Republic','News67.png','June 3-5, 2014','www.issworldtraining.com/ISS_EUROPE/','_blank',1,1,0,'en',10,'2014-02-17 15:26:11','2014-02-17 14:48:38'),(68,'ISS World South Africa','Johannesburg, ZA','News68.png','July 15-17, 2014','www.issworldtraining.com/ISS_SA/index.htm','_blank',1,1,0,'en',10,'2014-02-17 15:33:51','2014-02-18 08:36:32'),(69,'ISS World Americas','Washington D.C., USA','News69.png','October 6-8, 2014','www.issworldtraining.com/ISS_WASH/index.htm','_blank',1,1,0,'en',10,'2014-02-17 15:35:19','2014-02-17 14:48:01'),(70,'Milipol Qatar','Doha, Qatar','News70.png','November 10-12, 2014','www.milipolqatar.com/','_blank',1,1,1,'en',10,'2014-02-17 15:37:28','2014-03-26 09:30:50'),(71,'ISS World Asia','Kuala Lumpur, Malaysia','News71.png','December 2-4, 2014','www.issworldtraining.com/ISS_AP/','_blank',1,1,0,'en',10,'2014-02-17 15:39:13','2014-02-17 14:47:41'); /*!40000 ALTER TABLE `news` ENABLE KEYS */; UNLOCK TABLES;

table news_type

-- -- Table structure for table `news_type` --

DROP TABLE IF EXISTS `news_type`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `news_type` (

 `NewsTypeID` tinyint(3) unsigned NOT NULL AUTO_INCREMENT,
 `Name` varchar(50) DEFAULT NULL,
 `Description` varchar(250) DEFAULT NULL,
 `Language` char(2) DEFAULT 'en',
 `Enabled` tinyint(1) DEFAULT '1',
 `UserID` int(11) DEFAULT NULL,
 `DataEntryDate` timestamp NULL DEFAULT CURRENT_TIMESTAMP,
 `LastUpdated` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00',
 PRIMARY KEY (`NewsTypeID`)

) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=utf8; /*!40101 SET character_set_client = @saved_cs_client */;

-- -- Dumping data for table `news_type` --

LOCK TABLES `news_type` WRITE; /*!40000 ALTER TABLE `news_type` DISABLE KEYS */; INSERT INTO `news_type` VALUES (1,'Events',NULL,'en',1,1,'2009-09-28 23:37:02','0000-00-00 00:00:00'),(2,'IT Security News',NULL,'en',1,1,'2009-09-28 23:37:16','0000-00-00 00:00:00'); /*!40000 ALTER TABLE `news_type` ENABLE KEYS */; UNLOCK TABLES;

table newsletter

-- -- Table structure for table `newsletter` --

DROP TABLE IF EXISTS `newsletter`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `newsletter` (

 `NewsletterID` int(4) unsigned NOT NULL AUTO_INCREMENT,
 `Title` varchar(100) DEFAULT NULL,
 `FileName` varchar(100) DEFAULT NULL,
 `Enabled` tinyint(1) unsigned NOT NULL DEFAULT '1',
 `Deleted` tinyint(1) unsigned NOT NULL DEFAULT '0',
 `Language` char(2) DEFAULT 'en',
 `UserID` int(11) DEFAULT NULL,
 `DataEntryDate` datetime DEFAULT NULL,
 `LastUpdated` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
 PRIMARY KEY (`NewsletterID`)

) ENGINE=MyISAM AUTO_INCREMENT=18 DEFAULT CHARSET=latin1 ROW_FORMAT=DYNAMIC; /*!40101 SET character_set_client = @saved_cs_client */;

-- -- Dumping data for table `newsletter` --

LOCK TABLES `newsletter` WRITE; /*!40000 ALTER TABLE `newsletter` DISABLE KEYS */; INSERT INTO `newsletter` VALUES (16,'FinFisher - Internal Newsletter March 2011','FinFisher - Internal Newsletter Mar 2011.pdf',1,0,'en',5,'2011-03-29 11:58:36','2011-03-29 10:00:30'),(17,'FinFisher - Internal Newsletter July 2011','FinFisher - Internal Newsletter Jul 2011.pdf',1,0,'en',5,'2011-07-25 13:38:49','2011-07-25 11:38:49'); /*!40000 ALTER TABLE `newsletter` ENABLE KEYS */; UNLOCK TABLES;

table permission

-- -- Table structure for table `permission` --

DROP TABLE IF EXISTS `permission`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `permission` (

 `PermissionID` int(4) NOT NULL AUTO_INCREMENT,
 `PermissionName` varchar(100) DEFAULT NULL,
 `PermissionTypeID` tinyint(1) DEFAULT '1',
 `Language` char(2) DEFAULT 'en',
 `Enabled` tinyint(1) DEFAULT '1',
 PRIMARY KEY (`PermissionID`)

) ENGINE=InnoDB AUTO_INCREMENT=19 DEFAULT CHARSET=latin1 CHECKSUM=1 DELAY_KEY_WRITE=1 ROW_FORMAT=DYNAMIC; /*!40101 SET character_set_client = @saved_cs_client */;

-- -- Dumping data for table `permission` --

LOCK TABLES `permission` WRITE; /*!40000 ALTER TABLE `permission` DISABLE KEYS */; INSERT INTO `permission` VALUES (1,'Manage Users',1,'en',1),(2,'Manage Roles & Permissions',1,'en',1),(3,'Manage Sitemap',1,'en',1),(4,'Manage Material Types',1,'en',1),(5,'Manage Attachment Types',1,'en',1),(6,'Manage Site Materials',1,'en',1),(7,'Manage Material\'s Attachments',1,'en',1),(8,'Manage Customers',1,'en',1),(9,'Manage Customer Licenses',1,'en',1),(10,'Manage Products',1,'en',1),(11,'Manage Product Updates',1,'en',1),(12,'Manage Product FAQ',1,'en',1),(13,'Manage Product Documents',1,'en',1),(14,'Manage Newsletter',1,'en',1),(15,'Manage News & Events',1,'en',1),(16,'Manage Support Request Types',1,'en',1),(17,'Manage Support Request Statuses',1,'en',1),(18,'Manage Customer Support Requests',1,'en',1); /*!40000 ALTER TABLE `permission` ENABLE KEYS */; UNLOCK TABLES;


table permission_types

-- -- Table structure for table `permission_types` --

DROP TABLE IF EXISTS `permission_types`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `permission_types` (

 `PermissionTypeID` int(2) NOT NULL AUTO_INCREMENT,
 `Name` varchar(50) DEFAULT NULL,
 PRIMARY KEY (`PermissionTypeID`)

) ENGINE=MyISAM AUTO_INCREMENT=3 DEFAULT CHARSET=latin1 ROW_FORMAT=DYNAMIC; /*!40101 SET character_set_client = @saved_cs_client */;

-- -- Dumping data for table `permission_types` --

LOCK TABLES `permission_types` WRITE; /*!40000 ALTER TABLE `permission_types` DISABLE KEYS */; INSERT INTO `permission_types` VALUES (1,'BackOffice Permissions'),(2,'Other Permissions'); /*!40000 ALTER TABLE `permission_types` ENABLE KEYS */; UNLOCK TABLES;


table product

-- -- Table structure for table `product` --

DROP TABLE IF EXISTS `product`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `product` (

 `ProductID` int(10) unsigned NOT NULL AUTO_INCREMENT COMMENT 'Autonumber primary key',
 `Title` varchar(50) DEFAULT NULL,
 `Description` mediumtext,
 `GenericInfo` longtext,
 `Roadmap` longtext,
 `PictureName` varchar(30) DEFAULT NULL,
 `DisplayOrder` tinyint(3) unsigned DEFAULT '1',
 `ShowOnHomePage` tinyint(1) unsigned DEFAULT '1',
 `Enabled` tinyint(1) unsigned NOT NULL DEFAULT '1',
 `Deleted` tinyint(1) DEFAULT '0',
 `Language` char(2) DEFAULT 'en',
 `UserID` int(10) unsigned DEFAULT NULL,
 `DataEntryDate` datetime DEFAULT NULL,
 `LastUpdated` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
 PRIMARY KEY (`ProductID`)

) ENGINE=InnoDB AUTO_INCREMENT=19 DEFAULT CHARSET=utf8; /*!40101 SET character_set_client = @saved_cs_client */;

-- -- Dumping data for table `product` --

LOCK TABLES `product` WRITE; /*!40000 ALTER TABLE `product` DISABLE KEYS */;

INSERT INTO `product` VALUES (1,'FinSpy','FinSpy is a professional Remote Monitoring Software that can be used by Law Enforcement or Intelligence Agencies to monitor the computer systems of targeted persons.','

<img width=\"160\" vspace=\"10\" hspace=\"10\" align=\"right\" height=\"250\" alt=\"\" src=\"/GGI/UserFiles/Image/FinFisher_Box_FinSpy.jpg\" />
\r\n
FinSpy is a field-proven Remote Monitoring Solution that enables Governments to face nowadays challenges of monitoring Mobile and Security-Aware Targets that regularly change location, use encrypted and anonymous communication channels and reside in foreign countries. Traditional Lawful Interception solutions face new challenges that can only be solved using active systems like FinSpy:
\r\n

\r\n

\r\n
    \r\n
  • Data not transmitted over any network
  • \r\n
  • Encrypted Communication
  • \r\n
  • Targets in foreign countries
  • \r\n
\r\n
FinSpy has been proven successful in operations around the world since many years and valuable intelligence has been acquired about Target Individuals and Organizations.
When FinSpy is installed on a computer system or mobile phone it can be remotely controlled and accessed as soon as it is connected to the internet/network, no matter where in the world the Target System is based.
\r\n
Usage Example 1: Intelligence Agency
\r\n
FinSpy was installed on several computer systems inside Internet Café’s in critical areas in order to monitor them for suspicious activity, especially Skype communication to foreign individuals. Using the Webcam, pictures of the Targets were done while they were using the system.
\r\n
Usage Example 2: Organized Crime
\r\n
FinSpy was covertly deployed on the mobile phones of several members of an Organized Crime Group. Using the GPS tracking data and silent calls, essential information could be gathered from every meeting that was done by this group.
\r\n

','Please note that this roadmap is subject to change without further notifications.

\r\n

\r\n <colgroup><col width=\"215\" style=\"mso-width-source:userset;mso-width-alt:7862;width:161pt\"></col></colgroup><colgroup><col width=\"285\" style=\"mso-width-source:userset;mso-width-alt:10422;width:214pt\"></col> </colgroup>\r\n <tbody>\r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n </tbody>\r\n
Release Date:  Q2 2014
Version: 4.60
ComponentFeature/Enhancement
Target PC -WindowsEnhancement Skype Module - Live Streaming
Target PC - WindowsEnhancement Microphone Module - Activate the disabled microphone
Target PC -WindowsData Collection Module: Removable Media
Target PC -LinuxEnhancement Screen Module: ABE Support
Target PC -LinuxData Collection Module - Microphone
Target PC - Mac OS XData Collection Module - Microphone
Target PC - Mac OS XEnhancement Screen Module - ABE Support
Target PC - Mac OS XRoot Kit Enhancement - Binary encryption for Trojan Components
Target PC - Mac OS XRoot Kit Enhancement - Hide Network Connections
AgentEnhance Data Analysis - Search through comments or importance level
Master/Proxy/RelayRoute all online requests through the Relays Chain
RelayAutomatic update for Relay
EnhancementImplement the capability to search for keywords in comments or search for importance level values
  
Release Date:  Q4 2014
Version: 4.70
ComponentFeature/Enhancement
Target PC -WindowsData Collection Module - Passwords and Secret Keys
Target PC -WindowsData Collection Module: Clipboard
Target PC -LinuxData Collection Module: Mouse Clicks
Target PC -LinuxData Collection Module: Removable Media
Target PC - Mac OS XData Collection Module: Mouse Clicks
Target PC - Mac OS XData Collection Module: Removable Media
New FeatureRecord the PGP Secret keys, S/MIME Secret Key, SSH Secret Keys and passwords which protect them
  
Release Date:    Unscheduled
Version: -
FeatureDescription
MasterCreate a new user right - Remove Archived Tagets
Target PC -WindowsEnhance the Mouse Clicks with ABE (Aplpication Based Events)
Target PC -WindowsEnhance the Deleted/Changed/Accessed Files Module with ABE (Application Based Events)
Target PC -WindowsEnhance the Scheduler Module with Application Based Events
Target PC -WindowsEnhance the Scheduler Module to schedule tasks for Forensics Module
Target PC - WindowsScreenshot recording based on Mouse Click Event
Target PC - WindowsData Collection Module: iOS Infection through iTunes
Target PC - Mac OS XEnhance the WebCam Module with ABE (Application Based Events)
Target PC - LinuxEnhance the WebCam Module with ABE (Application Based Events)
Agent/Master/Targetenhance Alert options with: Alert when target changes countries
Agent/Master/Targetenhance Alert options with: Alert when target types a predefined keyword(s)
AgentDefine Templates - predefined Target configurations

\r\n
','Product1.png',10,1,1,0,'en',5,'2009-09-22 14:04:58','2014-02-18 12:24:43'),(2,'FinFly LAN','FinFly is a set of products that are used for easy local network and remote infection of target systems. The main features include on the-fly infection of Executable and Screensaver downloads, triggering of Software Updates for well-known software','<img width=\"160\" vspace=\"10\" hspace=\"10\" align=\"right\" height=\"250\" alt=\"\" src=\"/GGI/UserFiles/Image/FinFisher_Box_FlyLite.jpg\" />
\r\n

One of the major challenges for Law Enforcement are mobile Targets where no physical access to the computer system can be achieved and who do not open any infected Files which have been sent via E-Mail to their accounts.

\r\n
\r\n

Especially security-aware Targets are almost impossible to infect as they keep their systems up-to-date and no exploits or other Basic Intrusion techniques will lead to success.

\r\nFinFly LAN was developed to deploy the Remote Monitoring Solution covertly on target systems in Local Area Networks (Wired and Wireless/802.11). It is able to infect Files that are downloaded by the Target on-the-fly or infect the Target by sending fake Software Updates for popular Software.
\r\n



Usage Example 1: Technical Surveillance Unit

A Technical Surveillance Unit was following a Target for weeks without getting the possibility to physical access the target computer. They used FinFly LAN to install the Remote Monitoring Solution on the target computer when he was using a public Hotspot at a coffee shop.

Usage Example 2: Anti-Corruption

FinFly LAN was used to remotely install the Remote Monitoring Solution on the computer of a Target while he was using it inside his hotel room at night. The Agents were in another room connected to the same network and manipulated the Websites the Target was visiting to trigger the installation.

','Please note that this roadmap is subject to change without further notifications.

\r\n

\r\n <colgroup><col width=\"215\" style=\"mso-width-source:userset;mso-width-alt:7862;width:161pt\"></col></colgroup><colgroup><col width=\"285\" style=\"mso-width-source:userset;mso-width-alt:10422;width:214pt\"></col> </colgroup>\r\n <tbody>\r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n </tbody>\r\n
Release Date:    Q2 2014
Version: 4.0
FeatureDescription
GUIEnhanced payload compatibility check 
Infection proxyEnhanced compatibility to FinFlyWeb infection methods
Infection proxyNew loader used for download infections. Avoids antivirus warnings.
GUI + infection proxyUpdate emulators for latest versions of supported programms (update infection)
Infection proxyResolved sporadic crashes occured during downloading of exe files
 
Release Date:    Q4 2014
Version: 4.1
FeatureDescription
GUIDisplay detailed informations about the traffic generated by targets
Infection proxyEnhanced compatibility to FinFlyWeb infection methods
GUI + infection proxyUpdate emulators for latest versions of supported programms (update infection)
  
Release Date:    Unscheduled
Version: -
FeatureDescription
GUI + infection proxyadd a new \'replace\' feature to the ffweb - fflan protocol
GUI + infection proxyadd a \'redirect\' feature to the infection engine

\r\n
','Product2.png',5,1,1,0,'en',5,'2009-09-22 14:06:09','2014-02-18 12:26:03'),(3,'FinUSB Suite','The FinUSB Suite is designed to help Law Enforcement and Intelligence Agencies to easily extract important information from a target system with little or no user intervention. The following describes the various components and their \r\nfunctions, features and limitations','

<img width=\"160\" vspace=\"10\" hspace=\"10\" align=\"right\" height=\"250\" src=\"/GGI/UserFiles/Image/FinFisher_Box_UsbSuit.jpg\" alt=\"\" />
\r\n
The FinUSB Suite is a flexible product that enables Law Enforcement and Intelligence Agencies to quickly and securely extract forensic information from computer systems without the requirement of IT-trained Agents.

It has been used in successful operations around the world where valuable intelligence has been acquired about Targets in covert- and overt operations.
\r\n

\r\n
\r\n

Usage Example 1: Covert Operation

\r\n
\r\n

A source in an Organised Crime Group (OCG) was given a FinUSB Dongle that secretly extracted Account Credentials of Web- and E-Mail accounts and Microsoft Office documents from the Target Systems while the OCG used the USB device to exchange regular files like Music, Video and Office Documents.

\r\n
After returning the USB device to the Head-Quarter the gathered data could be decrypted and analyzed and used to constantly monitor the group remotely.

\r\n

\r\n
Usage Example 2: Technical Surveillance Unit
\r\n
A Technical Surveillance Unit (TSU) was following a Target that was frequently visiting random Internet Café’s which made a monitoring with Trojan-Horse-like technology impossible. The FinUSB was used to extract the data left on the public Terminals used by the Target after he left it.

Several documents that the Target opened in his web-mail could be recovered this way. The gathered information included crucial Office files, Browsing History through Cookie analysis and more.

','Please note that this roadmap is subject to change without further notifications.

\r\n

\r\n <tbody>\r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n </tbody>\r\n
Release Date:    Q2 2014
Version: 3.7
FeatureDescription
Custom Forensics Tool SupportOffer the capability to import in Headquater an executable which can be configured to run and collect information from target system
Gather Information about installed hardwareCompile a list of all existing hardware
Extract installed Sofware informationCompile a list of all existing software
Obtain the System Services ListCompile a list of all installed services and the states: Running/Stopped,  Manual/Automatic
RAM DumpDump the physical memory into a file
Advanced Antivirus Bypass ImplementationImprove the Antivirus Bypassing on the target systems

\r\n

','Product3.png',1,1,1,0,'en',5,'2009-09-22 14:05:26','2014-02-18 13:10:06'),(4,'FinTraining','Security awareness is essential for any government to maintain IT security and successfully prevent threats against IT infrastructures which may result in a loss of confidentiality, data integrity and availability','

<img width=\"160\" vspace=\"10\" hspace=\"10\" align=\"right\" height=\"250\" alt=\"\" src=\"/GGI/UserFiles/Image/FinFisher_Box_Training.jpg\" />
\r\n
Security awareness is essential for any government to maintain IT security and successfully prevent threats against IT infrastructures which may result in a loss of confidentiality, data integrity and availability.

On the other side, topics like CyberWar, Active Interception and Intelligence Gathering through IT Intrusion become more important on a daily basis and require Governments to build IT Intrusion teams to face these new challenges.
\r\n
\r\n
The FinTraining courses are held by world-class IT Intrusion experts and are done in fully practical scenarios that are focused on real-life operations as required by the end-user to solve their daily challenges.

FinAdvisory combines the single trainings into a professional training and consulting program that builds up or enhances the capabilities of an IT Intrusion team. The Trainings are fully customized according to the end-users operational challenges and requirements. In order to ensure full usability of the transferred know-how, operational in-country support is provided during the program.
\r\n

','The Roadmap is currently in progress and will be published soon.','Product4.png',12,1,1,0,'en',5,'2009-09-22 14:05:57','2014-02-18 12:24:09'),(5,'FinIntrusion Kit','The FinIntrusion Kit consists of a wide-range of hard- and software to aid law enforcement and intelligence agencies in gaining access to information in several scenarios utilizing various IT intrusion techniques.','

<img width=\"160\" vspace=\"10\" hspace=\"10\" align=\"right\" height=\"250\" src=\"/GGI/UserFiles/Image/FinFisher_Box_IntusionKit.jpg\" alt=\"\" />
\r\n
FinIntrusion Kit was designed and developed by world-class IT Intrusion specialists that have over 10 years experience in their area through their work in several Tiger Teams (Red Teams) in the private and government sector assessing the security of different networks and organizations.
\r\n

\r\n


\r\nThe FinIntrusion Kit is the result of creating an up-to-date and covert operational Kit that can be used for most common IT Intrusion Operations in defensive and offensive areas. Current customers include Military CyberWar Departments, Intelligence Agencies, Police Intelligence and other Law Enforcement Agencies.

Usage Example 1: Technical Surveillance Unit

The FinIntrusion Kit was used to break the WPA encryption of a Targets home Wireless network and then monitor his Webmail (Gmail, Yahoo, …) and Social Networks (Facebook, MySpace, …) credentials which enabled the investigators to remotely monitor these accounts from the Head-Quarters without the necessity of being close to the Target.

Usage Example 2: IT Security

Several customers used the FinIntrusion Kit to successfully compromise the security of networks and computer systems for offensive and defensive purposes using various Tools and Techniques.

Usage Example 3: Strategic Use-Cases

The FinIntrusion Kit is widely used to remotely gain access to Target E-Mail Accounts and Target Web-Servers (e.g. Blogs, Discussion Boards) and monitor their activities including Access-Logs and more.','Please note that this roadmap is subject to change without further notifications.

\r\n

\r\n <colgroup><col width=\"215\" style=\"mso-width-source:userset;mso-width-alt:7862;width:161pt\"></col></colgroup><colgroup><col width=\"285\" style=\"mso-width-source:userset;mso-width-alt:10422;width:214pt\"></col> </colgroup>\r\n <tbody>\r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n </tbody>\r\n
Release Date:    Q1 2014
Version: 5.0
FeatureDescription
Wireless - Cracking - WPSDetect and Crack WPS encrypted wireless network
Wireless Scanner - permanent scanImplement a passive Wireless Realtime Scanner
Network Configuration - Static IP Configurationmodify static IP configuration settings
Wireless ConfigurationConfig Adapter to join an encrypted network after an Encryption was successfully broken...
Network Sniffer - HTTP Content ( Update )extract POST parameter, open URL in browser function, cookie extractor
Network Scanner - Stealth / Passive Modefind new targets based on broadcasts / packages without any active attacks / requests
Network + Wireless Scanner - TimestampList first/last seen time stamp for each target
Network - Improved Target Identificationbrowser detection, passive OS fingerprinting, DNS queries, Reverse DNS resolution (e.g. use internal DNS server)
Wireless - Cracking - Rainbowtable Supportgenerate Rainbowtable, use Rainbowtable for Cracking
Wireless - Capture / Exportcapture all Wireless Traffic + 4 Way-Handshake --> decrypt traffic and save content in an unencrypted PCAP file?
Forensic - Memdump Module
extract images, strings, document files and true crypt hashes from memory dump file
Forensic - Netdump Module
extract dns queries, http requests, wlan information (beacon, probe request/response) etc. from pcap file
<more features will be scheduled based on customer requests> 
  
Release Date:    Q3 2014
Version: 6.0
FeatureDescription
Password GeneratorGenerate and Modify Password Lists based on Templates or customized char sets
Password - Web CrawlerImplement a new Web Crawler
Email - Identify Mail Server (SMTP/POP3/IMAP)Implement new feature in the GUI
Network Configuration - Vlan Taggingimplement Vlan - Tagging to spoof dedicated VLAN Ids
Network Sniffer - DNS Spoofingimplement possibility of dnsspoofing
Network Sniffer - new Optionsfor HTTP search queries, DNS requests, Content like: Image/Documents/Search Queries
Wireless - Cracking - Improve WEP Crackingsupport all WEP cracking methods
Wireless - Fake AP - Improvementsupport MAC Spoofing + modify DHCP server settings
<more features will be scheduled based on customer requests> 
  
Release Date:    Unscheduled
Version: -
FeatureDescription
Advanced SSL - MitM Attackscheck BEAST, RC4, Crime and Renegotiation attacks ... 
Chat Sniffer / Viewersniff and recover IRC chats and show the conversation in the GUI
VOIP Sniffer / Recorder / Eavesdroppingsniff + crack SIP auth. and play recorded VOIP conversation
Password Brute Forcingagainst different services like POP3/IMAP, FTP, HTTP
TCP Flow / Reassemlyreconstruct a recorded TCP session and extract content
Network Attack - ICMP SpoofingImplement ICMP Redirect Attack
Network Attack - DHCP SpoofingTarget Hijacking with rouge DHCP server
Web App Hacking - SQL Injectionsql injection check against target web server
Network Scanner - OS Detectiondetect target OS based on broadcasts
Network Sniffer - Detectionidentify systems in the network who runs a network sniffer
Network Sniffer - internal Networkstart Network sniffer between two target systems in a (W)Lan
Evidence Protectionimplement Evidence Protection for signed Logging and Data Export
Target Exploitationautomatic target exploitation
  

\r\n
','Product5.png',2,1,1,0,'en',5,'2009-09-22 14:05:38','2014-02-18 12:26:56'),(11,'FinFly ISP','FinFly ISP is a strategic, countrywide as well as a tactical (mobile) solution that can be integrated into an ISP’s Access and/or Core Network to remotely install the Remote Monitoring Solution on selected Target Systems.','

<img width=\"160\" vspace=\"10\" hspace=\"10\" align=\"right\" height=\"250\" src=\"/GGI/UserFiles/Image/FinFisher_Box_FlyISP.jpg\" alt=\"\" />
\r\n
In many real-life operations, physical access to in-country Target Systems cannot be achieved and a covert remote installation of a Remote Monitoring Solution is required to be able to monitor the Target from within the Head-Quarter.

FinFly ISP is a strategic, countrywide as well as a tactical (mobile) solution that can be integrated into an ISP’s Access and/or Core Network to remotely install the Remote Monitoring Solution on selected Target Systems. FinFly ISP makes data available for LEAs which never will be accessible by using the classic telecommunications surveillance / monitoring methods e.g. because of encryption used prior to entering the Internet or because data will never be sent via the Internet at all (e.g. address books, specific documents, time schedules etc.).

FinFly ISP appliances are based on carrier grade server technology providing a maximum of reliability and scalability to meet almost every challenge related to networks’ topologies. A wide range of Network Interfaces – all secured with bypass functions – are available for the required active network connectivity.

Several passive and active methods of Target identification – from inline monitoring via passive tapping to interactive communication between FinFly ISP and the AAA-Servers – ensure that the Targets are identified and their appropriate traffic will be provided for the infection process.

FinFly ISP is able to infect Files that are downloaded by the Target on-the-fly or infect the Target by sending fake Software Updates for popular Software.

Usage Example: Intelligence Agency

FinFly ISP was deployed in the main Internet Service Providers networks of the country and is actively used to remotely deploy a Remote Monitoring Solution on Target Systems. As the Targets have Dynamic-IP DSL Accounts, they are identified with their Radius Logon Name.
\r\n

','Please note that this roadmap is subject to change without further notifications.

\r\n

\r\n <colgroup><col width=\"215\" style=\"mso-width-source:userset;mso-width-alt:7862;width:161pt\"></col></colgroup><colgroup><col width=\"285\" style=\"mso-width-source:userset;mso-width-alt:10422;width:214pt\"></col> </colgroup>\r\n <tbody>\r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n </tbody>\r\n
Release Date:    Q2 2014
Version: 4.5
FeatureDescription
Enhanced payload compatibility check  
Enhanced compatibility to FinFlyWeb infection methods 
Update emulators for latest versions of supported programms (update infection) 
No. of active connections for each TargetNon-Real-Time display of the No. of active connections for each FFISP Target ("N" seconds update interval).
Data Transfer for each TargetNon-Real-Time display of transferred amount of data for each FFISP Target ("M" seconds update interval).
De-Activate/Re-Activate ButtonsUser can De-Activate/Re-Activate single target entries without deleting the tgt and its payload(s) and settings.
 
Release Date:    Q4 2014
Version: 5.0
FeatureDescription
Enhanced compatibility to FinFlyWeb infection methods 
Update emulators for latest versions of supported programms (update infection) 
Infection FiltersWeb Infection Filter for User Agent
Download replacement. Fully replace downloads on-the-fly
  

\r\n','Product11.png',6,1,1,0,'en',5,'2009-11-25 18:02:41','2014-02-18 12:25:50'),(12,'FinFireWire','FinFireWire enables the Operator to quickly and covertly bypass the password-protected screens and access the Target System without leaving a trace or harming essential forensic evidence.\r\n','

<img width=\"160\" vspace=\"10\" hspace=\"10\" align=\"right\" height=\"250\" src=\"/GGI/UserFiles/Image/FinFisher_Box_FireWire.jpg\" alt=\"\" />
\r\n
Technical Surveillance Units and Forensic Experts often face a situation where they need to access a running computer system without shutting it down in order to prevent data loss or save essential time during an operation. In most cases, the Target System is protected with a password-enabled Screensaver or the target user is not logged in and the Login Screen is active.
\r\n

\r\n


FinFireWire enables the Operator to quickly and covertly bypass the password-protected screens and access the Target System without leaving a trace or harming essential forensic evidence.

Usage Example 1: Forensic Operation

A Forensic Unit entered the apartment of a Target and tried to access the computer system. The computer was switched on but the screen was locked. As they were not allowed due to legal reasons to use a Remote Monitoring Solution they would have lost all data by switching off the system as the hard-disk was fully encrypted. FinFireWire was used to unlock the running Target System and enable the Agent to copy all files before switching it off and taking it back to the Head-Quarter.

Usage Example 2: Remote Monitoring Installation

Several customers use the product to covertly access Target Systems when physical access can be achieved and install a Remote Monitoring Solution like FinSpy to be able to remotely monitor all activities of the Target.

','Please note that this roadmap is subject to change without further notifications.

\r\n

\r\n <colgroup><col width=\"215\" style=\"mso-width-source:userset;mso-width-alt:7862;width:161pt\"></col></colgroup><colgroup><col width=\"285\" style=\"mso-width-source:userset;mso-width-alt:10422;width:214pt\"></col> </colgroup>\r\n <tbody>\r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n </tbody>\r\n
Release Date:    Q2 2014
Version: 4.50
FeatureDescription
target database updateUpdate existing database for current OS versions (Windows, MacOSX, Linux)

\r\n
','Product12.png',3,1,1,0,'en',5,'2010-01-14 13:53:24','2014-02-18 12:26:38'),(13,'FinFly Web','FinFly Web is designed to provide remote and covert infection of a Target System by using a wide range of web-based attacks. FinFly Web provides a point-and-click interface enabling the Agent to easily create a custom infection code according to selected modules. Target Systems visiting a prepared website with the implemented infection code will be covertly infected with the configured software. ','

<img width=\"160\" vspace=\"10\" hspace=\"10\" align=\"right\" height=\"250\" src=\"/GGI/UserFiles/Image/FinFisher_Box_FlyWeb.jpg\" alt=\"\" />
\r\n
One of the major challenges in using Remote Monitoring Solutions is to install it onto the Target System, especially when only a little information, like an Email-Address, is available and no physical access can be achieved.
\r\n

\r\n
\r\n

FinFly Web is designed to provide remote and covert infection of a Target System by using a wide range of web-based attacks. FinFly Web provides a point-and-click interface enabling the Agent to easily create a custom infection code according to selected modules. Target Systems visiting a prepared website with the implemented infection code will be covertly infected with the configured software.

\r\n
Usage Example 1: Technical Surveillance Unit

After profiling a Target, the unit created a website of interest for the Target and sent him the link through a discussion board. Upon opening the Link to the unit’s website, a Remote Monitoring Solution was installed on the Target System and the Target could be monitored from within the Head-Quarter.

Usage Example 2: Intelligence Agency

The customer deployed FinFly ISP within the main Internet Service Provider of their country. It was combined with FinFly Web to remotely infect Targets that visited government offensive websites by covertly injecting the FinFly Web code into the targeted websites.','Please note that this roadmap is subject to change without further notifications.

\r\n

\r\n <colgroup><col width=\"215\" style=\"mso-width-source:userset;mso-width-alt:7862;width:161pt\"></col></colgroup><colgroup><col width=\"285\" style=\"mso-width-source:userset;mso-width-alt:10422;width:214pt\"></col> </colgroup>\r\n <tbody>\r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n </tbody>\r\n
Release Date:    Q2 2014
Version: 5.00
FeatureDescription
new moduleIE Addon / Silverlight(?)
update existing modulesSupport all latest version of supported browsers
activity logAdd activity log into GUI + store configuration file
  
Release Date:    Q4 2014
Version: 6.00
FeatureDescription
new moduleChrome Plugin / Addon / Application
upload clientSupport to upload generated output to public webserver
update existing modulesSupport all latest version of supported browsers
  
Release Date:    Unscheduled
Version: -
FeatureDescription
other new modules / techniquesNew possible modules have to be investigated
browser / OS detectionImprove existing module for target OS & browser detection / identification
inline viewerLive preview of generated output files

','Product13.png',7,1,1,0,'en',5,'2010-01-14 13:54:16','2014-02-18 12:25:38'),(14,'FinSpy Mobile','FinSpy Mobile is a Mobile Phone Infection and Surveillance System that can be used by Law Enforcement to silently monitor mobile devices. The FinSpy Mobile is ideal for situations where access to the mobile operator’s network is not easily available or where “OffAir Interception” is not practical or is limited due to encryption and accessibility.','

<img width=\"160\" vspace=\"10\" hspace=\"10\" align=\"right\" height=\"250\" alt=\"\" src=\"/GGI/UserFiles/Image/FinFisher_Box_SpyMobile.jpg\" />
\r\n
FinSpy Mobile is closing the gap of interception capabilities for Governments for most common smart phone platforms. Specifically, organizations without network or off-air based interception capabilities can access Mobile Phones and intercept the devices with enhanced capabilities. Furthermore, the solution offers access to encrypted communications as well as data stored on the devices that is not transmitted. Traditional tactical or strategic Interception solutions Face challenges that can only be solved using offensive systems like FinSpy Mobile:
\r\n
\r\n
    \r\n
  • Data not transmitted over any network and kept on the device
  • \r\n
  • Encrypted Communications in the Air-Interface, which avoid the usage of tactical active or passive Off-Air Systems
  • \r\n
  • End-to-end encryption from the device such as Messengers, Emails or PIN messages
  • \r\n
\r\n
FinSpy Mobile has been giving successful results to Government Agencies who gather information remotely from Target Mobile Phones.
When FinSpy Mobile is installed on a mobile phone it can be remotely controlled and monitored no matter where in the world the Target is located.
\r\n
Usage Example 1: Intelligence Agency
\r\n
FinSpy Mobile was deployed on BlackBerry mobile phones of several Targets to monitor all communications, including SMS/MMS, Email and BlackBerry Messenger.
\r\n
Usage Example 2: Organized Crime
\r\n
FinSpy Mobile was covertly deployed on the mobile phones of several members of an Organized Crime Group(OCG). Using the GPS tracking data and silent calls, essential information could be gathered from every meeting that was held by this group.
\r\n
\r\n

','Please note that this roadmap is subject to change without further notifications.

\r\n

\r\n <tbody>\r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n </tbody>\r\n
Release Date:  Q2 2014
Version: 4.60
ComponentFeature/Enhancement
Mobile Target - All (supported) PlatformsUpdate Capabilities for the infection
Mobile Target - All (supported) PlatformsNew Data Collection Module: Line Messenger
Mobile Target - All (supported) PlatformsNew Data Collection Module: Viber Messenger
Mobile Target - All (supported) PlatformsRecord Microphone
Mobile Target - Support for Blackberry 10Core Functionalities
Mobile Target - AndroidExploit Deployment Platform
AgentEnhanced Audio Embedded Viewer (Add sound editting capabilities.)
  
Release Date:  Q4 2014
Version: 4.70
ComponentFeature/Enhancement
Mobile Target - All (supported) PlatformsNew Data Collection Module: Tango (Video) Messenger
Mobile Target - All (supported) PlatformsNew Data Colletion Module: Silent Circle
Mobile Target - Windows PhoneCore Functionalities 
Mobile Target - Windows PhoneCalendar
Mobile Target - Windows PhoneSend/Received SMSes
Mobile Target - Windows PhonePhone Calls Log
Mobile Target - Blackberry 10Calendar
Mobile Target - Blackberry 10Send/Received SMSes
Mobile Target - Blackberry 10Phone Calls Log
 
Release Date:    Unscheduled
Version: -
FeatureDescription
Mobile Target - All (supported) PlatformsNew Data Collection Module: Keylogger
Mobile Target - BlackberryTarget Actions: Power Off
Mobile Target - BlackberryTarget Actions: Drain Battery
Mobile Target - iOSTarget Actions: Power Off
Mobile Target - iOSTarget Actions: Drain Battery
Mobile Target - AndroidTarget Actions: Power Off
Mobile Target - AndroidTarget Actions: Drain Battery
Mobile Target - SymbianTarget Actions: Power Off
Mobile Target - SymbianTarget Actions: Drain Battery
Mobile Target - Windows MobileTarget Actions: Power Off
Mobile Target - Windows MobileTarget Actions: Drain Battery
  

\r\n
','Product14.png',11,1,1,0,'en',5,'2010-02-02 18:10:57','2014-02-18 12:24:22'),(16,'FinFly USB','The FinFly USB provides an easy-to-use and reliable way of installing a Remote Monitoring Solution on computer systems when physical access is available.','

<img width=\"160\" vspace=\"10\" hspace=\"10\" align=\"right\" height=\"250\" src=\"/GGI/UserFiles/Image/FinFisher_Box_FlyUsb.jpg\" alt=\"\" />
\r\n
The FinFly USB provides an easy-to-use and reliable way of installing a Remote Monitoring Solution on computer systems when physical access is available.

It automatically installs the configured software on insertion into the computer with little or no userinteraction and does not require IT-trained Agents when used in operations. It can be used against multiple systems before being returned to Headquarters.
\r\n

\r\n


Usage Example 1: Technical Surveillance Unit

In several countries, the FinFly USB was used to covertly install a Remote Monitoring Solution in Internet Cafes and Business Centers by simply inserting the device into the Target Systems so they could be monitored remotely as required

Usage Example 2: Intelligence Agency

A Source in a domestic terror group was given a FinFly USB that secretly installed a Remote Monitoring Solution on several computer systems of the group when they were using the device to exchange documents between each other. The Target Systems were then remotely monitored from Headquarters and the FinFly USB was returned by the Source.

','Please note that this roadmap is subject to change without further notifications.

\r\n

\r\n <colgroup><col width=\"215\" style=\"mso-width-source:userset;mso-width-alt:7862;width:161pt\"></col></colgroup><colgroup><col width=\"285\" style=\"mso-width-source:userset;mso-width-alt:10422;width:214pt\"></col> </colgroup>\r\n <tbody>\r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n </tbody>\r\n
Release Date:    Q4 2014
Version: 3.00
FeatureDescription
Offline ExtractionExtract data from offline target

','Product16.png',4,1,1,0,'en',5,'2010-03-12 16:40:55','2014-02-18 12:26:18'),(17,'FinFly Net','In many real-life operations, physical access to in-country\r\ntarget systems cannot be achieved.\r\nTo solve this, a covert remote installation of a Remote\r\nMonitoring Solution is required to be able to monitor the\r\nTarget from within Headquarters.','

<img width=\"160\" vspace=\"10\" hspace=\"10\" align=\"right\" height=\"250\" src=\"/GGI/UserFiles/Image/FinFisher_Box_FinFlyNet.jpg\" alt=\"\" />
\r\n
In many real-life operations, physical access to in-country target systems cannot be
achieved. To solve this, a covert remote installation of a Remote Monitoring Solution is required to be able to monitor the Target from within Headquarters.
\r\n

FinFly NET is a tactical (portable) solution to be deployed in a „friendly“ LAN environment (like hotels, hotspots, companies - with support of the network owner) on short notice, to remotely install the Remote Monitoring Solution on selected target systems. FinFly NET is based on a high performance portable PC combined with a Management Notebook to provide maximum mobility and flexibility in the targeted networks. A wide range of Network Interface Cards – all secured with bypass functions – is available for the required active network connectivity.

The end-user can select several sophisticated passive methods of Target and Traffic Identification. These vary from DHCP/RADIUS Monitoring (MAC-Addresses, User Names), Flow Monitoring and Finger-Printing. Each method can be used either stand-alone or combined, to provide maximum success identifying the targets of interest. Of course fixed IP-Addresses can be used too. It is able to patch Files that are downloaded by the Target on-the-fly, send fake Software Updates for popular Software or inject the Payload into visited Websites.
\r\n

Usage Example LAN: Intelligence Agency

A FinFly NET is deployed i.e. in a hotel’s LAN in front of the DSLModem before the IP-traffic is transmitted to an Internet Service Provider network.

Targets of interest are identified in the IP-traffic by various passive profiling and identification methods and the Remote Monitoring Solution will be deployed on the positively identified Target Systems.

','Please note that this roadmap is subject to change without further notifications.

\r\n

\r\n <colgroup><col width=\"215\" style=\"mso-width-source:userset;mso-width-alt:7862;width:161pt\"></col></colgroup><colgroup><col width=\"285\" style=\"mso-width-source:userset;mso-width-alt:10422;width:214pt\"></col> </colgroup>\r\n <tbody>\r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n </tbody>\r\n
Release Date:    Q2 2014
Version: 4.5
FeatureDescription
GUIEnhanced payload compatibility check 
Infection proxyEnhanced compatibility to FinFlyWeb infection methods
GUI +  proxyUpdate emulators for latest versions of supported programms (update infection)
 
Release Date:    Q4 2014
Version: 5.0
FeatureDescription
Infection proxyEnhanced compatibility to FinFlyWeb infection methods
GUI +  proxyUpdate emulators for latest versions of supported programms (update infection)
Infection proxyInfection Filters
GUI +  proxyDownload replacement. Fully replace downloads on-the-fly
New FeatureWeb Infection Filter for User Agent
  

\r\n
','Product17.png',8,1,1,0,'en',5,'2012-05-10 10:00:05','2014-02-18 12:25:23'),(18,'FinFly Exploit','The FinFly Exploit Portal offers access to a large library of 0-Day and 1-Day Exploits for popular software like Microsoft® Office, Internet Explorer, Adobe Acrobat Reader, and many more.\r\nIn most scenarios, 0-Day Exploits provide an extremely powerful and reliable way to deploy Remote Monitoring Solutions by exploiting unpatched vulnerabilities in Software the Target is using.','

<img width=\"160\" vspace=\"10\" hspace=\"10\" align=\"right\" height=\"250\" src=\"/GGI/UserFiles/Image/FinFisher_Box_FinFlyExploit.jpg\" alt=\"\" />
\r\n
Standard Deployment methods for Remote Monitoring Solutions can often not be applied when dealing with well-trained and extremely careful Targets as they are familiar with common Deployment techniques and tools.

In most scenarios, 0-Day Exploits provide an extremely powerful and reliable way to deploy Remote Monitoring Solutions by exploiting unpatched vulnerabilities in Software the Target is using.
\r\n

\r\n


\r\nThe FinFly Exploit Portal offers access to a large library of 0-Day and 1-Day Exploits for popular software like Microsoft® Office, Internet Explorer, Adobe Acrobat Reader, and many more.

Usage Example 1: High-Tech Crime Unit

A High-Tech Crime Unit was investigating a Cyber-Crime and needed to deploy a Remote Monitoring Solution on a Target System. They used an Adobe Acrobat Reader 0-Day Exploit and sent a prepared PDF file via Email to the Target. The Remote Monitoring Solution was automatically deployed once the Target opened the file.

Usage Example 2: Intelligence Agency

A Target was identified within a Discussion Board but no direct or Email contact was possible. The Agency created a Webserver containing an Internet Explorer 0-day Exploit which deployed the Payload on the Target System once the Target opened the URL that was sent to him through a private message in the Discussion Board.','The Roadmap is currently in progress and will be published soon.','Product18.png',9,1,1,0,'en',5,'2012-05-10 12:48:42','2014-02-18 12:24:54');

/*!40000 ALTER TABLE `product` ENABLE KEYS */; UNLOCK TABLES;

table product_document

-- -- Table structure for table `product_document` --

DROP TABLE IF EXISTS `product_document`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `product_document` (

 `DocumentID` smallint(5) unsigned NOT NULL AUTO_INCREMENT,
 `Title` varchar(50) DEFAULT NULL,
 `Description` varchar(200) DEFAULT NULL,
 `FileName` varchar(100) DEFAULT NULL,
 `Extension` char(4) DEFAULT NULL,
 `PublishedDate` date DEFAULT NULL,
 `ShowDate` tinyint(1) DEFAULT '0',
 `DocumentTypeID` tinyint(1) unsigned NOT NULL DEFAULT '1',
 `ProductID` int(11) DEFAULT NULL,
 `Enabled` tinyint(1) unsigned DEFAULT '1',
 `Deleted` tinyint(1) unsigned DEFAULT '0',
 `Language` char(2) DEFAULT 'en',
 `UserID` int(11) DEFAULT NULL,
 `DataEntryDate` datetime DEFAULT NULL,
 `LastUpdated` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
 PRIMARY KEY (`DocumentID`)

) ENGINE=InnoDB AUTO_INCREMENT=105 DEFAULT CHARSET=utf8; /*!40101 SET character_set_client = @saved_cs_client */;

-- -- Dumping data for table `product_document` --

LOCK TABLES `product_document` WRITE; /*!40000 ALTER TABLE `product_document` DISABLE KEYS */; INSERT INTO `product_document` VALUES (53,'Download Catalog',,'FinFireWire-Catalog.pdf','pdf','2010-03-12',1,3,12,1,0,'en',5,'2010-03-12 17:44:53','2010-03-12 17:44:53'),(54,'Download Catalog',,'FinFly-ISP-Catalog.pdf','pdf','2010-03-12',1,3,11,1,0,'en',5,'2010-03-12 17:45:07','2010-03-12 17:45:07'),(55,'Download Catalog',,'FinFly-LAN-Catalog.pdf','pdf','2010-03-12',1,3,2,1,0,'en',5,'2010-03-12 17:45:23','2011-02-16 14:21:47'),(56,'Download Catalog',,'FinFly-USB-Catalog.pdf','pdf','2010-03-12',1,3,16,1,0,'en',5,'2010-03-12 17:45:45','2012-05-10 13:27:14'),(57,'Download Catalog',,'FinFly-Web-Catalog.pdf','pdf','2010-03-12',1,3,13,1,0,'en',5,'2010-03-12 17:46:02','2010-03-12 17:46:02'),(58,'Download Catalog',,'FinIntrusionKit-Catalog.pdf','pdf','2010-03-12',1,3,5,1,0,'en',5,'2010-03-12 17:46:16','2010-03-12 17:46:16'),(59,'Download Catalog',,'FinSpy-Catalog.pdf','pdf','2010-03-12',1,3,1,1,0,'en',5,'2010-03-12 17:46:37','2010-03-12 17:46:37'),(60,'Download Catalog',,'FinSpy-Mobile-Catalog.pdf','pdf','2010-03-12',1,3,14,1,0,'en',5,'2010-03-12 17:46:54','2010-03-12 17:46:54'),(61,'Download Catalog',,'FinTraining-Catalog.pdf','pdf','2010-03-12',1,3,4,1,0,'en',5,'2010-03-12 17:47:13','2010-03-12 17:47:13'),(62,'Download Catalog',,'FinUSB-Suite-Catalog.pdf','pdf','2010-03-12',1,3,3,1,0,'en',5,'2010-03-12 17:47:39','2010-03-12 17:47:39'),(92,'Download Video',,'FinSpy-Video.wmv','wmv','2010-05-03',1,3,1,1,0,'en',5,'2010-05-04 12:34:42','2010-05-04 10:32:52'),(93,'Download Video',,'FinTraining-Video.wmv','wmv','2010-05-03',1,3,4,1,0,'en',5,'2010-05-05 11:22:50','2010-05-05 11:15:48'),(94,'Download Video',,'FinFly-ISP-Video.wmv','wmv','2010-05-03',1,3,11,1,0,'en',5,'2010-05-03 11:41:04','2010-05-03 11:41:04'),(96,'Download Video',,'FinFly-LAN-Video.wmv','wmv','2010-05-03',1,3,2,1,0,'en',5,'2010-05-05 11:09:43','2012-03-05 18:07:23'),(97,'Download Video',,'FinFly-USB-Video.wmv','wmv','2010-05-03',1,3,16,1,0,'en',5,'2010-05-03 12:19:57','2010-05-03 12:19:57'),(98,'Download Video',,'FinFly-Web-Video.wmv','wmv','2010-05-03',1,3,13,1,0,'en',5,'2010-05-03 12:20:45','2010-05-03 12:20:45'),(99,'Download Video',,'FinIntrusion-Kit-Video.wmv','wmv','2010-05-03',1,3,5,1,0,'en',5,'2010-05-03 12:21:21','2010-05-03 12:21:21'),(100,'Download Video',,'FinSpy-Mobile-Video.wmv','wmv','2010-05-03',1,3,14,1,0,'en',5,'2010-05-03 12:22:04','2010-05-03 12:22:04'),(101,'Download Video',,'FinUSB-Suite-Video.wmv','wmv','2010-05-03',1,3,3,1,0,'en',5,'2010-05-03 12:22:37','2010-05-03 12:22:37'),(102,'Download Video',,'FinFireWire-Video.wmv','wmv','2010-05-03',1,3,12,1,0,'en',5,'2010-05-03 12:25:08','2010-05-03 12:25:08'),(103,'Download Catalog',,'FinFly-Exploit-Catalog.pdf','pdf','2012-05-10',1,3,18,1,0,'en',5,'2012-05-10 15:30:19','2012-05-10 13:30:19'),(104,'Download Catalog',,'FinFly-Net-Catalog.pdf','pdf','2012-05-10',1,3,17,1,0,'en',5,'2012-05-10 15:31:15','2012-05-10 13:31:15'); /*!40000 ALTER TABLE `product_document` ENABLE KEYS */; UNLOCK TABLES;

table product_document_type

-- -- Table structure for table `product_document_type` --

DROP TABLE IF EXISTS `product_document_type`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `product_document_type` (

 `DocumentTypeID` tinyint(3) unsigned NOT NULL AUTO_INCREMENT,
 `Name` varchar(50) DEFAULT NULL,
 `Description` varchar(200) DEFAULT NULL,
 `Enabled` tinyint(1) DEFAULT '1',
 `Language` char(2) DEFAULT 'en',
 `UserID` int(11) DEFAULT NULL,
 `DataEntryDate` datetime DEFAULT NULL,
 `LastUpdated` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
 PRIMARY KEY (`DocumentTypeID`)

) ENGINE=InnoDB AUTO_INCREMENT=4 DEFAULT CHARSET=utf8; /*!40101 SET character_set_client = @saved_cs_client */;

-- -- Dumping data for table `product_document_type` --

LOCK TABLES `product_document_type` WRITE; /*!40000 ALTER TABLE `product_document_type` DISABLE KEYS */; INSERT INTO `product_document_type` VALUES (1,'User Manual',NULL,1,'en',1,'2009-09-22 14:07:30','0000-00-00 00:00:00'),(2,'Training Slides',NULL,1,'en',1,'2009-09-22 14:08:05','0000-00-00 00:00:00'),(3,'Catalog',NULL,1,'en',1,'2010-03-08 13:27:31','2010-03-08 13:27:31'); /*!40000 ALTER TABLE `product_document_type` ENABLE KEYS */; UNLOCK TABLES;

table product_faq

-- -- Table structure for table `product_faq` --

DROP TABLE IF EXISTS `product_faq`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `product_faq` (

 `FAQID` int(10) unsigned NOT NULL AUTO_INCREMENT,
 `Question` varchar(200) DEFAULT NULL,
 `Answer` text,
 `PublishedDate` date DEFAULT NULL,
 `ProductID` int(10) unsigned DEFAULT NULL,
 `ReleaseID` int(10) DEFAULT NULL,
 `DisplayOrder` tinyint(3) unsigned DEFAULT '1',
 `Enabled` tinyint(1) unsigned DEFAULT '1',
 `Deleted` tinyint(1) unsigned DEFAULT '0',
 `Language` char(2) DEFAULT 'en',
 `UserID` int(11) DEFAULT NULL,
 `DataEntryDate` datetime DEFAULT NULL,
 `LastUpdated` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
 PRIMARY KEY (`FAQID`)

) ENGINE=InnoDB AUTO_INCREMENT=58 DEFAULT CHARSET=utf8; /*!40101 SET character_set_client = @saved_cs_client */;

-- -- Dumping data for table `product_faq` --

LOCK TABLES `product_faq` WRITE; /*!40000 ALTER TABLE `product_faq` DISABLE KEYS */;

INSERT INTO `product_faq` VALUES (11,'Q: What Operation Systems are supported?','A: Windows 2000, Windows XP, Windows Vista, Windows 7, Mac OSX and Linux.','2010-01-14',1,-1,1,1,0,'en',5,'2010-01-14 12:22:06','2011-05-25 13:37:56'),(12,'Q: What Operation Systems are supported?','A: Windows 2000, Windows XP, Windows Vista and Windows 7','2010-01-14',3,-1,4,1,0,'en',5,'2010-01-14 12:27:12','2010-01-14 12:27:12'),(13,'Q: Does it work when the Computer is switched off or locked?','A: The Computer needs to be turned on and the User needs to be logged in as the Auto Run Feature of the USB port would not be activated otherwise.\r\nFinUSB: Windows Logon Bypass is a bootable CD-Rom that helps bypassing the Windows Logon without requiring the real user password.\r\n','2010-01-14',3,-1,5,1,0,'en',5,'2010-01-14 12:28:21','2010-01-14 12:28:21'),(14,'Q: Is the data lost when the device is removed during the operation?','A: Only the file that is currently copied is lost, the already copied data will be available.','2010-01-14',3,-1,6,1,0,'en',5,'2010-01-14 12:29:07','2010-01-14 12:29:07'),(15,'Q: Can the device be used multiple times before downloading the data to the HQ system?','A: Yes, the device can be used until the storage is full.','2010-01-14',3,-1,7,1,0,'en',5,'2010-01-14 12:30:26','2010-01-14 12:30:26'),(16,'Q: Can the FinUSB HQ component be installed on a present system within the head-quarter?','A: Yes, a CD-Rom with the installer is included that can be installed on systems running Windows 7.','2010-01-14',3,-1,8,1,0,'en',5,'2010-01-14 12:30:47','2010-01-14 12:30:47'),(17,'Q: What is the current capacity of the USB Dongles?','A: We currently support 16GB which will be updated regularly. Please ask for the current available capacity.','2010-01-14',3,-1,9,1,0,'en',5,'2010-01-14 12:31:11','2010-01-14 12:31:11'),(18,'Q: What evidences can be found on the Computer when FinUSB applied?','A: In the registry will be the information that a SanDisk Cruzer USB dongle was attached to the system. Depending on the used Anti-Virus product, a log entry inside it might exist.','2010-01-14',3,-1,10,1,0,'en',5,'2010-01-14 12:31:37','2010-01-14 12:31:37'),(19,'Q: Can an individual Dongle be purchased?','A: Gamma International provides the FinUSB Suite as a set operating with the FinUSB HQ preinstalled on a notebook and a set of 10 dongles. Please get in touch with us for specific requests.','2010-01-14',3,-1,11,1,0,'en',5,'2010-01-14 12:32:02','2010-01-14 12:32:02'),(20,'Q: Can FinUSB be used in combination with other products of the Gamma Family?','A: Yes, data gathered by the FinUSB Suite can be used in conjunction with the FinIntrusion Kit in order to covertly access accounts, attack websites visited by the Target and use the information for identifying the Target on local networks.','2010-01-14',3,-1,12,1,0,'en',5,'2010-01-14 12:32:27','2010-01-14 12:32:27'),(21,'Q: Can FinUSB recover deleted documents?','A: FinUSB offers the feature to copy files that are currently inside the Recycle-Bin. It currently does not have a feature to recover already deleted documents.','2010-01-14',3,-1,13,1,0,'en',5,'2010-01-14 12:32:54','2010-01-14 12:32:54'),(22,'Q: Can I hack into any Webmail account with the kit?','A: Only if the Targets choose weak passwords.','2010-01-14',5,-1,1,1,0,'en',5,'2010-01-14 12:55:06','2010-01-14 12:55:06'),(23,'Q: Can I hack into any target systems I select?','A: It requires a complicated process and wide knowledge to gain access to computers and networks which is shown partially during the trainings.','2010-01-14',5,-1,2,1,0,'en',5,'2010-01-14 12:55:49','2010-01-14 12:55:49'),(24,'Q: Does it support WiMax, UMTS or GSM?','A: Currently only WLAN (802.11) is supported.','2010-01-14',5,-1,3,1,0,'en',5,'2010-01-14 12:56:20','2011-05-25 13:29:15'),(25,'Q: Can I hack into mobile phones using the kit?','A: Only into a selection of several old models (Nokia and Sony Ericsson) using Bluetooth.','2010-01-14',5,-1,4,1,1,'en',5,'2010-01-14 12:57:01','2011-05-25 13:28:48'),(26,'Q: What is the difference to WLAN catchers?','A: This is a fully-loaded IT Intrusion kit that is mainly used for active or combined attacks, not a passive network sniffer.','2010-01-14',5,-1,5,1,0,'en',5,'2010-01-14 12:57:33','2010-01-14 12:57:33'),(27,'Q: What is the scope of delivery of FinSpy?','- FinSpy Master Server to establish the communication to the Infected PCs
\r\n- FinSpy Agent PC to access the infected PCs
\r\n(number depending on the commercial requirements)
\r\n- FinSpy Target, the Trojan Horse
\r\n- Common Parts:\r\n

\r\n o Portable Rack
\r\n o Switch
\r\n o LAN Cables
\r\n o MMI / Keyboard Switch
\r\n

','2010-01-14',1,-1,2,1,1,'en',5,'2010-01-14 13:01:44','2011-05-25 13:38:25'),(28,'Q: Can you infect any type of file?','A: With the software you can currently infect:
\r\n

\r\n• Executables and Screen-Savers (fully hidden)
\r\n• Office Documents (Macros)
\r\n• JPEG, PDF, MP3 Files, ... (faking the file extension)
\r\n

\r\nDuring the training, techniques are shown to abuse vulnerabilities in client software that enables the agent to infect other file-types like PDF (depending on the viewer application used on the target system).','2010-01-14',1,-1,3,1,0,'en',5,'2010-01-14 13:18:05','2011-05-25 14:07:52'),(29,'Q: Can the presence of the Trojan be discovered on an infected computer?','A: Very advanced measurements have been taken to hide the presence on target systems and its communication. There is always a possibility for such software to be discovered but it requires huge effort and very skilled professional knowledge to do so. Even if discovered it is not possible to trace the Trojan back to the Head-Quarter.','2010-01-14',1,-1,4,1,0,'en',5,'2010-01-14 13:20:40','2010-01-14 13:20:40'),(30,'Q: How many targets can be monitored in parallel?','A: By default, the software is limited to 30 parallel targets. Depending on the amount of data that is transferred, a couple hundred targets can be monitored with one system. This limitation is rather commercially than technical.','2010-01-14',1,-1,5,1,0,'en',5,'2010-01-14 13:21:11','2010-01-14 13:21:11'),(31,'Q: Can I permanently infect computers in internet cafes?','A: FinSpy is infecting the MBR of the hard-disk and is therefore able to survive even a removal from internet café software.','2010-01-14',1,-1,6,1,0,'en',5,'2010-01-14 13:21:37','2010-01-14 13:21:37'),(32,'Q: Will any Firewall or Anti-Virus system detect the Trojan horse?','A: Currently only a few tested Anti-Virus systems are able to detect the Trojan which will result in a popup being shown to the user on installation. After accepting the popup, the Trojan works without problems.','2010-01-14',1,-1,7,1,0,'en',5,'2010-01-14 13:21:55','2010-01-14 13:21:55'),(33,'Q: What communication method does the Trojan horse use to send out data?','A: The Trojan sends out its data via common ports like DNS, HTTP, POP, SMTP and more. This technique bypasses most Firewalls and IDS as these services are allowed by default in order to enable internet access for the client systems.','2010-01-14',1,-1,8,1,0,'en',5,'2010-01-14 13:22:21','2010-01-14 13:22:21'),(34,'Q: What evidences are being seen on the computer that a Trojan horse is running on it?','A: In a forensic analysis of the system, a new Windows driver and several hidden encrypted files can be discovered. Due to the use of public key cryptography, it is not possible to decrypt and analyze these files.','2010-01-14',1,-1,9,1,0,'en',5,'2010-01-14 13:22:50','2010-01-14 13:22:50'),(35,'Q: How can I infect targets computers?','A: There are several ways of infecting a target system:
\r\n

\r\na.) Using FinFly products
\r\nb.) Via an email infection and attach the Trojan with an executable file such a PC game or Screensaver.
\r\nc.) With the USB Infection dongle\r\n

','2010-01-14',1,-1,10,1,0,'en',5,'2010-01-14 13:24:45','2010-01-14 13:24:45'),(36,'Q: How can I delete the FinSpy Target System again?','A: The FinSpy Agent can define a delete date or can send a command to tell the Trojan horse to delete itself immediately.','2010-01-14',1,-1,11,1,0,'en',5,'2010-01-14 13:26:43','2010-01-14 13:26:43'),(37,'Q: Can FinFly LAN be obtained as a stand-alone system?','A: Yes, it can be installed on Ubuntu Karmic based systems.','2010-01-14',2,-1,1,1,0,'en',5,'2010-01-14 13:46:09','2011-06-27 12:54:17'),(38,'Q: Does it help to infect computers over the internet?','A: FinFly LAN only works in Local Area Networks (Wired or Wireless).','2010-01-14',2,-1,2,1,0,'en',5,'2010-01-14 13:46:41','2011-06-27 12:54:42'),(39,'Q: Can it attach the Trojan to any downloaded file?','A: Currently it can attach the Trojan to downloaded Windows executables and Screensavers. ','2010-01-14',2,-1,3,1,0,'en',5,'2010-01-14 13:47:11','2011-05-25 13:31:51'),(40,'Q: How are Targets identified?','A: Targets are selected and identified by IP address, Hostname, Operating System.','2010-01-14',2,-1,4,1,0,'en',5,'2010-01-14 13:47:30','2011-05-25 13:32:33'),(41,'Q: How do I find the IP address of my Target?','A: The computer name can of all systems be displayed. Several IT Intrusion techniques for this topic are shown during the training.','2010-01-14',2,-1,5,1,0,'en',5,'2010-01-14 13:47:58','2010-01-14 13:47:58'),(42,'Q: How are Targets identified?','A: By IP address or Radius login name.','2010-01-14',11,-1,1,1,0,'en',5,'2010-01-14 13:50:01','2010-01-14 13:50:01'),(43,'Q: If more computers share the same IP address (normal Home/Company network scenario), are all of them infected?','A: Yes, for a targeted infection within larger local area networks, FinFly Lite should be used.','2010-01-14',11,-1,2,1,0,'en',5,'2010-01-14 13:50:29','2010-01-14 13:50:29'),(44,'Q: How is the Solution being specified?','A: Gamma International needs to analyze the clients targeted IP Backbone Infrastructure in order to specify relevant capacity and interfaces of the HW.','2010-01-14',11,-1,3,1,0,'en',5,'2010-01-14 13:50:58','2010-01-14 13:50:58'),(45,'Q: How is the solution being installed within the network?','A: The provided hardware needs to be installed transparent into the IP Traffic whereas the location is mostly within the ISP or Backbone infrastructure provider. The solution is a standard 19’’ component with a remote Admin User Interface.','2010-01-14',11,-1,4,1,0,'en',5,'2010-01-14 13:51:34','2010-01-14 13:51:34'),(46,'Q: What happens in case of a HW failure?','A: In case the hardware fails, the system switches over to the Bypass switch and routes the traffic through outside the FinFly ISP environment to guarantee a 100% performance sides the ISP.','2010-01-14',11,-1,5,1,0,'en',5,'2010-01-14 13:51:59','2010-01-14 13:51:59'),(47,'Q: What Target Operating Systems are supported?','A: The following Operating Systems are supported: Windows XP, Vista and 7, Linux 2.6 (several Distributions). OSX support will be released in Q3 2011','2010-01-14',12,-1,1,1,0,'en',5,'2010-01-14 13:56:33','2011-05-25 13:30:27'),(48,'Q: Does the Target System need to have a FireWire Port?','A: The FireWire/1394 port is just one of the possibilities to attach the FinFireWire device. Additional to this also PCMCIA cards and Express Cards can be used.','2010-01-14',12,-1,2,1,0,'en',5,'2010-01-14 13:56:55','2010-01-14 13:56:55'),(49,'Q: What products can FinFly Web be combined with?','A: FinSpy, FinFly Lite and FinFly ISP.','2010-01-14',13,-1,1,1,0,'en',5,'2010-01-14 13:57:37','2010-01-14 13:57:37'),(50,'Q: Where are the trainings conducted?','A: Either in-country, Germany or UK.','2010-01-14',4,-1,1,1,0,'en',5,'2010-01-14 13:59:37','2010-01-14 13:59:37'),(51,'Q: What about trainings for the products?','A: Each product comes with a product training which takes between 1-5 days depending on the product.','2010-01-14',4,-1,2,1,0,'en',5,'2010-01-14 14:00:01','2010-01-14 14:00:01'),(52,'Q: Can custom trainings be given?','A: Yes, trainings on most IT Intrusion related topics can be given.','2010-01-14',4,-1,3,1,0,'en',5,'2010-01-14 14:00:22','2010-01-14 14:00:22'),(53,'Q: What knowledge do the students require?','A: The students should have a solid basic knowledge of:
\r\n

\r\n• Windows / Linux (optional but helpful)
\r\n• Networking (TCP/IP)
\r\n• Programming (optional but helpful)
\r\n• IT Security basics
\r\n• Depending on the training course specific knowledge would be required. This will be discussed as per training course.
\r\n

','2010-01-14',4,-1,4,1,0,'en',5,'2010-01-14 14:02:12','2010-01-14 14:02:12'),(54,'Q: How many students can part in the course?','A: Maximum of 4 to keep the trainings effective. Nevertheless the client can increase the number of trainees but then needs to accept the limitation on know how transfer.','2010-01-14',4,-1,5,1,0,'en',5,'2010-01-14 14:03:17','2010-01-14 14:03:17'),(55,'Q: How can the customer be 100% sure that Gamma cannot access to the FinSpy server/proxy once it is bought and installed at customer premises? ','A: The only connection the Gamma system is doing to the German head-quarters is when asking for updates. This can be disabled and updates can be delivered via Websites, Skype, CD-Rom, etc...','2010-11-12',1,-1,12,1,0,'en',5,'2010-11-12 18:36:41','2010-11-12 17:37:44'),(56,'Q: Since FinSpy will control and manage a number of targets (infected PC, laptop), how can customer be sure that these targets will not be also known by Gamma? ','A: Several options are possible

\r\n\r\na.) All communication of the server could be monitored e.g. using an external system that analyses all the network traffic. This would show any possible connections from the system to Gamma or the other way round.

\r\n\r\nb.) The customer has also the possibility to come to Munich office for 2-3 weeks and do a source-code review to ensure that no backdoors are inside the software. He could then compile it himself there and take the executables with him. Due to the fact that gamma publishes quarterly updates, this process is not really efficient as with every update it would need to happen again and the updates have to be installed to ensure continuous functionality and anti-virus bypassing.

\r\n\r\nc.) All encryption certificates that are used to encrypt all files, communications and also control access, are generated by the customer during the installation. Even when using the same software, Gamma would not be able to access the system because they do not have the correct RSA encryption keys.

\r\n\r\nd.) After the installation, the customer can change all IP addresses of server, proxies, etc. and therefore ensure that Gamma has no knowledge of the location, addresses, etc...

\r\n\r\ne.) Gamma is an independent company that is not bound to any country, governmental organisation, etc. Being able to spy on customer systems would not just destroy the company’s reputation but also bring it into serious legal problems.

','2010-11-12',1,-1,13,1,0,'en',5,'2010-11-12 18:43:09','2010-11-12 18:02:49'),(57,'Q: How can the customer be 100% sure that Gamma cannot access to the FinSpy server/proxy once it is bought and installed at customer premises?','A: The only connection the Gamma system is doing to the German head-quarters is when asking for updates. This can be disabled and updates can be delivered via Websites, Skype, CD-Rom, etc...','2011-05-25',1,-1,14,1,1,'en',5,'2011-05-25 15:44:31','2011-05-25 13:45:55');

/*!40000 ALTER TABLE `product_faq` ENABLE KEYS */; UNLOCK TABLES;

table product_update

-- -- Table structure for table `product_update` --

DROP TABLE IF EXISTS `product_update`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `product_update` (

 `ReleaseID` int(10) unsigned NOT NULL AUTO_INCREMENT COMMENT 'Autonumber primary key',
 `FileName` varchar(100) DEFAULT NULL,
 `VersionNumber` varchar(20) DEFAULT NULL,
 `PublishedDate` date DEFAULT NULL,
 `DownloadSize` varchar(30) DEFAULT NULL,
 `OperatingSystem` varchar(150) DEFAULT NULL,
 `Description` mediumtext,
 `ChangesOverview` mediumtext,
 `ProductID` int(10) unsigned DEFAULT NULL,
 `Enabled` tinyint(1) unsigned DEFAULT '1',
 `Deleted` tinyint(1) DEFAULT '0',
 `Language` char(2) DEFAULT 'en',
 `UserID` int(11) DEFAULT NULL,
 `DataEntryDate` datetime DEFAULT NULL,
 `LastUpdated` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
 PRIMARY KEY (`ReleaseID`)

) ENGINE=InnoDB AUTO_INCREMENT=102 DEFAULT CHARSET=utf8; /*!40101 SET character_set_client = @saved_cs_client */;

-- -- Dumping data for table `product_update` --

LOCK TABLES `product_update` WRITE; /*!40000 ALTER TABLE `product_update` DISABLE KEYS */; INSERT INTO `product_update` VALUES (15,'Release-Notes-FinFly-ISP-2.0.pdf','2.0','2010-09-24','503 KB',,'Release Notes 2.0',,11,1,1,'en',5,'2010-09-24 12:22:22','2012-04-03 11:13:50'),(17,'Release-Notes-FinFireWire-1.3.pdf','1.3','2010-09-28','425 KB',,'Release Notes 1.3',,12,1,1,'en',5,'2010-09-28 11:54:47','2011-08-16 13:30:51'),(18,'Release-Notes-FinFly-Web-1.4.pdf','1.4','2010-09-28','408 KB ',,'Release Notes 1.4',,13,1,1,'en',5,'2010-09-28 14:53:14','2012-03-21 17:33:00'),(21,'Release-Notes-FinUSB-Suite-2.7.pdf','2.7','2010-12-06','563 KB',,'Release Notes 2.7',,3,1,1,'en',5,'2010-12-06 11:30:51','2011-05-11 12:17:16'),(23,'Anti-Virus-Results-FinSpy-2.62.xlsx','2.62','2011-02-28','32 KB',,'Anti Virus Results FinSpy 2.62',,1,1,1,'en',5,'2011-02-28 14:42:44','2011-07-06 17:30:39'),(24,'Release-Notes-FinSpy-2.62.pdf','2.62','2011-02-28','365 KB',,'Release Notes 2.62',,1,1,1,'en',5,'2011-02-28 14:44:00','2011-07-06 17:30:35'),(25,'Release-Notes-FinUSB-Suite-3.2.pdf','3.2','2011-05-11','563 KB',,'Release Notes 3.2',,3,1,1,'en',5,'2011-05-11 14:16:39','2012-08-23 07:48:50'),(26,'Anti-Virus-Results-FinUSB-Suite-3.2.xlsx','3.2','2011-07-06','1,79 MB',,'Anti Virus Results FinUSB Suite 3.2',,1,1,1,'en',5,'2011-07-06 11:18:41','2011-07-06 09:18:55'),(27,'Anti-Virus-Results-FinUSB-Suite-3.2.xlsx','3.2','2011-07-06','1,79 MB',,'Anti Virus Results FinUSB Suite 3.2',,3,1,0,'en',5,'2011-07-06 11:19:49','2011-07-06 09:19:49'),(28,'Release-Notes-FinSpy-3.00.pdf','3.00','2011-07-06','387 KB',,'Release Notes 3.00',,1,1,1,'en',5,'2011-07-06 12:37:48','2011-11-30 15:33:12'),(29,'Anti-Virus-Results-FinSpy-3.00.xlsx','3.00','2011-07-06','36 KB',,'Anti Virus Results FinSpy 3.00',,1,1,1,'en',5,'2011-07-06 19:29:50','2011-11-30 15:33:08'),(30,'Release-Notes-FinFly-LAN-3.0.pdf','3.0','2011-07-15','404 KB',,'Release Notes 3.0',,2,1,1,'en',5,'2011-07-15 14:42:43','2012-03-21 17:32:51'),(31,'Release-Notes-FinIntrusionKit-2.0.pdf','2.0','2011-07-15','476 KB',,'Release Notes 2.0',,5,1,1,'en',5,'2011-07-15 14:45:27','2011-09-27 16:04:44'),(32,'Release-Notes-FinSpy-3.01.pdf','3.01','2011-07-29','358 KB',,'Release Notes 3.01',,1,1,1,'en',5,'2011-07-29 16:25:18','2011-11-30 15:33:05'),(33,'Release-Notes-FinFireWire-2.0.pdf','2.0','2011-08-16','436 KB',,'Release Notes 2.0',,12,1,1,'en',5,'2011-08-16 15:29:28','2014-03-10 09:52:40'),(34,'Anti-Virus-Results-FinSpy-3.02.xlsx','3.02','2011-09-26','40 KB',,'Anti Virus Results FinSpy 3.02',,1,1,1,'en',5,'2011-09-26 15:42:48','2011-11-30 15:33:01'),(35,'Release-Notes-FinSpy-3.02.pdf','3.02','2011-09-26','364 KB',,'Release Notes 3.02',,1,1,1,'en',5,'2011-09-26 15:43:55','2011-11-30 15:32:55'),(36,'Release-Notes-FinIntrusionKit-2.2.pdf','2.2','2011-09-27','492 KB',,'Release Notes 2.2',,5,1,1,'en',5,'2011-09-27 18:03:46','2013-02-13 14:04:50'),(37,'Release-Notes-FinSpy-3.03.pdf','3.03','2011-09-30','365 KB',,'Release Notes 3.03',,1,1,1,'en',5,'2011-09-30 14:05:13','2011-11-30 15:32:52'),(38,'Anti-Virus-Results-FinSpy-3.03.xlsx','3.03','2011-10-10','30.2 KB',,'Anti Virus Results FinSpy 3.03',,1,1,1,'en',5,'2011-10-10 17:03:06','2012-02-16 19:00:17'),(39,'Release-Notes-FinFly-LAN-3.2.pdf','3.2','2011-10-11','404 KB',,'Release Notes 3.0',,2,1,1,'en',5,'2011-10-11 18:15:29','2012-03-21 17:32:48'),(40,'Release-Notes-FinIntrusionKit-2.3.pdf','2.3','2011-11-21','455 KB',,'Release Notes 2.3',,5,1,1,'en',5,'2011-11-21 17:30:57','2013-02-13 14:04:54'),(41,'Release-Notes-FinIntrusionKit-2.4.pdf','2.4','2011-11-30','456 KB',,'Release Notes 2.4',,5,1,1,'en',5,'2011-11-30 15:49:33','2013-02-13 14:08:40'),(42,'Release-Notes-FinSpy-3.10.pdf','3.10','2011-11-30','365 KB',,'Release Notes 3.10',,1,1,1,'en',5,'2011-11-30 16:30:47','2012-02-16 19:00:52'),(43,'Anti-Virus-Results-FinSpy-3.10.xlsx','3.10','2011-12-06','76 KB',,'Anti Virus Results FinSpy 3.10',,1,1,1,'en',5,'2011-12-06 17:25:55','2012-02-16 19:00:56'),(44,'Release-Notes-FinFireWire-2.2.pdf','2.2','2011-12-16','451 KB',,'Release Notes 2.2',,12,1,1,'en',5,'2011-12-16 16:44:42','2014-03-10 09:52:44'),(45,'Anti-Virus-Results-FinSpy-4.00.xlsx','4.00','2012-02-16','36 KB',,'Anti Virus Results FinSpy 4.00',,1,1,1,'en',5,'2012-02-16 19:59:59','2012-07-04 15:46:06'),(46,'Release-Notes-FinSpyPC-4.0.pdf','4.00','2012-02-16','363 KB',,'Release Notes 4.00',,1,1,1,'en',5,'2012-02-16 20:03:36','2012-06-19 09:53:55'),(47,'Release-Notes-FinSpy-Mobile-4.00.pdf','4.00','2012-02-16','410 KB',,'Release Notes 4.00',,1,1,1,'en',5,'2012-02-16 20:07:26','2012-02-16 19:07:41'),(48,'Release-Notes-FinSpy-Mobile-4.00.pdf','4.00','2012-02-16','410 KB',,'Release Notes 4.00',,14,1,1,'en',5,'2012-02-16 20:08:47','2012-06-19 09:51:00'),(49,'Release-Notes-FinFly-Web-2.1.pdf','2.1','2012-03-21','464 KB',,'Release Notes 2.1',,13,1,1,'en',5,'2012-03-21 18:17:23','2012-05-16 14:36:25'),(50,'Release-Notes-FinFly-LAN-3.5.pdf','3.5','2012-03-21','436 KB',,'Release Notes 3.5',,2,1,1,'en',5,'2012-03-21 18:32:41','2013-04-02 14:02:28'),(51,'Release-Notes-FinSpyPC-4.01.pdf','4.01','2012-03-29','367 KB',,'Release Notes 4.01',,1,1,1,'en',5,'2012-03-29 11:09:17','2012-06-19 09:53:50'),(52,'Release-Notes-FinSpy-Mobile-4.01.pdf','4.01','2012-03-29','418 KB',,'Release Notes 4.01',,14,1,1,'en',5,'2012-03-29 11:12:52','2012-06-19 09:50:54'),(53,'Release-Notes-FinFly-ISP-3.0.pdf','3.0','2012-04-03','452 KB',,'Release Notes 3.0',,11,1,0,'en',5,'2012-04-03 13:13:42','2012-04-03 11:17:54'),(54,'Release-Notes-FinFly-Web-2.2.pdf','2.2','2012-05-16','492 KB',,'Release Notes 2.1',,13,1,1,'en',5,'2012-05-16 16:36:14','2013-01-08 16:28:17'),(55,'Release-Notes-FinSpyPC-4.10.pdf','4.10','2012-06-19','361 KB',,'Release Notes 4.10',,1,1,1,'en',5,'2012-06-19 11:49:29','2012-09-13 22:12:56'),(56,'Release-Notes-FinSpy-Mobile-4.10.pdf','4.10','2012-06-19','418 KB',,'Release Notes 4.10',,14,1,1,'en',5,'2012-06-19 11:50:44','2012-09-13 22:12:37'),(57,'Anti-Virus-Results-FinSpy-4.10.xlsx','4.10','2012-07-04','32.0 KB',,'Anti Virus Results FinSpy 4.10',,1,1,1,'en',5,'2012-07-04 17:45:51','2012-09-13 22:31:06'),(58,'Device-Tests-FinSpyMobile4.10.xlsx','4.10','2012-07-04','29 KB',,'Device Tests FinSpy Mobile 4.10',,14,1,1,'en',5,'2012-07-04 17:57:09','2014-03-10 09:54:22'),(59,'Release-Notes-FinSpyPC-4.11.pdf','4.11','2012-07-29','372 KB',,'Release Notes 4.11',,1,1,1,'en',5,'2012-07-29 12:44:40','2012-09-13 22:12:52'),(60,'FinUSB-Suite-3.5 Release-Notes.pdf','3.5','2012-08-23','621 KB',,'Release Notes 3.5',,3,1,0,'en',5,'2012-08-23 09:48:38','2012-08-23 07:48:38'),(61,'Release-Notes-FinSpyPC-4.20.pdf','4.20','2012-09-14','368 KB',,'Release Notes 4.20',,1,1,1,'en',5,'2012-09-14 00:11:04','2013-03-04 14:00:59'),(62,'Release-Notes-FinSpy-Mobile-4.20.pdf','4.20','2012-09-14','488 KB',,'Release Notes 4.20',,14,1,1,'en',5,'2012-09-14 00:12:20','2013-03-04 14:02:00'),(63,'Anti-Virus-Results-FinSpy-4.20.xlsx','4.20','2012-09-14','26.5 KB',,'Anti Virus Results FinSpy 4.20',,1,1,1,'en',5,'2012-09-14 00:30:55','2013-03-11 16:34:58'),(64,'Release-Notes-FinSpyPC-4.21.pdf','4.21','2012-10-30','370 KB',,'Release Notes 4.21',,1,1,1,'en',5,'2012-10-30 15:51:28','2013-03-04 14:00:54'),(65,'Release-Notes-FinSpy-Mobile-4.21.pdf','4.21','2012-10-30','497 KB',,'Release Notes 4.21',,14,1,1,'en',5,'2012-10-30 15:52:19','2013-03-04 14:01:56'),(66,'Release-Notes-FinFly-Web-3.0.pdf','3.0','2013-01-08','563 KB',,'Release Notes 3.0',,1,1,1,'en',5,'2013-01-08 17:26:39','2013-01-08 16:27:00'),(67,'Release-Notes-FinFly-Web-3.0.pdf','3.0','2013-01-08','563 KB',,'Release Notes 3.0',,13,1,1,'en',5,'2013-01-08 17:27:56','2013-04-09 12:46:52'),(68,'Release-Notes-FinIntrusionKit-3.0.pdf','3.0','2013-02-13','572 KB',,'Release Notes 3.0',,5,1,1,'en',5,'2013-02-13 15:06:23','2013-08-22 20:48:27'),(69,'Release-Notes-FinSpyPC-4.30.pdf','4.30','2013-03-04','433 KB',,'Release Notes 4.30',,1,1,1,'en',5,'2013-03-04 15:00:44','2014-03-10 09:46:49'),(70,'Release-Notes-FinSpy-Mobile-4.30.pdf','4.30','2013-03-04','467 KB',,'Release Notes 4.30',,14,1,1,'en',5,'2013-03-04 15:01:48','2014-03-10 09:54:27'),(71,'Anti-Virus-Results-FinSpy-PC-4.30.xlsx','4.30','2013-03-11','43 KB',,'Anti Virus Results FinSpy 4.30',,1,1,1,'en',5,'2013-03-11 17:34:42','2014-03-10 09:47:16'),(72,'Release-Notes-FinFly-LAN-3.7.pdf','3.7','2013-04-02','520 KB',,'Release Notes 3.7',,2,1,1,'en',5,'2013-04-02 16:02:20','2013-08-08 14:49:54'),(73,'Release-Notes-FinFly-Web-3.1.pdf','3.1','2013-04-09','557 KB',,'Release Notes 3.1',,13,1,1,'en',5,'2013-04-09 14:46:39','2014-03-10 09:53:39'),(74,'Release-Notes-FinSpyPC-4.31.pdf','4.31','2013-04-29','437',,'Release Notes 4.31',,1,1,1,'en',10,'2013-04-29 11:25:12','2014-03-10 09:47:23'),(75,'Release-Notes-FinSpy-Mobile-4.31.pdf','4.31','2013-04-29','470',,'Release Notes 4.31',,14,1,1,'en',10,'2013-04-29 11:26:51','2014-03-10 09:54:39'),(76,'FinUSB-Suite-3.6-Release-Notes.pdf','3.6','2013-05-07','765',,'Release Notes 3.6',,3,1,0,'en',10,'2013-05-07 13:55:24','2013-05-07 11:56:57'),(77,'Release-Notes-FinFireWire-3.0.pdf','3.0','2013-05-08','538 KB',,'Release Notes 3.0',,12,1,1,'en',10,'2013-05-08 10:05:48','2014-03-10 09:52:47'),(78,'Release-Notes-FinFly-Web-3.2.pdf','3.2','2013-05-22','639 KB',,'Release Notes 3.2',,13,1,1,'en',10,'2013-05-22 08:19:14','2014-03-10 09:53:43'),(79,'Release-Notes-FinSpyPC-4.32.pdf','4.32','2013-05-23','437 KB',,'Release Notes 4.32',,1,1,1,'en',10,'2013-05-23 13:43:13','2014-03-10 09:47:29'),(80,'Anti-Virus-Results-FinSpy-PC-4.32.xlsx','4.32','2013-05-27','34 KB',,'Anti Virus Results FinSpy 4.32',,1,1,1,'en',10,'2013-05-27 12:13:48','2013-06-11 11:33:52'),(81,'Anti-Virus-Results-FinSpy-PC-4.32.xlsx','4.32','2013-06-11','31 KB',,'Anti Virus Results FinSpy 4.32',,1,1,1,'en',10,'2013-06-11 13:35:56','2014-03-10 09:47:34'),(82,'Release-Notes-FinIntrusionKit-4.0.pdf','4.0','2013-08-06','585 KB',,'Release Notes 4.0',,5,1,1,'en',5,'2013-08-06 09:49:22','2013-08-22 20:47:55'),(83,'Release-Notes-FinFly-LAN-3.8.pdf','3.8','2013-08-08','485 KB',,'Release Notes 3.8',,2,1,1,'en',5,'2013-08-08 16:49:46','2013-08-22 21:05:50'),(84,'Release-Notes-FinIntrusionKit-4.0.pdf','4.0','2013-08-22','600 KB',,'Release Notes 4.0',,5,1,1,'en',5,'2013-08-22 22:47:30','2013-08-23 10:22:43'),(85,'Release-Notes-FinFly-LAN-3.8.pdf','3.8','2013-08-22','485 KB',,'Release Notes 3.8',,2,1,1,'en',5,'2013-08-22 23:03:37','2013-08-23 10:25:11'),(86,'Release-Notes-FinFly-LAN-3.8.pdf','3.8','2013-08-23','485 KB',,'Release Notes 3.8',,2,1,0,'en',5,'2013-08-23 12:12:33','2013-08-23 10:12:33'),(87,'Release-Notes-FinIntrusionKit-4.0.pdf','4.0','2013-08-23','600 KB',,'Release Notes 4.0',,5,1,0,'en',5,'2013-08-23 12:22:31','2013-08-23 10:22:31'),(88,'Release-Notes-FinSpyPC-4.40.pdf','4.40','2013-09-02','567 KB',,'Release Notes 4.40',,1,1,1,'en',10,'2013-09-02 15:42:40','2014-03-10 09:48:52'),(89,'Release-Notes-FinSpy-Mobile-4.40.pdf','4.40','2013-09-02','495 KB',,'Release Notes 4.40',,1,1,1,'en',10,'2013-09-02 15:45:42','2013-09-02 13:46:16'),(90,'Release-Notes-FinSpy-Mobile-4.40.pdf','4.40','2013-09-02','495 KB',,'Release Notes 4.40',,14,1,0,'en',10,'2013-09-02 15:48:28','2013-09-02 13:48:28'),(91,'Anti-Virus-Results-FinSpy-PC-4.40.xlsx','4.40','2013-09-02','47 KB',,'Anti Virus Results FinSpy 4.40',,1,1,0,'en',10,'2013-09-02 15:54:33','2013-09-02 13:54:33'),(92,'Device-Tests-FinSpyMobile4.40.xlsx','4.40','2013-09-02','36 KB',,'Device Tests FinSpy Mobile 4.40',,14,1,0,'en',10,'2013-09-02 16:17:16','2013-09-02 14:17:16'),(93,'QA-Test-FinFisher-PC-AV-Ext-4.40_2.xlsx','4.40','2013-10-22','64 KB',,'QA-Test-FinFisher-PC-AV-Ext-4.40_2',,1,1,0,'en',10,'2013-10-22 16:00:58','2013-10-22 14:00:58'),(94,'Release-Notes-FinSpyPC-4.50.pdf','4.50','2014-01-08','581',,'Release Notes 4.50',,1,1,0,'en',10,'2014-01-08 15:00:12','2014-01-08 14:04:27'),(95,'Anti-Virus-Results-FinSpy-PC-4.50.xlsx','4.50','2014-01-08','42 KB',,'Anti-Virus-Results-FinSpy-PC-4.50',,1,1,0,'en',10,'2014-01-08 15:21:02','2014-01-08 14:21:31'),(96,'Release-Notes-FinFireWire-3.5.pdf','3.5','2014-01-17','536 KB',,'Release Notes 3.5',,12,1,0,'en',10,'2014-01-17 12:44:25','2014-01-17 11:44:25'),(97,'Release-Notes-FinFly-Web-4.0.pdf','4.0','2014-03-04','673 KB',,'Release Notes 4.0',,13,1,0,'en',10,'2014-03-04 15:12:58','2014-03-04 14:12:58'),(98,'Release-Notes-FinSpy-PC-4.51.pdf','4.51','2014-04-14','776 KB',,'Release Notes 4.51',,1,1,0,'en',10,'2014-04-14 13:48:01','2014-04-14 11:52:21'),(99,'Release-Notes-FinSpy-Mobile-4.51.pdf','4.51','2014-04-14','750 KB',,'Release Notes 4.51',,14,1,0,'en',10,'2014-04-14 13:51:22','2014-04-14 11:51:22'),(100,'Device-Tests-FinSpyMobile4.51.xlsx','4.51','2014-04-15','38 KB',,'Device Tests FinSpy Mobile 4.51',,14,1,0,'en',10,'2014-04-15 12:32:45','2014-04-15 10:32:45'),(101,'Anti-Virus-Results-FinSpy-PC-4.51.xlsm','4.51','2014-04-25','1.7 KB',,'Anti-Virus-Results-FinSpy-PC-4.51',,1,1,0,'en',10,'2014-04-25 09:44:31','2014-04-25 07:44:31'); /*!40000 ALTER TABLE `product_update` ENABLE KEYS */; UNLOCK TABLES;

table reset_password

-- -- Table structure for table `reset_password` --

DROP TABLE IF EXISTS `reset_password`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `reset_password` (

 `rp_username` varchar(100) DEFAULT NULL,
 `rp_code` varchar(20) DEFAULT NULL

) ENGINE=MyISAM DEFAULT CHARSET=cp1256 CHECKSUM=1 DELAY_KEY_WRITE=1 ROW_FORMAT=DYNAMIC; /*!40101 SET character_set_client = @saved_cs_client */;

-- -- Dumping data for table `reset_password` --

LOCK TABLES `reset_password` WRITE; /*!40000 ALTER TABLE `reset_password` DISABLE KEYS */; INSERT INTO `reset_password` VALUES ('Gamma1','Fj5$AJWypY17'),('Gamma1','SXgKXRPY6B9s'),('Gamma9','RBxNNmIogMuD'),('F9660CE4','!G0F&PWU4mP&'); /*!40000 ALTER TABLE `reset_password` ENABLE KEYS */; UNLOCK TABLES;

table role

-- -- Table structure for table `role` --

DROP TABLE IF EXISTS `role`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `role` (

 `RoleID` int(4) NOT NULL AUTO_INCREMENT,
 `RoleName` varchar(50) DEFAULT NULL,
 `RoleDescription` varchar(250) DEFAULT NULL,
 `Language` char(2) DEFAULT 'en',
 `Enabled` tinyint(1) DEFAULT '1',
 PRIMARY KEY (`RoleID`)

) ENGINE=InnoDB AUTO_INCREMENT=8 DEFAULT CHARSET=latin1 CHECKSUM=1 DELAY_KEY_WRITE=1 ROW_FORMAT=DYNAMIC; /*!40101 SET character_set_client = @saved_cs_client */;

-- -- Dumping data for table `role` --

LOCK TABLES `role` WRITE; /*!40000 ALTER TABLE `role` DISABLE KEYS */; INSERT INTO `role` VALUES (1,'Administrator','Administrator','en',1),(2,'Normal User',,'en',1),(3,'Project Manager',,'en',1),(5,'Data Entry Personnel',,'en',1),(7,'Support Personnel',,'en',1); /*!40000 ALTER TABLE `role` ENABLE KEYS */; UNLOCK TABLES;

table role_permission

-- -- Table structure for table `role_permission` --

DROP TABLE IF EXISTS `role_permission`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `role_permission` (

 `RolePermissionID` int(4) NOT NULL AUTO_INCREMENT,
 `RoleID` int(4) DEFAULT NULL,
 `PermissionID` int(4) DEFAULT NULL,
 `PermissionsMask` varchar(10) DEFAULT NULL,
 PRIMARY KEY (`RolePermissionID`)

) ENGINE=MyISAM AUTO_INCREMENT=1594 DEFAULT CHARSET=latin1 ROW_FORMAT=DYNAMIC; /*!40101 SET character_set_client = @saved_cs_client */;

-- -- Dumping data for table `role_permission` --

LOCK TABLES `role_permission` WRITE; /*!40000 ALTER TABLE `role_permission` DISABLE KEYS */; INSERT INTO `role_permission` VALUES (1593,1,18,'1111'),(1592,1,17,'1111'),(1591,1,16,'1111'),(1590,1,15,'1111'),(1589,1,14,'1111'),(1588,1,13,'1111'),(1587,1,12,'1111'),(1586,1,11,'1111'),(1585,1,10,'1111'),(1107,5,10,'1100'),(1106,5,8,'1101'),(859,2,8,'1111'),(272,3,1,'1111'),(273,3,2,'1111'),(274,3,3,'1100'),(275,3,6,'1111'),(276,3,10,'1'),(858,2,6,'1111'),(1584,1,9,'1111'),(860,2,9,'1111'),(1583,1,8,'1111'),(1582,1,7,'1111'),(1581,1,6,'1111'),(1580,1,5,'1111'),(1579,1,4,'1111'),(968,7,6,'1111'),(969,7,7,'1111'),(1105,5,6,'1100'),(1104,5,3,'1000'),(1578,1,3,'1111'),(1577,1,2,'1111'),(1576,1,1,'1111'); /*!40000 ALTER TABLE `role_permission` ENABLE KEYS */; UNLOCK TABLES;

table role_sitemap_section

-- -- Table structure for table `role_sitemap_section` --

DROP TABLE IF EXISTS `role_sitemap_section`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `role_sitemap_section` (

 `RoleSiteMapSectionID` int(4) NOT NULL AUTO_INCREMENT,
 `RoleID` int(4) DEFAULT NULL,
 `SiteMapSectionID` int(4) DEFAULT NULL,
 `PermissionsMask` varchar(5) DEFAULT NULL,
 PRIMARY KEY (`RoleSiteMapSectionID`)

) ENGINE=InnoDB DEFAULT CHARSET=latin1 CHECKSUM=1 DELAY_KEY_WRITE=1 ROW_FORMAT=DYNAMIC; /*!40101 SET character_set_client = @saved_cs_client */;

-- -- Dumping data for table `role_sitemap_section` --

LOCK TABLES `role_sitemap_section` WRITE; /*!40000 ALTER TABLE `role_sitemap_section` DISABLE KEYS */; /*!40000 ALTER TABLE `role_sitemap_section` ENABLE KEYS */; UNLOCK TABLES;

table sitemap_section

-- -- Table structure for table `sitemap_section` --

DROP TABLE IF EXISTS `sitemap_section`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `sitemap_section` (

 `SiteMapSectionID` int(4) NOT NULL AUTO_INCREMENT,
 `ParentID` int(4) DEFAULT NULL,
 `Facet` varchar(255) NOT NULL DEFAULT ,
 `Name` varchar(255) DEFAULT NULL,
 `Description` varchar(255) DEFAULT NULL,
 `DisplayMode` tinyint(1) DEFAULT '0',
 `Materials_Priority` smallint(2) DEFAULT '1',
 `Materials_EntryDate` smallint(2) DEFAULT '-1',
 `MenuLeft` tinyint(1) DEFAULT '1',
 `MenuRight` tinyint(1) DEFAULT '0',
 `MenuTop` tinyint(1) DEFAULT '0',
 `MenuBottom` tinyint(1) DEFAULT '0',
 `Language` char(2) DEFAULT 'en',
 PRIMARY KEY (`SiteMapSectionID`)

) ENGINE=MyISAM AUTO_INCREMENT=7 DEFAULT CHARSET=latin1; /*!40101 SET character_set_client = @saved_cs_client */;

-- -- Dumping data for table `sitemap_section` --

LOCK TABLES `sitemap_section` WRITE; /*!40000 ALTER TABLE `sitemap_section` DISABLE KEYS */; INSERT INTO `sitemap_section` VALUES (1,NULL,'01','About Us','Desc 01',0,10,-1,1,0,0,0,'en'),(2,1,'01.01','GGI','Desc 01.01',0,10,-1,1,0,0,0,'en'),(3,1,'01.02','Organization','Desc 01.02',0,10,-1,1,0,0,0,'en'),(4,NULL,'02','Contact Us','Desc 02',0,10,-1,1,0,0,0,'en'),(5,4,'02.01','Support','Desc 02.01',0,10,-1,1,0,0,0,'en'),(6,4,'02.02','Sales & Marketing','Desc 02.02',0,10,-1,1,0,0,0,'en'); /*!40000 ALTER TABLE `sitemap_section` ENABLE KEYS */; UNLOCK TABLES;


table support_request

-- -- Table structure for table `support_request` --

DROP TABLE IF EXISTS `support_request`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `support_request` (

 `TrackingID` varchar(12) NOT NULL,
 `Summary` varchar(200) DEFAULT NULL,
 `Description` text,
 `ProductID` int(11) DEFAULT NULL,
 `TypeID` tinyint(4) DEFAULT NULL,
 `FileName` varchar(200) DEFAULT NULL,
 `StatusNotification` tinyint(1) DEFAULT '1',
 `SupportComments` text,
 `StatusID` tinyint(1) DEFAULT '1',
 `CustomerID` int(11) DEFAULT NULL,
 `Language` char(2) DEFAULT 'en',
 `CreationDate` datetime DEFAULT NULL,
 `LastUpdated` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
 `UserID` int(11) DEFAULT NULL,
 PRIMARY KEY (`TrackingID`)

) ENGINE=InnoDB DEFAULT CHARSET=utf8; /*!40101 SET character_set_client = @saved_cs_client */;

-- -- Dumping data for table `support_request` --

LOCK TABLES `support_request` WRITE; /*!40000 ALTER TABLE `support_request` DISABLE KEYS */;

INSERT INTO `support_request` VALUES ('00940BEB','Connecting to the server','Hi Martin,\r\n\r\nWe manage to eliminate the last 2 screenshots related problems that I sent prior.\r\nWe have a clean installed windows7 dell laptop.\r\nNow the hardship is to connect to the server. The connect button wouldnt switch to blue, but I can ping the server. I set the servers ip and port also, username and password are ok.\r\n\r\nAny idea?\r\n\r\nBest regards,\r\n\r\nZoltan',1,3,'00940BEB',1,'

An corresponding email has been send.

',2,73,'en','2013-09-25 16:53:13','2013-10-16 11:47:03',NULL),('03B8149F','FinIntrusion Kit issues and enquiries','1. Sometimes after running some task, eg. scanning of wireless network, I am not able to do other task. I will give the error message :The current selected wireless adapter is blocked by another wireless process. Please stop the process or select a different wireless adapted. Even though the current process has completed, but I am not able to run other task.\r\n\r\n2. I am able to jam client but not wireless access point. Tried on a few wireless access point, but not able to jammed them.\r\n\r\n3. For the Fake AP, does it support WPA? Or is it just purely for WEP? I only saw the WEP field but not WPA.\r\n\r\n4. Understand that the current intrusion kit version has a major change over the years, is there any user manual/guide?\r\n\r\n5. I input the license file on the Intrusion Kit that I have setup on the Kali OS, there is no issue or error. But the next time when I launch the intrusion kit application with the Alfa USB wireless device connected, the license information show wrong machine UID error. Is it normal?',5,2,'03B8149F',1,'

An corresponding email has been sent.

',2,69,'en','2014-01-15 04:38:56','2014-01-15 11:01:40',NULL),('0471A44D','Close ticket for 5D14C9B0','Please close the ticket for 5D14C9B0.',1,3,'0471A44D',1,'

An corresponding email has been sent.

',4,69,'en','2013-09-24 10:31:38','2013-09-27 06:37:29',NULL),('05D29AC5','Symbian - GEO location','GEO References of Device when given to Server differed between Live Tracking and Target History displays even though GEO source was the same\r\n',14,2,'05D29AC5',1,,2,88,'en','2013-09-23 11:56:01','2013-10-16 11:50:34',NULL),('062CD9AA','Speed test fails after PC is infected','When user runs speed test from infected PC - arp poision - upload test fails, while download test is ok.\r\nWhen uninfected, upload test ok again.',2,2,'062CD9AA.png',1,,2,15,'en','2012-07-19 14:20:52','2012-08-22 15:18:07',NULL),('06837971','FIN USB NOT INFECTING','WE HAVE PROBLEM WITH OUR FIN USB SYSTEM IS NOT WORKING WITH ALL VERSIONS',16,1,'06837971',1,'

A suitable mail has been sent.

',2,29,'en','2011-10-02 09:38:56','2011-11-02 18:05:05',NULL),('06AEF698','Powerpoint Integeration','The trojan can not be integrated with powerpoint. The resulted exe file is again detected by Antiviruses... Plz look in to that and let us know asap. I have informed you this earlier on online communication too but no response. ',1,2,'06AEF698',1,'The problem is solved with the 4.20 release',4,32,'en','2012-03-29 06:46:01','2012-10-11 13:31:16',NULL),('072E1188','Offline Infection Removal Tool','In order to avoid contaminating forensic analysis post arrest, it would be beneficial to be able to remove the infection and recover non-downloaded data from the target machine without the requirement to connect it to the internet and boot the machine.\r\n\r\nWe would suggest something that could run of a bootable USB key which could boot the target machine, recover non-downloaded data and then remove the infection from the machine.\r\nThis usb key could then be connected to an agent machine and upload the recovered data to the MASTER.',1,5,'072E1188',1,'The feature has been implemented into the FinFly USB product.


Dear Customer,

that is a good idea and we will add this to our FinFly USB planning.

What we currently plan for 2.50 (october) for the dongle:

U3/Autorun:
 - Infect System
 - De-Infect System
 - Pickup Data

Bootable System:
 - Infect System (MBR)
 - De-Infect System
 - Pickup Data (might be postponed to 2.60)

Best Regards,

Martin.',4,14,'en','2010-07-13 05:00:00','2012-10-11 16:58:35',NULL),('081313A9','Reporting feature','Our Warrants authorize the use of the the FF intrusion capability as well as the individual modules that are used. At the conclusion of a warrant there is a requirement that a report is made on every date / time each module captures information. For example, if a key logger captures data at 1pm 2/1/2013 we need to report this to our legal system. This time/date is important for reporting procedures as there is a requirement to record every instance a module is used. Is there some way of just extracting the time/date and module name to a report?',1,5,'081313A9',1,,2,49,'en','2013-01-25 02:13:08','2013-01-28 10:10:01',NULL),('09025F76','Very long log in agent','The current log presentation with a long list of loglines dont make any sense to the operator. It would be more useful to trigger the operator on an important error or event, for example by sending an email or SMS text message on fatal errors. With the current logging we missed a disk full warning.',1,4,'09025F76',1,NULL,1,68,'en','2014-06-12 15:32:27','2014-06-12 13:32:27',NULL),('0908AA53','oops...','https://citizenlab.org/storage/finfisher/final/fortheireyesonly.pdf',1,1,'0908AA53',1,'A suitable mail were sent',4,73,'en','2013-05-02 14:02:02','2013-05-04 16:45:38',NULL),('0940E598','The trojan is detected by Norton and Bit Defender','We came to know that the progress on by-passing Avira antivirus is going good and a new version will be released soon with the patch... as communicated earlier on skype etc that Norton and BitDefender also detects the trojan, we request to look in to this matter as well so that when you release the new version we get the support for these two anti-viruses too....\r\nwill be thankful... ',1,1,'0940E598',1,'The problem has been solved with the 4.20 release.',4,32,'en','2012-05-16 10:41:52','2012-10-11 13:32:57',NULL),('096E80EA','FinSpy_Master and FinSpy_Proxynot can not start','Hi every body, \r\nplease help us. After installing the 4.01 update to the Offline Master can not start FinSpy_Master proces and FinSpy_Master proces. I installed the same package on the online master where everything works just fine.\r\nWhat logs do you need?',1,1,'096E80EA',1,'The problem has been solved through a Skype session, with on of your engineers.',4,15,'en','2012-04-02 17:15:05','2012-04-05 09:54:37',NULL),('0A3A311A','Tracking on iOS','No tracking data received from target during live session. All target history data shows only base station with no coordinates. the target iPhone has gps enabled and can show position on google maps.\r\n\r\niPhone 5 v6.1.2',14,2,'0A3A311A',1,'A corresponding email has been sent.',2,87,'en','2013-09-06 09:00:27','2013-09-19 08:50:29',NULL),('0A70DAF5','Multiple Scheduled Tasks','A way of creating many Scheduled Tasks easier by using some Copy and Paste method or having multiple time input capability Functions in the Wizard\r\n\r\nComment:\r\nDoing Multiple Tasks can be very time consuming. Issue here was creating files offline that where of a managable size for transport, so many small tasks had to be created\r\n',1,5,'0A70DAF5',1,,2,88,'en','2013-09-23 12:22:05','2013-10-16 11:48:45',NULL),('0AACC8B6','Data retrieval in the event of server mainboard failure','Would like to check in the event of the server mainboard failure, how can we retrieve back the data from the encrypted hard disk?',1,3,'0AACC8B6',1,,2,69,'en','2013-09-24 10:44:45','2013-10-16 11:47:26',NULL),('0AD8C94B','improve configuration list of dongle','FinUSB &#61664; Dongle Setting &#61664; Email &#61664; deselect all email clients &#61664; configure dongle &#61664; collect data from target &#61664; import data into HQ &#61664; view report &#61664; check configuration &#61664;\r\n \r\n \r\n\r\n&#61680; IF a feature is selected or not will be shown by a small “dot” in front of a listed feature &#61664; customer was really confused and doesn’t trust our configuration before he didn’t made a couple of tests by themselves, because even “unselected” software is listed only “the dot” was missing\r\n\r\n&#61680; Two solutions are possible: don’t list features which are not selected or use self explained icons like\r\n',3,4,'0AD8C94B',1,,2,88,'en','2013-10-09 09:12:56','2013-10-16 11:44:35',NULL),('0B209014','evidence export time interval selection','Hello,\r\n\r\non evidence export module there could be possibility to set time period what we want to export.\r\n\r\non estonian law, if we have court order for example 30 days long and we are extending that order for example another 30 days - then we must give evidence on every court order separately, 30 days of evidences on first order and 30 days of evidence on second order.\r\n\r\nright now on extended court order there are little problem, because we can give court all evidence data. on our example it is total 60 days. but court wants evidence data only extended order period - 30 days.\r\n\r\nIf you have any additional questions please ask trough Holger Skype.',1,5,'0B209014',0,,2,47,'en','2012-01-19 12:44:48','2012-01-23 09:49:20',NULL),('0B364C03','problem with updating the licenes for finspy master','i have recived the finspy license with ext ggpck\r\nand i need the zip file \r\nso i can unzip the file in server\r\n\r\nurgent please',1,3,'0B364C03',1,'License in zip format has been sent.',4,21,'en','2011-11-14 08:23:41','2011-11-18 08:45:42',NULL),('0C81F6CB','Possibility of removing Collected Data from the Target','Possibility of removing Collected Data from the Target before transfer to Server\r\n\r\nComment:\r\nThis is incase too much information has been gathered on Target and transfer would highlight infection',1,5,'0C81F6CB',1,,2,88,'en','2013-09-23 12:16:09','2013-10-16 11:49:15',NULL),('0CD01B0D','recover broken FinUSB dongle through HQ','FinUSB Dongle format or delete hidden “System” folder will make the dongle unusable for FinUSB HQ anymore. “Recover destroyed” USB dongle feature inside the HQ is missing….',3,5,'0CD01B0D',1,,2,88,'en','2013-10-09 09:19:57','2013-10-16 11:41:49',NULL),('0E03300C','update 3.5','Dear Supporter Team!\r\n\r\nWe wanted to update our finfirewire to the new version 3.5, but the lan card does not worked on the laptop - os error message: no network device available - so we cannot connect to the internet. \r\nIs there any other way to get/download to the installations files from an other machine?\r\nCould you shared or send the original or updated files for us? \r\n\r\nThanks',12,3,'0E03300C',1,'

\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>An corresponding email has been sent.

\r\n\r\n\r\n\r\n',4,73,'en','2014-02-04 14:41:19','2014-04-23 07:55:43',NULL),('0E6229AA','FinFly Web - Crash - BlackBerry','Operating System: Win7 32bit\r\nFinFly Web: 4.0\r\nFinSpy: 4.50\r\n\r\nIssue:\r\nBlackBerry Payload generated with FS 4.50. It can be loaded w/out an\r\nissues into FinFly Web but during generation FinFly Web crashes. Several\r\npayloads were created. Same issue. BB payload combined with other\r\npayloads. Same issue. Other payloads w/out BB - No issue.',13,2,'0E6229AA',1,'

\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>An corresponding email has been sent.

\r\n\r\n\r\n\r\n\r\n\r\n',2,93,'en','2014-03-20 16:23:30','2014-04-17 11:03:42',NULL),('1176EB01','modify netmask through FITK GUI','Netmask can be changed too. Necessary, because Network Scan based on netmask. E.g. only a class c-net of a 10.0.0.0 network is used, but netmask is 255.0.0.0 &#61664; class A net will be scanned instead of a class C net',5,5,'1176EB01',1,,2,88,'en','2013-10-09 09:20:41','2013-10-16 11:40:47',NULL),('12146E91','Infection removed','We have created a trojan for phone with similar name sally for all the phone OS and set it to max 15.\r\nNow we saw the trojan in the log file said the trojan max infection reached when we install to our target. However when this limit reach, it remove all of our target which is 5-10 with its trojan name sally of different OS.\r\nIt said in the Evidence Protection target remove injection. \r\n\r\nWhy does this happen it should only remove the last target not all of them. Moreover its 15 plus other os so thats 30 for android and symbian not 15 both.\r\n\r\nThis is 4.1 since 4.2 trojan is totally unreliable and does not work on all of the phone.',1,1,'12146E91',1,'The problem has been solved with the hotfix release 4.21. A upgrade on site took place.',4,46,'en','2012-11-13 07:29:09','2013-01-07 16:09:39',NULL),('1270040F','MAC Trojan','Mac trojan that is created with finspy it is not working, attached is the massege box that comes when we are trying to infect the MAC book',1,1,'1270040F.png',1,'MAC OS X 10.4.X is not supported. A suitable mail has been sent.',4,29,'en','2012-02-28 07:40:00','2012-02-29 18:18:42',NULL),('13728121','Title based screen recording','Title based screen recording creates a new recording and send to master. Any new recordings created look to be appended to the original recording and sent. This results in a very high amount of data being sent to the master. Experienced over 700MB in 3 days for one target set to 1 minute intervals at 80 percent. We have replicated this bug on a test infection. The end result is that basic screenshots will exceed a targets data limit quickly.',1,2,'13728121',1,'Problem was solved in version 3.03. A suitable information has been sent by mail.',4,14,'en','2011-09-15 07:20:53','2011-11-02 18:07:35',NULL),('1392AA5D','wrong path in ffrelay.ubuntu.4.20.ggi','using the ffrelay.ubuntu.4.20.ggi, ffrelay init-script is created with FSDIR_DAT in the start and restart branches of the script. As the executables is located in FSDIR_BIN, the init-script fails. We tried FDSIR_BIN in both branches and the script works fine now',1,2,'1392AA5D',1,,2,55,'en','2012-10-26 16:39:39','2012-10-29 11:18:32',NULL),('1439A2E4','Logfile Scrolling','It will be very nice if you change scrolling direction in Log Viewer from the oldest to the newest to newest to oldest or add a sorting/order according to column header / by option. It is really annoying to scroll down to the end of a list every time we want to see what is new in the log list.',1,5,'1439A2E4',0,'A corresponding E-Mail has been sent',2,47,'en','2013-12-10 12:02:19','2013-12-11 10:48:12',NULL),('14476C79','Credential HTTP will not be listed, other credentials were listed.','Credential HTTP will not be listed, other credentials were listed.',5,2,'14476C79',1,,2,88,'en','2013-10-09 09:09:15','2013-10-16 11:44:48',NULL),('15E4285F','categorisation of information in modules','Due to law restrictions on how certain information obtained from the FF modules can be identified, is it possible to implement a categorization feature that can show categories for certain information ? For instance. A key logger captures information which is between a lawyer and a known criminal which is not an offense in itself. The captured information needs to be able to be identified as legal privilege and not used in any further intelligence capability as it is considered private. There are other categories that may come up so it would be useful if the categories could be implemented at the user level rather than hard coded by Gamma.',1,5,'15E4285F',1,,2,49,'en','2013-01-25 02:02:39','2013-01-28 10:10:10',NULL),('16FA7A9D','Non encrypted audio traffic between mobile target en server.','Non encrypted audio traffic between mobile target en server.',14,4,'16FA7A9D',1,NULL,1,68,'en','2014-06-12 15:23:22','2014-06-12 13:23:22',NULL),('1711BE75','Whatsapp Crypt7 database','Recently whatsapp introduced a new encrypt format for message database .crypt7 as result the related module on mobile dont workk anymore. ',14,4,'1711BE75',1,'

\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>An corresponding email has been sent.

\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n',2,81,'en','2014-06-23 10:08:37','2014-06-23 08:25:46',NULL),('174C3701','Problem with IP connected printer NETWORK PRINTER','On infected target pc network connected printer is not working.',1,1,'174C3701',1,'After consultation by Skype is the problem not relevant anymore. Regarding our tests was the problem not related to our product.',4,27,'en','2012-12-03 12:47:08','2013-01-07 15:49:27',NULL),('18ADFB30','Target not able to be infected if they are on LAN','If my target laptop is connected to the Internet through 3G dongle, there is no issue on infection and data exfiltration. However, if my target laptop is connected to the Internet through ADSL, my target laptop is not able to be infected and no data is send back. The FinSpy Agent is not able to see the target. On the target laptop, I opened a wireshark to see the traffic and saw that target did successfully completed the http 3 way handshake, but after the 3 way handshake, there is an bad data request error. How do we resolve this?',1,1,'18ADFB30',1,NULL,1,69,'en','2013-10-23 19:15:05','2013-10-23 17:15:05',NULL),('18E1639C','Unable to update to 3.6 and wrong Machine ID with the licence key','After I successfully imported the new licence it extended the validity period, but it does not upgrade to v3.6. It says there is no internet connection, but I am sure there is.\r\n\r\nThe licence key and the machine id does not match. See attached screenshot\r\n\r\nRegards\r\nZAR \r\ncyberiakicksass@gmail.com',3,4,'18E1639C.docx',1,'The problem were solved. Both laptops are up to date now.',4,28,'en','2013-07-23 10:31:04','2013-07-23 13:18:16',NULL),('194EF1AD','trojan generation','Dear Support Team,\r\n\r\nWe cannot generate either bootable iso image or bootable infection dongle, \r\nI attached the error massage and our software version is 4.40.1427\r\n\r\nPlease help us find a solution,\r\n\r\nRegards,\r\n\r\nZoltan\r\nHungary SSNS',1,3,'194EF1AD.png',1,'

Dear Customer, <br />please be informed that an suitable mail has been sent to <br />the email address: balogh.peter@nbsz.gov.hu<br /><br />Please see the mail below:<br /><br /><br />Dear Customer,  

\r\n

\r\n

*TrackingID:* 194EF1AD *Related Product:* FinSpy *Request Type:* Annoyance *Summary:* trojan generation *Description:* Dear Support Team, We cannot generate either bootable iso image or bootable infection dongle,  I attached the error massage and our software version is 4.40.1427 Please help us find a solution, 

\r\n

I\'d like to inform you, that we have a solution for your Problem. Please find the required download link below. =\"https://www.gamma-international.de/FinFisher/0012A3F0/FinSpyAgent.4.40.zip.gpg\" class=\"moz-txt-link-freetext\">https://www.gamma-international.de/FinFisher/0012A3F0/FinSpyAgent.4.40.zip.gpg</a>

Username: 0012A3F0
Password: F1nF1sher4You

If you have any questions, please do not hesitate to contact us.

Best regards,',4,73,'en','2013-11-12 11:10:24','2013-11-13 14:43:22',NULL),('19ADD5DE','Latest Manual Request','Hi,\r\n\r\nglad to be back! Can we please have a copy of the latest user manual. The one we have is from version 1.4 as we are totally rebuilding our server as the old one was taken offline after the public disclosure in July last year. In the coming days you will be seeing a new licence request for the new machine ID as soon as our engineers have rebuilt it. They have requested a copy of the user manual so they can see the build instructions.\r\n\r\nMany Thanks.\r\n\r\nAdam\r\n',1,5,'19ADD5DE',1,'

An email with the download link for the latest manuals was send on 5/10/2013.

',4,14,'en','2013-05-09 10:02:06','2013-06-21 11:27:29',NULL),('19D9D269','Bugs on Symbian OS and Android OS','1. Bugs on Symbian Anna - Nokia C6-01\r\nYesterday when I tried to install Finspy to this mobile, some problems happened:\r\n- When I clicked Tracking on Live Session, the system immediately sent an encrypted messaged to the targeted mobile and the tracking function did not work.\r\n- When someone made a phone call to this target mobile, after a few seconds the mobile interrupted the call and active the enviroment recording function. A recording files named Phone call recording appeared on Analyzized data list.\r\n- When I made a Spy Call, the mobile was ringing and the number 8888 appeared on the screen.\r\n2. Bugs on Android 2.3.3 - HTC Desire Z\r\n- The tracking function did not work too.\r\n- Sometimes the sysem created .DAT files instead of .apk.\r\n\r\nSom of these problems have gone out when I tried to install Finspy again. So I think the system is not stable, each time I test, some new problems apprear. You should find out the causes and fix them in your new coming versions. \r\nThank you very much.\r\n\r\n',14,2,'19D9D269',1,,2,48,'en','2012-12-20 09:37:55','2013-01-07 15:48:13',NULL),('1B71C2F1','trojan generation','Hi,\r\n\r\nThanks for the previous answers, I managed to install the Agent to the other laptop.\r\n\r\nBut I still cannot generate infected USB dongle nor ISO image.\r\nI attached the screenshot, with the error message.\r\n\r\nRegards,\r\n\r\nZoltan',1,3,'1B71C2F1.jpg',1,'An corresponding email has been send.',4,73,'en','2013-09-26 08:48:46','2013-09-27 06:22:18',NULL),('1BB9021B','some targets Export Evidence wont work','some targets Export Evidence wont work - it starts counting evidences and closes count windows without error message',1,2,'1BB9021B',0,'

\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>An corresponding email has been sent.

\r\n\r\n\r\n\r\n',2,47,'en','2014-03-05 09:18:18','2014-03-05 14:04:41',NULL),('1C7AEA3A','M$ Security Essentials detects FinSpy trojan','I build a trojan and attached it to an executable, put it on one of my webservers and downloaded it to an windows mashine running M$ Security Essentials.\r\nM$ SE detected the trojan as FinSpy.',1,1,'1C7AEA3A',1,'Dear Customer,

please be informed, that problem has been fixed with version 4.20.

Best regards,

FinFisher Support',4,55,'en','2012-08-21 09:26:53','2012-10-12 10:58:35',NULL),('1D0384A6','OSX Infection 2.62 to 3.01','A target with version 2.62 appears online but is displayed as version 3.1\r\n\r\nThe option to update the target was never displayed.\r\n\r\nUpon entering configuration of the target and trying to add the Command Module the module flashes on the left column and eventually times out giving the error: Adding the module Command Shell on Target failed: Target detected connection closed.\r\n\r\nThis also happens when trying to add the Screen module.',1,1,'1D0384A6',1,'A suitable mail has been sent.',4,14,'en','2011-08-30 06:56:33','2011-09-08 10:45:51',NULL),('1D42818D','Connection Failure','Sometkhing happened with FinSpy master. FinSpy agent can not connect to the FinSpy master. It gives error message/Connection failure:Connection to teh master was terminated unexpectedly. You will need to reconnect in order to continue. ',1,1,'1D42818D',1,'Problem has been fixed by Skype on Sunday.',4,27,'en','2012-03-10 06:43:55','2012-03-12 17:34:09',NULL),('1D801515','certificates','There is a zip file containing 5 certificate files in it. Should I copy them to somewhere in the newly installed windows7 environment?\r\nAs I said I can ping the server, but the connect button wouldnt change to blue and I cannot push it. If I switch back the cable to the Lenovo L420 I can connect, but cannot create infections. Thats why we prepared another laptop...',1,3,'1D801515',1,'An corresponding email has been send.',2,73,'en','2013-09-25 17:09:15','2013-10-16 11:46:49',NULL),('1DFD693B','detection','AVAST detects executed exe as infection\r\nSoftware version: Win7_64, AVAST2014 free version\r\n\r\ninfection usermode UAC bypass., empty troj. without modules',1,1,'1DFD693B',1,'This bug has been fixed with the release version 4.51.',4,56,'en','2014-01-31 15:28:44','2014-04-23 08:12:03',NULL),('1E0A914C','want to install it in new machine ','could you send me the program and manual to install it in new machine As soon as possible. When it will support new Microsoft Office document. ',1,4,'1E0A914C',1,'Tutorial has been sent by mail',4,21,'en','2012-04-05 07:32:02','2012-10-11 16:36:47',NULL),('1F16DF86','Possibility to obtain data from target PC without target PC connection to Master','In same cases we can obtain all recorded data from target PC with physical access to it . if target for some reason cannot connect to Master. Can be very nice if we could have tool for decrypting and viewing obtained data without sending it to the Master and / or possibility importing obtained data into Master.\r\n\r\n',1,5,'1F16DF86',0,'A corresponding email has been sent',2,56,'en','2013-12-05 14:56:48','2013-12-11 11:00:50',NULL),('20ED92A0','UPCOMING OSX MOUNTAIN LION','Hi,\r\n\r\nWe have a current development version of Mountain Lion and confirmed that the existing FinSpy is not compatible. While test we have noticed that the infection when installed, does install but OS X then freezes after about 30 seconds, we think this may be linked to the heartbeat of the device.\r\n\r\nWe thought we would make you aware of what we are seeing currently. Were forward planning for imminent OS releases.\r\n\r\nRegards',1,5,'20ED92A0',1,'OSX Mountain support has been added.',4,14,'en','2012-07-11 00:36:55','2012-10-11 17:09:53',NULL),('22154C83','Connection Failure','--Connection to the master was terminated unexpectedly. You will need to reconnect in order to continue. --\r\nThis is the error which occurs every time when there is some new data material on a target - Data on Target.\r\n Prior to this error, the agent disconnects. After again connecting the agent, it works until it encounters the same problem. Sometimes, this happens every minute depending on target activity.',1,1,'22154C83',1,'A corresponding email was sent.',2,58,'en','2014-06-30 13:37:26','2014-07-15 11:00:49',NULL),('2380A5E4','Admin Workstation Problems with version4.30 ','When we remove target name other informations like IP......... comes. But when we put target name again lost all information except target name.',1,3,'2380A5E4.png',1,'An special email has been send with detailed information\'s to fix this issue.',4,27,'en','2013-03-15 04:53:52','2013-06-21 11:38:09',NULL),('23EEC5C3','column saving','Is it possible to memorize the columns shown in the table in computer systems panel, instead of the default columns which are loaded each time the agent program start. In this case we would not have to re-include interesting columns every time.',1,3,'23EEC5C3',1,'Problem has been solved with the 4.10 release.',4,58,'en','2012-03-21 22:42:45','2012-07-19 12:42:52',NULL),('242E22D4','Agent looses contact with target + weird behaviour target','When I open in Live view the File access module, I leave it open and then I open the forensic module, the agent looses connection with target. So at this stage Im in the situation again like Ticket Nr 96DCBD43. Also the same solution can be used. What worries me really here is that I have opened task manager and firefox on the target and these 2 began switching between each other and Task manager came partially into the firefox window -see attachment.\r\nThis only happens apparently when task manager is opened. If I open wordpad and firefox for example and I reproduce the bug then the latter doesnt happen. Also, sometimes a window looses its titlebar -see attachment.',1,1,'242E22D4.rtf',1,'Referring to your mail, the ticket will be closed.',4,61,'en','2012-06-06 13:52:17','2012-07-05 08:31:17',NULL),('2461649A','FinSpy Relay','is there an install guide available for the installtion of the relay in Centos? whild I can ru and configure the relay.cfg ok, I cannot get monit working properly with ffrelay. ',1,3,'2461649A',1,'The required information has been sent by mail.',4,14,'en','2011-07-19 09:28:30','2011-07-22 15:31:06',NULL),('25E72758','Comodo','When we try to infect PC with comodo firewall installed it gives us message block or accept connection. When we choose block it does not work and when we chose accept connection it gives one more message internet explorer asking permition. even when we already infect PC from configuration comodo SW we can diconnect the trojan connection. And from comodo we can see all connections from PC IP port ... etc. even if we use active hiding.',1,1,'25E72758',1,'A suitable mail has been sent.',2,27,'en','2012-02-11 05:21:58','2012-02-13 15:09:34',NULL),('267421A4','MSI installer infection','It would be great to be able to infect MSI-installers',1,5,'267421A4',1,,2,55,'en','2012-08-21 09:29:44','2012-08-22 14:52:14',NULL),('284C0819','Update of user mod infection not working','Hello,\r\n\r\nI upgraded from version 4.50 to 4.51. There was no problem on FinSpy server, and relay server.\r\n\r\nLast step was test upgrade process of user mode infection on my computer. Upgrade process on client was successful. But after target go offline and after some time online, I turned off and turnet on my computer there is still old version! Computer is Windows 7 Ultimate with installed service pack 1 and 64 bit version updated do 3.march 2014\r\n\r\nI try to remove all modules and make update process again. Still with the same result.\r\n\r\nThanks for you reply',1,1,'284C0819',0,'

\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>An corresponding email has been sent.

\r\n\r\n\r\n\r\n\r\n\r\n\r\n',2,88,'en','2014-05-20 14:50:36','2014-05-21 11:31:38',NULL),('29D6412F','Enquiry on openssl and heartbleed vulnerability','On the FinSpy Agent laptop, there is an openssl software installed. Would like to what is it for? Also recently there is this heartbleed vulnerability, would like to check are the agent laptop, relay server and finspy server vulnerable to this heartbleed vulnerability?',1,3,'29D6412F',1,'

\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>An corresponding email has been sent.

\r\n\r\n\r\n\r\n\r\n',4,69,'en','2014-04-11 08:11:13','2014-04-23 08:12:32',NULL),('2B87D52A','BOOTABLE ISO FILE','Generating infection through ISO FILE does not work. Error message: Creating infection failed ... code 1.',1,2,'2B87D52A.png',1,'Problem has been solved. A suitable Agent has been sent by Skype',4,85,'en','2013-10-16 21:59:05','2013-10-18 12:27:04',NULL),('2C84DEE7','Buttons show-export-delete are invisible','In the agent, when the descriptions in the field are too long, then the buttons beside the metadata are too far away and we always need to scroll for each record to the end of the screen, while theres a lot of whitespace between these metadata and the action buttons. Is it possible to put these buttons directly behind the metadata or to be able to order the fields ourselves by dragging and dropping the field that contains the buttons to the front of the list?\r\n\r\nThanks\r\n\r\nWim',1,3,'2C84DEE7',1,'Dear Customer,

please be informed, that the Action buttons location has been adjusted accordingly.

Best regards,

FinFisher Support',4,61,'en','2012-06-06 11:13:43','2012-10-12 11:13:00',NULL),('2CD652AA','Android Platform','Currently only contacts/address, target history and calender module received. No sms, whatsapp, etc. Phone model Samsung Galaxy Note 2 android 4.1.2 and GT-i9000 galaxy S android 2.3.5.',14,2,'2CD652AA',1,
,2,46,'en','2013-05-02 04:38:45','2013-05-02 09:50:28',NULL),('2E03BC93','FFrelay config','We just would like to know if in the relay.conf can we add a 2nd hop. \r\n\r\nCFG_NEXT_HOP_1 192.168.0.49, 1111\r\nCFG_NEXT_HOP_2 10.10.10.10, 2222\r\n\r\nIf possible what does this mean. Will it follow the first hop forever until timeout or intelligently detect it has been using the first hop too much and so decided to change to the 2nd HOP.\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n',1,5,'2E03BC93',1,'A suitable mail has been sent.',4,46,'en','2011-07-27 06:36:21','2011-08-31 10:23:24',NULL),('2E97D056','Detected by Avira Antivirus','The infection is detectable by the Avira Antivirus on target machine. This happened in a scenario when the infection was created with features MASTER BOOT RECORD INFECTION and ACTIVE HIDING ON TARGET both disabled. The message from Avira specifies presence of a TR/DROPPER.GEN trojan in the infection.\r\n\r\nThis also happens when we are creating target. We have to disable antivirus installed on Agent to generate the infection. ',1,1,'2E97D056',1,'The problem has been solved with the 4.20 release',4,32,'en','2012-02-17 06:34:15','2012-10-11 13:36:28',NULL),('2EDB11BA','Target data did not call back after upgrading from 4.50 to 4.51','After I upgrade to 4.51, my old and new target did come online. But it only shows Data available on target. Did not see any data coming in. Even I click analyse data, there is no data. If I do a live session, there is no issue. But I am not able to see normal data like keylogger. The only change I did on the server is upgrade to 4.51 and also remove the software win32openssl software on my agent desktop.\r\n\r\nCheck that the relay hash value of 4.50 and 4.51 are the same. Did not upgrade the relay to 4.51. Do I need to upgrade the relay from 4.50 to 4.51?\r\n\r\nIf I want to test again whether the issue is 4.51, by reinstalling 4.50 ggi on the master and proxy server, will that work? Will that downgrade to 4.50?',1,3,'2EDB11BA',1,'

\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>An corresponding email has been sent.

\r\n\r\n\r\n\r\n\r\n',2,69,'en','2014-04-15 15:22:13','2014-04-17 07:17:43',NULL),('306ACAEF','Connection problems','Hello,\r\n\r\nWe have two problems with the connections to tartgets.\r\n\r\nFirst of all we tried to infect a target which is in Windows domain\r\nbehind of HTTP proxy and Cisco ASA firewall. The connection is established and\r\nthe target is online, but if we try to configure the target or\r\nwe would like to start a live session, the target goes to offline for few seconds\r\nand then online again. We get an -307 The target is offline error messages.\r\nThis case repeats continuously. \r\n\r\nWe updated the agent to 4.40 and we would like to update every online targets, and\r\nin some cases we get an -324 The target is busy running an update error messages\r\nand the update failed.\r\n\r\nRegars',1,2,'306ACAEF',1,'A  corresponding has been sent.
',2,73,'en','2013-09-09 14:51:08','2013-10-16 11:51:14',NULL),('307A9B70','schedule to get file folder tree from target device and schedule files download','possibility to define disk and folder maximum depth.\r\nGet file and folder list according to configuration.\r\n\r\nWe will get possibility to analyze disk/folder content offline and prepare to download needed files when target will be online or we could schedule file download.\r\n',1,5,'307A9B70',0,'A Feature Request ticket has been opened for the development.
As soon as we have more information, you will be informed.',2,56,'en','2014-02-12 10:32:46','2014-04-23 07:47:35',NULL),('313A45C2','Request for relay software without branding','Would like to request to have a version of the relay software without branding, eg, Gamma, Finspy, relay, ffrelay. The logging should not have the branding as well.\r\n\r\nReason is that if there is any investigation or researchers is trying to gather information, they would not track down that the hosting relay server is using FinSpy.',1,4,'313A45C2',1,'There is no branding in the relay software anymore.',4,69,'en','2013-04-01 04:41:24','2013-06-21 11:32:50',NULL),('3184AAF5','console doesnt show cyrillic','console - command prompt - doesnt show cyrillic ',1,2,'3184AAF5',0,'A corresponding E-Mail has been sent',2,47,'en','2013-12-10 12:05:48','2013-12-11 10:47:59',NULL),('33F941D7','Screen Module - Dual Screen recording','If you have more than one screen configured for your Windowsnot Clone then you only ever get screenshots of the main or default screen. \r\nIf you change it even during live recording the next screenshot is always from the monitor configured as the main.',1,5,'33F941D7',0,'A corresponding E-Mail has been sent',4,47,'en','2013-12-10 12:01:54','2013-12-11 10:52:15',NULL),('341922EF','another evidence export error','another evidence export error. see attachment.',1,2,'341922EF.txt',0,'

\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>An corresponding email has been sent.

\r\n\r\n\r\n\r\n',2,47,'en','2014-03-10 08:19:02','2014-03-10 07:52:02',NULL),('35064FA6','test attachement','test attachemen',1,2,'35064FA6.txt',0,,4,19,'en','2012-02-09 12:48:19','2012-02-10 18:38:28',NULL),('3580C702','Packed Finspy Mobile with legal softwares','We have a difficult situation while trying to install Finspy Mobile at distance - it mean not physically: The Finspy software can not be packed with legal software so in case we cheat the target to install an update version of his/her mobile phone system, nothing happen after the target downloaded and installed our Finspy Mobile software. It will make the target suspect and check again.\r\nSo we really think that you should develop new feature that make the Finspy mobile software to be able to packed with other legal softwares. When we cheat the target open the legal softwares, the Finspy Mobile will secretly install to the target s mobile phone. Thanks.',14,5,'3580C702',1,,2,48,'en','2013-07-04 11:51:36','2013-07-05 13:45:04',NULL),('368C72A3','parallel target infection with FFWeb payload failed','Multiple parallel Target infection with Web payload doesn’t work reliable. Most of the time only one target will jump “under infection” and the other targets stays in “ARP poisoned” modus. Download infection seems to be more stable and reliable, but should also be heavily re-tested again.',2,2,'368C72A3',1,,2,88,'en','2013-10-14 12:09:18','2013-10-16 11:39:24',NULL),('3779CFC9','Download Speed Issues','Download Speed Setting on Trojan seems to be inaccurate\r\n\r\nComments:\r\nIssue raised with Munich',1,2,'3779CFC9',1,,2,88,'en','2013-09-23 11:53:48','2013-10-16 11:50:44',NULL),('396BC639','Relay for windows not provided anymore','Relay for windows not provided anymore.',1,1,'396BC639',1,'After consultation is the Windows relay not required anymore, therefore we will close the ticket',4,15,'en','2012-10-05 16:34:16','2012-10-15 15:31:34',NULL),('3A5071D0','Email alert','We need new feature witch would send us email notification when new target comes online for the first time. There is only alert settings for targets which are already in the list, but none for the new one. Maybe, this feature can be added in general configuration or as another step in process of creation a new target.\r\nThank you!',1,5,'3A5071D0',1,,2,58,'en','2012-03-20 08:53:56','2012-03-22 16:57:14',NULL),('3D71EF3F','Use low characters as MAC address for MAC spoofing will trigger an error.','Use low characters as MAC address for MAC spoofing will trigger an error.',5,2,'3D71EF3F',1,,2,88,'en','2013-10-09 09:08:20','2013-10-16 11:44:58',NULL),('3E9495C8','Anti virus AVG blocks functionality in agent','Some functionality of the agent/system do not work when the AVG AV tool is active. For example the keylogger module.',1,3,'3E9495C8',1,'A corresponding email was sent',2,68,'en','2014-06-12 15:18:11','2014-07-15 11:02:02',NULL),('3EB89798','Request for softcopy of latest user manual','Would like to request for the latest softcopy of the FinSpy user manual',1,3,'3EB89798',1,'

\r\n<pre>\r\n<pre>An corresponding email has been sent.

\r\n\r\n',4,69,'en','2014-02-18 04:50:00','2014-02-18 10:30:16',NULL),('3ECB554C','file access module download queue','Some kind of download queue should be implemented so that operator can send files to download queue from file access module. If the download is interrupted it should resume not restart next time user comes online. Usefull in cases when operator wants to download a large file pst for example over a slow network connection.',1,5,'3ECB554C',0,'A corresponding E-Mail has been sent',2,47,'en','2013-12-10 11:50:06','2013-12-11 10:50:17',NULL),('407C3B0E','4.3.1 HTTP Tunnelling support','If our relay server is not using gamma relay server software, our relay server is using normal linux iptables forwarding which forward all packet fronm the target to the proxy server, upon our proxy server updating to 4.3.1 which provide HTTP Tunnelling support, will the proxy server be able to accept packet from the relay server since the relay server does not have HTTP Tunnelling?',1,3,'407C3B0E',1,'An mail has been send with the information that they are able to use the system without our relay software.',4,69,'en','2013-05-20 03:08:05','2013-06-04 08:22:35',NULL),('407DF102','Analyse daya view','It would be a nice feature to define in analyse data to view only data with certain importance levels.',1,5,'407DF102',1,,2,27,'en','2011-12-22 13:11:23','2011-12-28 13:28:43',NULL),('411A08F3','Inquiry - Support','Is there a way of recreating the capability of Zipping Images of Screenshots collected during live session to be available for Scheduled tasks and automatic recording\r\n',1,5,'411A08F3',1,,2,88,'en','2013-09-23 12:26:17','2013-10-16 11:48:20',NULL),('412E0BAE','Link to download the latest update','Hi guys,\r\n\r\nI was sent an update email about a month ago from Holger re the finweb update. I have deleted the email unfortunately and neglected to grab the link first....sorry. Can you please resend me the download link. I tried updating it online but I get a /.../bin/update not accessible message. \r\n\r\nMany Thanks\r\n\r\nAdam',13,4,'412E0BAE',1,'Another email with the download link was send on 5/10/2013.',4,14,'en','2013-05-09 10:04:17','2013-06-21 11:26:26',NULL),('413FD3BF','infect win 8.1 enterprise x64 en','Dear Support Team,\r\n\r\nThank you for the latest solution, no we can generate usb dongle/exe agents again. \r\nBut we encountered a new issue: we cannot infect a test HP pavilion dv6 test laptop with the Finspy vith USB dongle. It looks like as it was infected, but no TCP connection builts out in between the target and relay server. I deliberately did not tick for active hiding for testing purposes, and no TCP connection was seen in netstat. I tried to deploy the infection 2 times with no success.\r\n\r\nBest regards,\r\n\r\nZoltan ',1,3,'413FD3BF',1,'

\r\n<pre>An corresponding email has been send. The ticket is closed.

\r\n',4,73,'en','2013-11-18 16:38:22','2013-11-19 11:21:37',NULL),('417B7B13','Record ID not match ...','Hi support \r\n\r\nAfter updating from version 4.32 to 4.40 I have noticed that you have added a new field into the meta file called Record ID, this is great !! but in some case i have some issue, for example, in a day a have multiple keylogger sessions, but in some case the record id is different for the same day, without a master reboot see attached file for more inforamtion.',1,2,'417B7B13.rar',1,,2,81,'en','2013-10-09 16:28:01','2013-10-16 11:39:36',NULL),('41DFB04C','Demo','just to explain the customer the procedure... - done by pk -',1,5,'41DFB04C',1,'This was a test from PK.',4,88,'en','2013-09-17 10:03:26','2013-09-19 08:24:35',NULL),('4252F63B','Licence File for New Master ','Machine ID: 89:B4:69:2B:12:EB:62:6D\r\n\r\nCan you please supply the appropriate licence file for our new Master which is currently under construction.\r\n\r\nkind regards,\r\n\r\nAdam',1,4,'4252F63B',1,'Mail with the new license has been send.',4,14,'en','2013-06-04 07:10:59','2013-06-04 08:21:06',NULL),('439750B4','Blackberry - HTTP Tunneling Issues','Unable to fully test http tunneling due to Network Issue, Customer has a special network setup which caused a challange to test this.\r\n\r\nComment: \r\nPlease check what is possible',14,5,'439750B4',1,,2,88,'en','2013-09-23 12:03:57','2013-10-16 11:50:20',NULL),('43C252DE','Comments should be exported together with the data','Feature request that the comments made to a recording should be exported together with the Data.',1,5,'43C252DE',0,'A corresponding E-Mail has been sent',2,47,'en','2013-12-10 11:52:37','2013-12-11 10:49:48',NULL),('43D8CA21','Size indication on target - how much is available to download','Possibility of Server indicating how much information on the target is available for transfer to Server\r\n\r\nComment:\r\nThis is incase too much information has been gathered on Target and transfer would highlight infection',1,5,'43D8CA21',1,,2,88,'en','2013-09-23 12:15:18','2013-10-16 11:49:23',NULL),('46C00C80','Cannot update again','Hello I tried to update finspy master to 4.40 but connection to server failed.\r\nAfter it I check this:\r\nnmap -PN -p 42662 update.gamma-international.de\r\nbut port 42662 closed.\r\n\r\nDo you use other port to update now?',1,2,'46C00C80',1,,2,73,'en','2013-09-09 09:36:39','2013-10-16 11:51:23',NULL),('47B05680','certain problems ','While we were testing and working with your system Fin Inrusion Kit, we noticed certain difficulties, especially concerning option Network – LAN Intrusion.\r\n\r\nThe system occasionally wasn’t detecting all connected users while performing wireless network scan and as far as detected users are concerned the percent of detected operating systems and MAC addresses used is very low. During abovementioned operation, in several cases the application had crashed by itself, so we had to restart it all over again and start scanning procedure from the beginning.\r\n\r\nSystem had problems concerning option Network Sniffer with certain domains like Yahoo, internet forums and similar things. In the same option Network Sniffer, under SSL Options from time to time comes up the warring about certificate error, even when HTTPS Emulation is chosen. In several cases system wouldn’t start the Wireshark program. \r\n\r\nSome of the perceived problems were solved after performing software updating form initial version 2.0 to version 2.4, such as problems with jamming clients and the number of application crashes was lowered as well.\r\n',5,2,'47B05680',1,,2,58,'en','2012-05-28 09:49:06','2012-06-06 12:44:38',NULL),('489E762A','infected target version','infected target version is still an old version\r\neven if i sit auto for target update\r\n',1,2,'489E762A',1,'A suitable mail has been sent.',4,21,'en','2011-02-14 08:15:00','2011-06-01 13:15:14',NULL),('48B55E65','Live Session Timeout','If Agent 1 disconnects properly via Disconnect from the target it sometimes takes 30 minutes or more that Agent 2 can connect to the target.\r\n',1,2,'48B55E65',1,'After consultation by Skype, the problem will be closed',4,27,'en','2011-12-22 13:05:22','2012-01-31 15:10:18',NULL),('49EFB788','evidence export activity.log content','Hello,\r\n\r\non evidence export there are file activity.log. This file contains target proxy address - first proxy address where targets connects.\r\n\r\nIs it possible to remove on activity.log file proxy address information? Because it gives too much information on our installation and courts does not need that information.\r\n\r\nIf you have any additional questions please connect trough Holger Skype account.',1,5,'49EFB788',0,,2,47,'en','2012-01-19 12:49:53','2012-01-23 09:49:31',NULL),('4A3BC1CB','Unable to create bootable iso image and bootable infection dongle','During the creation of Trojan, we tried both bootable iso image and bootable infection dongle, application exception error occur and the finspy agent is terminated. Attached is the screenshot of the error for both bootable iso image and bootable infection dongle.',1,3,'4A3BC1CB.docx',1,'

An corresponding email has been send. The ticket is closed.

',4,69,'en','2013-11-13 03:35:32','2013-11-15 11:24:37',NULL),('4BE740B2','Re-infection fail on Win7 32-bit virtual machine','After removing infection from agent and target moves to archive list, virtual machine is shut down and restarted. Attempts to re-infect fails - Target does not appear on Master.',1,2,'4BE740B2',1,,2,69,'en','2012-10-12 09:48:37','2012-10-15 11:31:09',NULL),('4C282C96','Offline Trojan v.1','To be added to previous request:\r\n\r\nMethod of Transfering Offline obtained Data from the Target to the Server\r\n\r\nComment:\r\nIn case target rarely goes online\r\n\r\n',1,5,'4C282C96',1,,2,88,'en','2013-09-23 12:20:43','2013-10-16 11:48:54',NULL),('4C6F5E8B','target data is dissapearing','on target we receive only keystroke data - all other data is dissapearing after download manual or automatic - other data - screen rec, skype calls etc\r\n\r\ndebug log about this issue is sent over the skype\r\n\r\n',1,1,'4C6F5E8B',0,NULL,1,47,'en','2014-04-04 07:25:44','2014-04-04 05:25:44',NULL),('4CCC55EA','target wont switch another relay','target mac os x 10.9.3 fs 4.51.\r\ntarget have configured to use 2 different relay hops. but it wont switch between relay hops.\r\n\r\ni test couple of time:\r\n1. stopped relay1 - target heartbeated and communicated\r\n2. started relay1\r\n3. stopped relay2 - target went offline and didnt communicate\r\n4. waited 30 minutes - target still offline - it didnt switch relay\r\n5. started relay2 - target became online again\r\n',1,2,'4CCC55EA',0,NULL,1,47,'en','2014-05-23 12:28:29','2014-05-23 10:28:29',NULL),('4CF7E883','Relay','I cannot find the new 4.40 relay installer.\r\nCould you tell me where can I find it?',1,3,'4CF7E883',1,'A corresponding email has been sent.',4,73,'en','2013-09-04 09:38:55','2013-09-19 09:01:05',NULL),('4D515378','BA831F71','Please close support ticket BA831F71. Culprit was found to be an out of date version of ffmpeg2theora.n As soon as this was updated problem was rectified.',1,2,'4D515378',1,'According your feedback the ticket will be closed',4,14,'en','2011-09-12 08:14:10','2011-09-15 08:07:45',NULL),('4E66199F','Specs for release 3.6 are outdated','Specs for version 3.6 are not updated or incomplete:\r\n- HW List old laptop is listed, \r\n- Target List W2K is still listed, Windows 8 is missing,\r\n- Client Software is listed without any version number e.g. Outlook Express, Firefox, Chrome, IE etc.\r\n',3,4,'4E66199F',1,,2,88,'en','2013-10-09 09:14:05','2013-10-16 11:42:54',NULL),('50EB2496','Target with mbr infection did not go online after reinstalling windows','I infected a target running windows 7 ultimate 32 bit using MBR infection. The target appears online. After that we perform a reinstallation of windows. The reinstallation of windows did not delete or recreate any windows partition. However, the target is not able to come online after reinstallation of windows.',1,2,'50EB2496',1,'

A suitable mail has been sent with the information, that there is unfortunately nothing we can do because on an reinstallation and on an upgrade of Windows the MBR section will be reinstalled too.

',4,69,'en','2013-11-07 08:01:04','2014-04-23 09:27:14',NULL),('52440344','Scheduler - add Forensics tool','The Forensics tool should be added to the Scheduler in order to automatically execute Forensics Tools at specific times.',1,5,'52440344',0,'A corresponding E-Mail has been sent',2,47,'en','2013-12-10 11:53:59','2013-12-11 10:49:22',NULL),('52A2F802','Removed infaction','1-We have a Problem with some targets that it been deleted by it self with out remove the infection from the target it goes to archive by it self.\r\n\r\n2-For infection with MBR : we infect a test PC from our side and we format the PC normally after when we chick it it loses it infection when we told from your people that MBR infection that survive from the formatting ',1,2,'52A2F802',1,'A suitable mail has been sent.',4,29,'en','2011-02-19 10:16:59','2011-06-01 12:39:09',NULL),('52EA62A4','Customized Metadata selection of a trojan+Icon Changer','Once we create a trojan, the metadata in the properties of the file show random association with another software. Currently, firefox, adobe etc are being used.\r\n\r\nIt is suggested that there should be option for us i.e. user to control the metadata properties of our choice. \r\n\r\nAn option of ICON CHANGER for .exe may also be added as a new feature which should not be much difficult but very helpful. ',1,5,'52EA62A4',1,,2,32,'en','2013-01-23 10:08:50','2013-01-28 10:10:21',NULL),('55AF0437','Data analyze','When we open a target on data analyse screen appears only new screen recordings. And when we statr searching it shows everything, this means old analyzed datas also. ihis crates uncomfort when operator works.',1,3,'55AF0437',1,'

\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>An corresponding email has been sent.

\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n',4,27,'en','2014-05-28 14:29:38','2014-06-17 09:40:54',NULL),('561199B6','how does fwd relay choose which nic IP to use for the forwarding','My fwd relay server have 2 nic ip address. Would like to check how does the fwd relay determine which ip address will be use for the forwarding? Also is there any way which we can set it to use a particular ip for the forwarding?',1,3,'561199B6',1,'The required configuration parameter has been sent by mail',4,69,'en','2013-08-16 05:30:17','2013-08-26 14:34:47',NULL),('5619E1AC','Blackberry sync infection','Infected application is passed to Blackberry on sync but fails to start and heartbeat to the master.\r\nTested BB Bold 9780 and Torch 9860 running V7.x\r\nBoth BB will infect and remove when software is run manually.',14,2,'5619E1AC',1,'A corresponding email has been sent.',2,87,'en','2013-09-06 08:54:16','2013-10-16 11:51:33',NULL),('56C15033','Bootable USB Key Failure','Version 3.0. When building an infection and requesting creation of a bootable usb key the following message is occurring:\r\n Infecting the files failed. Writing the bootsector to the usb dongle failed 1. 2 different FinSPy USB keys have been tried with the same results.',1,1,'56C15033',1,'A suitable mail has been sent.',4,14,'en','2011-08-17 12:07:55','2011-08-31 10:17:49',NULL),('56CCC776','Exported data should contain html meta file ','Exported data should contain html meta file / web page with reference to exported files / as its used in FinUSB.',1,4,'56CCC776',1,'Dear Customer,

the feature has been added in version 3.0.
A suitable mail has been sent.

Sincerely yours,

FinFisher Customer Support',4,15,'en','2010-11-16 10:00:36','2011-07-08 15:48:15',NULL),('56FD442E','D8179365 track id answer','Hello!\r\n\r\nWe copied the connection information to txts, and attached the sreenshots.\r\nThese are the most usually errors:\r\n- Error code 1: \r\nwe plugged the cable correctly, and the settings what we knowed, we set, but we got this this error code back sreenshot_u.png\r\n- when we thinked the hack was correct:\r\nthe hack went 1-2 minutes and we get sreenshot_w.png, but it not works.\r\n\r\nThank you!',12,2,'56FD442E.zip',1,'

\r\n<pre>\r\n<pre>An corresponding email has been sent.

\r\n\r\n',4,73,'en','2014-02-26 14:09:36','2014-05-22 09:32:39',NULL),('56FE8D65','Strange behaviour on Infected Android Device','Strange behaviour on Infected Android Device, like Target giving error message about Android Update when Android received a Phone Call, and also some encrypted texts where visible in inbox of Android that were sent from the Server.\r\n\r\nComment:\r\nSimilar Android Device sent to Munich for analysis',14,2,'56FE8D65',1,,2,88,'en','2013-09-23 11:50:49','2013-10-16 11:50:59',NULL),('5741416B','Jam dedicated WLAN client will jam all clients','wireless -- network -- select AP + select connected client should jam only selected WLAN client but is jamming all clients from AP\r\n\r\ncurrently it is only working in mass jammer',5,2,'5741416B',1,,2,88,'en','2013-10-09 09:52:37','2013-10-16 11:40:26',NULL),('5847C991','Trojen detected by AntiVirus','When using FinFly Web V2.0 Static Module the antivirus detects the trojen and it can be seen clearly by a popup.\r\nPlease find the attached screen shot of what is dispalyed on the screen. \r\n\r\nWhen Using iFrame module:\r\n1- some webistes doesnt open in Background e.g. Youtube, Facebook, twitter. \r\n2- the trojen popup comes behind the Youtube video in the self created website and in some websites the trojen does not appear at all.\r\n\r\nKinldy reveiw and revert back on this issues.\r\n',13,1,'5847C991.jpg',1,'Regarding the upcoming version, no more modifications will be conducted on the current version. A suitable mail has been sent.',4,29,'en','2012-02-20 06:33:20','2012-03-01 11:22:16',NULL),('588B45BA','Target infected via MBR infection fails after Switch User','When a Vista 32-bit virtual machine is infected via MBR infection and Switch User is used, the agent does not work until target is rebooted. The agent is shown as online on Master but no data is returned.',1,2,'588B45BA',1,,2,69,'en','2012-10-12 09:53:29','2012-10-15 11:31:18',NULL),('58B8F177','Agent GUI - Crashed','Crashed when Agent activated Emergency Configuration for Android Device\r\n\r\nComment:\r\nIssue raised with Munich',14,2,'58B8F177',1,,2,88,'en','2013-09-23 11:52:37','2013-10-16 11:50:51',NULL),('59106924','Local proxy','On a small local network configured proxy and everyone goes to the internet with this proxy. We infected a target PC and we can not see him on agent PC.',1,1,'59106924',1,'A suitable mail has been sent.',2,27,'en','2012-02-09 13:42:28','2012-02-13 15:09:48',NULL),('591BFBBF','Skype audio/video calls recorded one participant only','The Skype audio/video call recordings are one side only - only remote participant is recorded. Local participant is not recorded and audio channel is empty.\r\n\r\nIn windows environment we can use VOIP module as workaround, which also records Skype audio conversations. But on Mac OS X environment there are no such workaround.',1,1,'591BFBBF',0,'

\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>An corresponding email has been sent.

\r\n\r\n\r\n\r\n',2,47,'en','2014-03-04 14:38:07','2014-03-05 14:04:54',NULL),('5A47A6CC','enumeration','we would like to have an enumeration feature on the FinSpy GUI, allowing us to see how many records there are in the target session. We would like it to be as follows:\r\ne.g.\r\n1. captured keystrokes\r\n2. captured keystrokes\r\n3. microphone recording\r\n4. Voip\r\n5. microphone recording\r\n6. Voip\r\nJust a simple enumeration.',1,5,'5A47A6CC',1,'A ticket was opened regarding the enumeration already. Please see TrackingID:* E79C119F',4,27,'en','2012-03-06 04:45:54','2012-03-08 12:39:08',NULL),('5AC972CF','4.50 AV list','Would like to request the antivirus list result for FinSpy version 4.50.',1,3,'5AC972CF',1,'

\r\n<pre>\r\n<pre>An corresponding email has been sent.

\r\n\r\n',4,69,'en','2014-02-18 04:11:29','2014-02-18 10:30:28',NULL),('5AF27241','Heartbeat randomized','Feature request to give the heartbeat a random function, so that it cannot be traced as easy as a regular heartbeat.',1,5,'5AF27241',0,'A corresponding E-Mail has been sent',2,47,'en','2013-12-10 11:53:27','2013-12-11 10:49:30',NULL),('5C422746','Data submission to the LEMF','Hi support\r\n\r\nAfter updating the master and client to version 4.40 I have some issue on the lemf interface.. for keylogger files now i receive only the new data, in the version 4.32 i receive the full data at every submission, have you changed some submission logic ? is possible to have a matrix of the module/submission type, like : keylogger - incremental, screenshot - differential, etc ect ...\r\n\r\nThanks in advance.\r\n',1,2,'5C422746',1,'By agreement via Skype, we found out that it was not a bug.',4,81,'en','2013-10-09 16:17:15','2013-10-10 10:03:11',NULL),('5C89D6DB','This is a test for the Attachments','Hello 123\r\nPlease find attached....',1,3,'5C89D6DB.png',1,,4,19,'en','2014-03-10 13:08:12','2014-04-23 08:58:41',NULL),('5D14C9B0','Target is not able to come online after upgrading to 4.40','I have just upgraded my FinSpy on my testing environment to 4.40. I tested by infecting a new laptop, the target appear online on the agent laptop. Shortly after a few minutes, the target went offline even though the target laptop is still up. If I do a reboot or restart the networking services on the master server, the target will goes back online. But after a few minutes, it went back offline again. Additional info: The relay server is up and it did sent syn packet to the server. On the master server, the status using netstat is sync_received. From Finspy master log: \r\n\r\nINFO: TIO: target 0x666A106C comes online Trojan: test345 Comp-Name: USER01-PC Inst-Mode: Kernel\r\n\r\nINFO: Unable to add new entry for Trojan 37236673 to Crypto Key List: there is already an entry\r\n\r\nWARNING: Unknown Meta-data 0xFE3A80 from target 0x666A106C\r\nINFO: TIO: Timeout, Master hasnt got heart beats from target 0x666A196C for longer than 32 seconds, set it to offline',1,1,'5D14C9B0',1,'After consultation with the customer over mail, this ticket can be closed.',4,69,'en','2013-09-17 15:11:45','2013-09-25 10:24:14',NULL),('5EEE903D','Please give us the version 4.30 as soon as possible!','We have a target running Android OS version 4.0.2. Our latest version of Finspy Mobile 4.21 did not support this. Because it is an emergency situation, so can you give us the Finspy Mobile 4.30 immediately? Please respond us as soon as possible. Thank you very much.',14,5,'5EEE903D',1,'The 4.30 Release is available.',4,48,'en','2013-01-30 10:40:56','2013-03-08 10:39:00',NULL),('5F02C478','ClamAV blocked Webinfection','Tested Target had ClamAV installed, which silently were blocking our injected Javascript Code.\r\nas soon as the AV was disabled, the injected code was executed. \r\n\r\nGamma have to test FFWeb with against common AVs. if it is blocked, Gamma should try to find a way to bypass the AV with modified Javascript Code.',13,2,'5F02C478',1,,2,88,'en','2013-10-14 12:11:28','2013-10-16 11:39:14',NULL),('5F153E62','Blackberry Infection does not show up on the Agent','Created a Trojan and infected a blackberry phone 9780 for testing purposes. During the trojan installation, i noticed that it does not ask for permissions to be set, neither does it ask for a device reboot.\r\nThe infected device does not transmit an sms heartbeat, neither does it ever show up on the system',1,2,'5F153E62',1,'The problem has been solved during a Skype session. For BB only port 80 is supported.',4,65,'en','2012-10-04 10:39:04','2012-10-29 16:56:25',NULL),('5F3D02E2','VMWare Indicator','now its detect virtual environment if we are using this option. but if the infection is not excecuting on virtual environment then it should delete exe itself not leave it on virtual machine',1,2,'5F3D02E2',0,'A corresponding E-Mail has been sent',2,47,'en','2013-12-10 12:00:53','2013-12-11 10:48:25',NULL),('5F8B6ABF','Target Removal Indication on server','A way of indicating on the Server that the removal of the Trojan on the Target has been successful\r\n',1,5,'5F8B6ABF',1,,2,88,'en','2013-09-23 12:23:34','2013-10-16 11:48:31',NULL),('610B04AD','Support for windows live mail application','We have today outlook and thunderbird support but win live mail would also be nice',1,5,'610B04AD',0,'A corresponding E-Mail has been sent',2,47,'en','2013-12-10 11:42:57','2013-12-11 10:51:27',NULL),('6149E7C3','The target limit is reduced to only 20','As per the contract we have an allowance of 35 tagets in total on FinSpy. But for the last 2/3 weeks, we are limited to only 20 targets. Please see in to the issue so that we can do our operations in full. \r\n\r\nThank you.',1,2,'6149E7C3',1,'A suitable mail has been sent.',4,32,'en','2011-05-07 14:15:17','2012-05-08 14:32:32',NULL),('63950E50','trojans lose connection','Hello,\r\n\r\nSince we upgrade our finspy to the version 4.30, trojans go in for losing connection.\r\nI dont know what the matter is.\r\nI cut some lines from finspy_proxy and finspy_master log and attached it.\r\n\r\nRegards,',1,2,'63950E50.log',1,,2,73,'en','2013-04-18 10:23:44','2013-05-02 09:49:35',NULL),('6395DBC4','predefined target configuration','Possibility to save target configuration and load it for new targets.\r\nWe will load default configuration with few clicks and modify it if needed.',1,5,'6395DBC4',0,'

A Feature Request ticket has been opened for the development.<br />As soon as we have more information, you will be informed.

',2,56,'en','2014-02-12 10:22:45','2014-04-23 07:53:27',NULL),('641EB107','VoIP module records Skype conversation','We tested a trojan with skype and VoIP modules. VoIP was configured to record voice with any VoIP app. Our Skype conversation was recorded two times, once in the voip module and once in skype. if our target is using an unknown VoIP client to commit his crime and Skype for communication with his girlfriend, the court order will deny tapping skype, but will allow to tap ANY VoIP client. In our opinion, the VoIP module should be able to tap any VoIP communication but Skype.',1,1,'641EB107',1,,2,55,'en','2012-10-26 17:15:22','2012-10-29 11:18:22',NULL),('6582BC63','Queries on using linux forwarder on relay instead of using Gamma relay software','Would like to check that if I configured my relay server to use linux ip forward instead of using the gamma relay software, will there be any issue?',1,3,'6582BC63',1,'An special email has been send with detailed Information\'s.',4,69,'en','2013-03-25 06:54:58','2013-06-21 11:35:35',NULL),('65E4530E','Agent keeps disconnected and master cannot update','From the agent PC, connection always closed unexpectedly. This happen in just a minute or two every time.\r\n\r\nAt the moment master is at 4.30. I was trying to update manually, a pop up message appear to update to 4.31 then I click yes. However no update is running, even when i login back from the agent. I did this a few times just to be sure.\r\n\r\nAlso please find snapshot display of the server. It keeps displaying this message.\r\n\r\n',1,1,'65E4530E.jpg',1,,2,46,'en','2013-05-01 07:28:41','2013-05-02 09:50:18',NULL),('677A9C84','USB Infection Generation ERROR','Dears,\r\nreferring to our discussion with Mr. Holger, here we can explain more our issue related to the USB infection:\r\nwhen we select to do a direct USB infection, we have tick options to be selected as following:\r\n1- Master Boot record of HD\r\n2- Vista Windows 7 user mood infection\r\n3- Active hidding on target.\r\n\r\nwe do tick all the options above, to secure all the chances not to lose the target. we reach to know that once we select the first option ,which is very important to us, we get immediately an error with a title: Generation infection faild.\r\n\r\nPlease note that if i disable the first option, the ganeration can be easily done. but we totally need the first option to be active while the generation. so please kindly let us know the solution as this is a priority. \r\nwe had informed Mr. Holger about it. and he got a copy of the error. and i am attaching-uplaoding- the same picture of the error for your kind information',1,1,'677A9C84.jpg',1,'A suitable mail has been sent.',2,29,'en','2011-11-02 07:44:08','2011-11-02 18:03:40',NULL),('68164DC9','Keyword Search','Keyword search through all keyloggings.',1,5,'68164DC9',1,,2,27,'en','2011-12-22 13:13:10','2011-12-28 13:28:05',NULL),('6A77AEFC','Infection detected by norton','Hi support\r\n\r\nI donot know if this kind of support request can be considered a critical bug, this is to inform you that the infection is detected by the Norton internet security, the infection is an empty infection, without any modules.\r\n\r\nSee attached file for more details.\r\n\r\nBye',1,1,'6A77AEFC.zip',1,,2,81,'en','2013-04-30 11:33:36','2013-05-02 09:50:04',NULL),('6D35778B','licence error and internal wireless card authorisation','When starting FinIntrusion, the License setting indicates that the machine UID is wrong which I believe is related to the macchanger function. \r\n\r\nSecondly, when FinIntrusion is started, the internal wireless card is disabled. Could this be enabled to allow MITM and AP passthrough functionality ?',5,2,'6D35778B',1,'

A suitable mail has been sent.

',4,49,'en','2013-01-25 02:20:11','2013-06-21 12:24:23',NULL),('6E51EFE8','another buffer overflow occurred','another buffer overflow occurred on server. kern.log in attachment.',1,1,'6E51EFE8.txt',0,NULL,1,47,'en','2014-03-10 11:52:21','2014-03-10 10:52:21',NULL),('6E66676A','keyword filter','We would like to have such a keyword filter feature, allowing us to search for a specific keyword not in a single keyloger record but in all the keyloger records of the target.',1,5,'6E66676A',1,'A ticket regarding this topic was already opened. We will follow up with TrackingID: 68164DC9',4,27,'en','2012-03-06 04:39:07','2012-03-08 12:31:25',NULL),('6EF15A4A','Keylogger doesnt catch Fn keys','Keylogger doesnt catch Fn keys. So its not possible to catch charakters typed with help of combination Fn / Alt / Number from numeric keyboard.',1,2,'6EF15A4A',1,'A corresponding mail has been sent.',2,15,'en','2010-11-16 09:57:06','2010-12-01 11:56:13',NULL),('6FF600BF','Activate Camera and Key Log.','1. Active Camera\r\nThe new function allows the master to send command to Finspy to activate the camera to capture everything around the mobiles.\r\n2. Keylog\r\nThe users often log in email, chat... through smartphone, so the Finspy should have the key logger function.\r\n',14,5,'6FF600BF',1,,2,48,'en','2012-12-20 09:51:44','2013-01-07 15:48:02',NULL),('7028CBD6','inside client software evidence export check signature gives sometimes error','inside client software evidence export check signature gives sometimes error',1,2,'7028CBD6.txt',0,'

\r\n<pre>\r\n<pre>\r\n<pre>An corresponding email has been sent.

\r\n\r\n\r\n',2,47,'en','2014-03-05 09:30:58','2014-03-05 08:53:15',NULL),('70B5625C','not monitored ','finspy_master status not monitored ',1,2,'70B5625C',1,'A suitable tutorial has been sent.',4,21,'en','2011-12-05 10:23:54','2012-10-11 16:41:18',NULL),('7256ED61','Windows Logon Bypass CD crashing target system','“Windows Logon Bypass” CD aka “Konboot” is too old and was crashing some systems blue screen – e.g. Lenovo T500 / W7/32bit/Enterprise. Tested with newer version and the blue screen disappear and we were able to unlock the system! ',3,2,'7256ED61',1,,2,88,'en','2013-10-09 09:07:14','2013-10-16 11:45:48',NULL),('75760D86','FS Agent Popup','If the FS Agent is in fullscreen-mode and then throws a popup - the popup will be in the background. Means the FS Agent needs to be closed to work with it. Agent is running Windows 7.\r\n',1,2,'75760D86',1,'A suitable mail has been sent. The problem will be fixed in the upcoming version.',2,27,'en','2011-12-22 13:06:58','2012-01-31 15:14:59',NULL),('75D192EC','timestamp screenshots','we came to the conclusion that screenshots taken from the target are not individually timestamped. This will be a problem for the acceptance, because if not each screenshot is timetamped, the evidence - the screenshots in this case - cant be used in court, because it wont get accepted.',1,4,'75D192EC',1,'Dear Customer,

please be informed, that the required feature has been implemented.

Best regards,

FinFisher Support',4,61,'en','2012-06-05 08:46:46','2012-10-12 11:10:55',NULL),('7669D1CD','Target display name on agent console for multiple targets with 1 trojan','If I create a Trojan name test and I infect it on 2 laptop, the first target will display as test on the agent console, the second target name will appear as what name? Or both the exfiltrated data will be stored under as 1 target name test?',1,3,'7669D1CD',1,'

An corresponding email has been send.

',4,69,'en','2013-09-24 10:53:29','2013-09-27 06:36:03',NULL),('766DBA23','Kaspersky warning','Trojan installs but give a warning on every boot, process id xxx is trying to inject into another process. The infected system is running windows xp 32bit service pack 3 with Kaspersky AV 6 for windows workstations. Screen shots attached\r\nKaspersky stopped the process and tried to put it in quarantine but it fails.\r\niexplorer.exe appears again in process list.\r\nTrojan is active and sending data to the server.',1,1,'766DBA23.zip',1,,2,58,'en','2012-02-16 10:52:46','2012-02-20 13:37:25',NULL),('77F03A28','problems with infection','Our finspy system can not MBR infect a windows 7 Home premium edition pc even if we have administrative previllage.\r\n\r\n3 out of 5 FinFly dongles we bought with the system are not working anymore.',1,2,'77F03A28',1,,2,31,'en','2012-04-24 15:09:54','2012-04-26 10:38:49',NULL),('785A33CE','infect win 8.1 enterprise x64 en','Dear Support Team,\r\n\r\nI tried the infection on a completely different hardware and it doesnt work.\r\nThe test system :clean installed Windows 8.1 enterprise x64 on a Dell Inspiron Laptop.\r\nI did with the exe what you said in the last emails 1st point.\r\n\r\nRegards,\r\n\r\nZoltan',1,3,'785A33CE',1,'This bug has been fixed with the release version 4.50.',4,73,'en','2013-11-20 15:02:07','2014-04-23 09:09:37',NULL),('797AE97E','MSN Messenger msnmgr','No incoming chat was able to retrieve only outgoing.',1,2,'797AE97E',1,'The MSN chat keystrokes will be recorded with the keylogger module, therefore it is not possible to get incoming messages through it. We recommend to use the Screen Module.  A suitable mail has been sent.',4,46,'en','2012-04-14 04:35:02','2012-04-18 08:55:54',NULL),('797C3424','Mac Version 10.7','Having the possibilty to use FFWire on MacBookPro version 10.7 and higehr',12,5,'797C3424',1,,2,61,'en','2012-10-24 11:03:29','2012-10-25 08:30:15',NULL),('7AE38720','Error appearing in log','Mon Dec 12 16:05:32 2011 0xb4dc4b70 ERROR: Error opening file /usr/local/finspy_master/data/finspy_allowed_modules.txt',1,2,'7AE38720',1,'A suitable mail has been sent.',4,14,'en','2011-12-12 05:57:52','2011-12-16 15:57:32',NULL),('7BDE0CD6','mtest','mtest',4,4,'7BDE0CD6',1,'closed',4,19,'en','2012-04-20 17:31:13','2012-04-20 16:00:18',NULL),('7C7D2140','Offline File Browser + Scheduled File Download','Offline File Browser\r\n\r\nTo be able to browse files and folders of attached hard drives while the target is offline for analysis while no live file access session to the target can be established.\r\n\r\nScheduled File Download\r\n\r\nAfter analyzing the folders/files during a targets offline period - a check box can be marked for selected files/folders to be downloaded next time the target goes online - whenever it is. ',1,5,'7C7D2140',1,'

\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>An corresponding email has been sent.

\r\n\r\n\r\n\r\n\r\n',2,93,'en','2014-03-17 11:26:21','2014-04-17 07:20:13',NULL),('7D5843D0','Add flag to put rootkit asleep and to waken the rootkit','We may only intercept data when we have a warrant from the judge. sometimes a waarant is valid from one date to another. The last valid day, we normally should get a new warrant. But sometimes this comes 1 week later. So what we would like to do is putting the rootkit asleep at the last day of the warrant, and waken the rootkit again on the first day of the new warrant.\r\n\r\nThis functionality has been asked during the meeting on the 14th of january 2014. Thanks very much!',1,5,'7D5843D0',0,'

\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>An corresponding email has been sent.

\r\n\r\n\r\n\r\n\r\n\r\n',2,61,'en','2014-04-01 14:50:45','2014-04-17 11:04:49',NULL),('7D74DD26','Some problems we met when using the system.','1. SMS export:\r\n- The system generates exports to .txt files, one message to one .txt file. These txt files has missed some important information like incoming and outgoing phone numbers, Contact name, …\r\n- If the system exports one message to one txt files so it will takes us a lot of time to summarize everything and make reports. \r\nSuggestion: \r\n- Exports all of the new messages to single csv or excel file. You need to mark what messages has been exported before, so next time the system only exports the new messages. The file exported include many columns, each column represent for one information like: phone numbers, date time, content…\r\n2. The contact list\r\n- When the contact list is too long and the period of a connection is not enough for one time sending, then the next time the system will send the contact list from the beginning, not from where the last sending ended. Another problem is if the contact list haven’t sent completely, the sms and call logs are still on the queue. It will waste a lot of time. \r\nSuggestion:\r\n- Change the priority: SMS, Call log send first, Address book later.\r\n3. Bug with Android spyware generate:\r\nWe have tried to generate Android spyware before, it was ok. But now when we click Generate button, it take us quite a long time for waiting, and then the file being made was not .apk as usual, it was .dat files. We want to know how to fix this problems. \r\n',14,3,'7D74DD26',1,,2,48,'en','2012-11-21 05:22:17','2012-12-05 09:59:12',NULL),('7D8AA359','change email address supoort ','Hello, I saw that the e-mail for the contact person is my private e-mail address - wim.bordeyne@telenet.be\r\n\r\nCan you please use the following email address as primary contact address: h.isrd@skynet.be\r\nAnd my private mail address as secondary contact?\r\nThanks\r\n\r\nsincerely,\r\n\r\nWim',1,3,'7D8AA359',1,'A suitable mail has been written.',4,61,'en','2012-06-05 09:08:53','2012-06-06 08:58:57',NULL),('7DD6EF5B','Comments box not updating to logged on user','Hi, when I am logged on as a certain user and add comments to a certain job, I log off and log back on as a different user and add comments, then the comments are added under the previously logged on user.\r\n\r\nSee screen shot. User 40111 was logged on then logged off and 26081 logged on and tried to add a comment to a mouse clicks session. The comments were still being added as user 40111 even though they had logged off. Logging off then logging back on under 26081 seems to clear the problem though.',1,3,'7DD6EF5B.png',1,,2,49,'en','2013-08-22 06:41:12','2013-08-26 14:34:22',NULL),('7E29F27F','keylog viewer','When we open keylog viewer on one of our agents time of entered sites are different than other agents. It shows 2 hours late.',1,2,'7E29F27F',1,'After consultation, the problem has been fixed by adjusting the timezone on the Agent',4,27,'en','2012-01-23 07:23:54','2012-01-31 15:06:45',NULL),('7F299240','export connected wireless client list','export connected wireless client list e.g. for black/white list for mass jammer',5,5,'7F299240',1,,2,88,'en','2013-10-09 10:22:58','2013-10-16 11:40:04',NULL),('7F4B69C0','Lack of Communication with Airtel Nigeria Provider','Some tests were carried out using a Data bundle plan and Blackberry Internet Service for a Service provider - Airtel Nigeria on Symbian Nokia 500, Android Galaxy Pocket and Blackberry 9780.\r\nOn each instance the device would take ages before it sent an sms heratbeat, after which the target would not send any other heartbeat to the agent - No matter the actions carried out on the device to prompt it.\r\nEven changes to the configuration of the Trojan/ Emergency configuration never get sent/delivered to the target.\r\nWe would like to know whether any development could be done to get around the peculiarities of Network providers in Nigeria, especially Airtel.',1,4,'7F4B69C0',1,,2,65,'en','2012-10-11 19:07:13','2012-10-15 11:30:50',NULL),('830421F9','Offline Trojan','Possibility of Gathering Data from Target offline using a Tactical Device like USB or other transfer method\r\n\r\nComment:\r\nIn case target rarely goes online and physical access is available',1,5,'830421F9',1,,2,88,'en','2013-09-23 12:17:21','2013-10-16 11:49:03',NULL),('848105ED','Autodownloading USB device content','Function request, which automatically downloads the files from attached USB Storage Devices. \r\nAs we have no way of determining the difference between e.g. a 128MB USB Stick and a 2TB USB Drive they would like to receive a recursive directory listing with the files present on the device, when it is attached. \r\nIdeally this list will include the file sizes and a possibility to download selected files.',1,5,'848105ED',0,'A corresponding E-Mail has been sent',2,47,'en','2013-12-10 11:58:47','2013-12-11 10:48:38',NULL),('86442430','Enable Http Proxy if configured','Would like to check that if we enable http proxy if configured option when creating an Trojan, if the target does not use http proxy but the option is enabled, will the data still be able to send back from the target pc to the finspy proxy?',1,3,'86442430',1,NULL,1,69,'en','2013-10-23 19:02:49','2013-10-23 17:02:49',NULL),('86846F6E','Skype support for Voip','Latvia customer wish to get support for Voip and especially support for Skype.',14,5,'86846F6E',1,NULL,1,19,'en','2013-11-06 14:08:26','2013-11-06 13:08:26',NULL),('872FF2BF','Timeout removal','We need additional values to chose from the list of values for Time-Out Removal during the creation of new target. We would like to have 3 Months and 6 Months because those are default values in judical writ.',1,4,'872FF2BF',1,'Feature has been implemented. 3 and 6 month are supported.',4,58,'en','2012-07-12 10:48:26','2012-10-12 10:42:43',NULL),('8848A372','broken infection - 192.168.0.89:2500 problem','remove infection automatically when configuration is broken, to stop PC spamming ip 192.168.0.89 port 2500\r\n\r\nUsually it happens when MS is updating Tuesdays something with windows updates that cause this problem with the some slow connection\r\n\r\nAll targets have different OS and different prog.',1,1,'8848A372',0,'A corresponding E-Mail has been sent',4,47,'en','2013-12-10 11:46:50','2013-12-11 10:51:17',NULL),('8A709FAC','U3_Launcher failed','environment:\r\nwindows xp pro sp3 with latest patches domain computer\r\nmcafee av with central management\r\nautorun disabled\r\n\r\nresult:\r\nlaunched U3 manually - it didnt start and reported error on win event log - see attachment',16,2,'8A709FAC.jpg',0,'Dear Customer,

unfortunately I have to inform you that we are not able to bypass the macafee anti virus product with the
current FinUSB loader. Please find a detailed anti virus overview for the current version within the
Release Notes section. In general the use can be difficult on domain computers, because there often
different user permissions, which avoid the proper execution.
\r\n

Sincerely yours,  <br /><br />FinFisher Customer Support 

',4,47,'en','2011-07-01 08:56:49','2011-07-07 12:29:52',NULL),('8AA32475','Enquiry on using iptables forwarding for relay','Would like to check whether will there be any issues or implications if we were to use iptables forwarding instead of finfisher fwd software for the relay.\r\n\r\nAlso will there be any issues or implications if our relay servers for the different country uses a mixture of iptables forwarding and finfisher fwd software?',1,3,'8AA32475',1,'

\r\n<pre>\r\n<pre>An corresponding email has been sent.

\r\n\r\n',4,69,'en','2014-02-20 04:43:27','2014-02-26 14:16:38',NULL),('8B1C0A1E','Remove default text “deployment SMS”. Prevent from sending this text by accident. ','Remove default text “deployment SMS”. Prevent from sending this text by accident. ',14,4,'8B1C0A1E',1,NULL,1,68,'en','2014-06-12 15:34:10','2014-06-12 13:34:10',NULL),('8B6EC012','sometimes screen recording is not record all activity','os: different win\r\ninstallation method: mbr,kernel,user\r\n\r\nsometimes some targets screen recording windows only options is not record all activity. on keylogger we can see, that target using different programs like word, chrome, skype same time. but on screen recordings we see only skype activity, others are missing.\r\n\r\nthis happens randomly and if we try it to reproduce then we failed - everything worked like suppose to be.',1,2,'8B6EC012',0,NULL,1,47,'en','2014-04-07 16:10:03','2014-04-07 14:10:03',NULL),('8C4D5177','Enquiry on the data file that is stored on the target laptop','Would like to enquire the data such as keylogger, screenshot and etc that is to be send back to the master server, is it all the data is stored in a single file or each module data is stored in different file?',1,3,'8C4D5177',1,'An corresponding email has been sent.',4,69,'en','2013-09-24 10:36:25','2013-09-27 06:38:16',NULL),('8DB12C5E','Laptops delivered with the agent licenses stop working','2 Laptops delivered with the agent licenses stop working. It concerns the Lenovo E520. Without any reason, they stop working. Apparently this is a common known problem since a lot of customers of Lenovo are having the same issues as we could see on the Internet.\r\n\r\nKindly request to replace the 4 laptops by other models or to have another workaround.\r\n\r\nThanks',1,3,'8DB12C5E',1,,2,61,'en','2012-10-24 10:52:48','2012-10-25 08:30:32',NULL),('8FBECCD2','64bit OS support','Dear support, can you please inform, when version of FireWire with 64bit OS support will be available? In roadmap, Q1 was announced.\r\nCustomer have urgent case.\r\nThanks and best regards\r\nRostislav Psota',12,3,'8FBECCD2',1,'64 Bit system are full supported in the meanwhile. A suitable mail has been sent.',4,15,'en','2011-06-02 08:20:01','2012-04-05 10:00:26',NULL),('90A46894','Email on iOS','Failed to capture outgoing or incoming email on iPad1 - 5.1.1 and iPhone 5 6.1.2.\r\nMail client Gmail, no data received',14,2,'90A46894',1,'A corresponding email has been sent.',2,87,'en','2013-09-06 08:49:21','2013-09-19 08:50:15',NULL),('90ECB4B8','selected monitoring mode in status message + log file','Network &#61664; “Monitor” Status Message should also contains the monitoring mode e.g. “non-ssl / https emulation / ssl-mim” etc.',5,4,'90ECB4B8',1,,2,88,'en','2013-10-09 09:15:49','2013-10-16 11:42:22',NULL),('9146CC82','Lost Target','Hi\r\n\r\nAs per conversations with Pierre. We have a target who is hitting the proxy but not appearing on the Master. Upon advice we turned on debug mode for a period. Looking at the logs, a normal target Connects, Heartbeats then Terminates. The target who is not appearing on the master is Connecting then Terminates and is missting the Heartbeat.\r\n\r\nAttached are the debug logs from the proxy and master form a time period when the target was hitting the proxy but not appearing on the master.\r\n\r\nThe Target UID is 7A54E70D',1,1,'9146CC82.log',1,,2,14,'en','2012-07-16 02:38:00','2012-07-16 14:30:02',NULL),('92EE9DD3','win8 : works but...','Dear Armend,\r\n\r\nWe infected with the exe 2 times. 1 hour pause in between after 1 and half hour it came online. It works but the modules are pretty limited as for the configurations.\r\nIt does not work so flawlessly.\r\nWe are going to test the USB dongle infections tomorrow since its the most common in practice.\r\n\r\nRegards,\r\n\r\nZoltan',1,3,'92EE9DD3',1,'A corresponding email has been sent',2,73,'en','2013-11-25 17:33:39','2013-12-11 11:03:07',NULL),('93A7355E','Skype: File Transfer','Most of the time and with most targets there are no files captured when transferred via Skype. Even though the Chat Log shows that the files were transferred. Target is WinXP, MBR, v.3.0\r\n',1,2,'93A7355E',1,'Problem solved with 4.00 release. As discussed by Skype it is important to update the target to the latest version, if the problem exists on a target.
---
As discussed, the problem is related to an active hiding problem, which is fixed with the upcoming version.',4,27,'en','2011-12-22 13:08:07','2012-10-15 15:28:45',NULL),('944F0DA8','BlackBerry data submission','Hi support, i have a problem with a BB data submission, on the master side I can receive the heartbit at regular interval , but no data is sent to master also if the user on the infected phone produce data for the installed modules like BlackBerry Messenger ...',14,2,'944F0DA8',1,'This problem was discussed over Skype and we found out that the configuration of the target was not correct.',4,81,'en','2014-01-09 10:26:15','2014-01-10 14:07:29',NULL),('94584CAA','operator network flapping when we use the system','On both mobile network side and fixed network side when we set a rule for targets operator complains us about network flapping. And users can not open their email accounts.',11,1,'94584CAA',1,'Problem has been solved with engineers on site.',4,27,'en','2012-03-28 14:50:51','2012-10-15 15:23:57',NULL),('949B14C3','HTTP proxy does not work on port 443','If we configure the target to use http proxy with port 443 it does not go online, while it works with port 80. Do you have any suggestion?',1,2,'949B14C3',1,'A corresponding email has been sent.',2,73,'en','2013-09-04 11:06:03','2013-10-16 11:52:06',NULL),('9691107D','Keylogger export','In stabdard agent GUI, in module keylogger, normal and special characters are presented in different way different font , so its easy to evaluate. This distinguishing is not in exported data Evidence protection export with html metadata , normal and special characters are written in the same way so evaluating is difficult. ',1,4,'9691107D',1,
,2,15,'en','2012-10-08 10:23:57','2012-10-08 13:03:47',NULL),('96DCBD43','Live view failure and online configuration failure','When target was online I tried to change the configuration. So I got the available modules and went to the module changed files. There I checked the checkbox all drives, unchecked it immediately and then clicked on the button save configuration while in fact nothing has been changed - just a check and uncheck of the same checkbox. At that moment there is no confirmation that the configuration on the target was saved and from that moment on, it isnt possible anymore to do a live view or a reconfiguration. In fact, because the target is still online, when you click configuartion, the agent connects but then hangs when obtaining available modules. I managed to solve the issue by bringing the target off line. So when I click configuration, I can configurate in the same way and save the configuartion and also get the confirmation that configuration was saved. Then when I bring back the target online, I can do a live view again or an online configuration. Of course, in a real situation, I have no control of the target and hence this could be a problem since some targets never come off line.',1,1,'96DCBD43',1,'Referring to your mail, the ticket will be closed.',4,61,'en','2012-06-06 11:06:27','2012-07-05 08:30:39',NULL),('96FB8725','Time Discrepancies','In the Agent we are noticing that some of the Target start times are the same as the Target end time or even after the End time.\r\n\r\nFor example:\r\nSTART SESSION TIME TARGET: 2011-02-03 19:15:44\r\nEND SESSION TIME TARGET: 2011-02-03 08:08:56\r\n\r\nThis file also contains data but is returning a file size of 0 B',1,2,'96FB8725',1,'Dear Customer,

the problem has been solved in version 3.0.
A suitable mail has been sent.

Sincerely yours,

FinFisher Customer Support',4,14,'en','2011-02-04 04:45:24','2011-07-08 15:48:53',NULL),('97693A7D','USB mass storage module','USB mass storage module, what will monitor all plugged mass medias and will make copy of files with ceratain extension office documents, images etc like a changed file module.\r\n\r\nUSB mass storage module, what will monitor all plugged mass medias and will make copy of directory and file list.',1,5,'97693A7D',0,'A corresponding E-Mail has been sent',2,47,'en','2013-12-10 11:50:47','2013-12-11 10:50:08',NULL),('97A24990','AV','Detected by AV programs. Mail servers detects immediately like mail.ru ',1,3,'97A24990',1,'An corresponding email has been sent.',4,27,'en','2014-05-28 14:20:36','2014-06-17 09:42:44',NULL),('97ADA93C','MAC OSX LION UNSUPPORTED','It seems as if osx lion is not compatible with the current Finspy. We have conducted initial testing and have been unable to infect the lion os at all. Did Gamma test this prior to Lion being publicly released? Our understanding is that all processed are now sandboxed in Lion. Is there going to be a formal announcement from Gamma regarding this at all? Current targets will upgrade eventually and we may be left with a situation where current targets will be becoming unusable when they do this.',1,1,'97ADA93C',1,'MAC OS X Lion support was added in release 3.02.',4,14,'en','2011-08-17 12:20:22','2011-09-26 13:56:36',NULL),('97B7C715','MBR Infection lost all modules after FS Master Upgrade','2x MBR Infection - Windows XP 32bit SP3\r\nOne of them is on 2.41 and one is on 2.51 \r\nMaster is 3.0\r\n\r\nAfter the upgrade to v3 the targets are online and connectible. Very fine. And everything worked flawlessly until the upgrade.\r\nExcept the fact, that *no* module is installed anymore and of course cannot be added. Means, no modules can be seen neither in live session nor in configuration.\r\nTherefore, the targets are useless since then.\r\n\r\nFYI: The attached error ./TargetActivity/$ID/$ID.log didnt show up anytime before and is Target reports error -10017 now reoccurring all the time. \r\n\r\n',1,1,'97B7C715.log',1,'A suitable mail has been sent.',2,35,'en','2011-07-26 11:25:40','2011-07-27 16:13:04',NULL),('97BD9032','Active / Passive Target detection ','Active / Passive Target detection currently we only support active target detection / identification',5,5,'97BD9032',1,,2,88,'en','2013-10-09 09:18:26','2013-10-16 11:42:00',NULL),('97F9B942','Teamviewer for win8.1 enterprise infection','Dear Armend,\r\n\r\nWe have set up a test system with windows 8.1 enterprise 64 bit and a Teamviever on it \r\nThe Teamviewer ID: 556 716 796, password: 4092\r\nWe are online from now.\r\n\r\nRegards,\r\n\r\nZoltan',1,2,'97F9B942',1,'The Windows 8.1 Infection bug has been fixed with the 4.50 Release.',4,73,'en','2013-11-25 10:35:58','2014-04-23 09:01:31',NULL),('9824ABFA','Generated CD ISO Infection.','Generated ISO Infection will not boot on some PCs. HP Desktop DX5150 and DC5100. Successful boot on old Sony Vaio and old HP Laptop.\r\nWill continue testing if required.',1,2,'9824ABFA',1,'Dear Customer,

please be informed, that the problem has been fixed with version 4.20.

Best regards,

FinFisher Support',4,56,'en','2012-01-12 15:33:34','2012-10-12 11:02:04',NULL),('98BEDBE2','license renewal','How do I go about renewing our license?',1,3,'98BEDBE2.htm',0,NULL,1,26,'en','2014-08-02 03:05:46','2014-08-02 01:05:46',NULL),('9A867948','Browser History + Cookies were not collected','Which exact browser versions are supported for browser history cookies?\r\n\r\nTested with Firefox 24 and Internet Explorer 10 &#61664; no history + where collected\r\n',3,2,'9A867948',1,
,2,88,'en','2013-10-09 09:06:31','2013-10-16 11:45:57',NULL),('9C1ABEB1','Session date time wrong','Hi support\r\n\r\nSometimes the meta file of the recorded information contain wrong information about date and time for the start and stop session.\r\n\r\nSee attached file for more details\r\n\r\nRegards',1,2,'9C1ABEB1.png',1,'This Bug will be fixed with the release 4.40.',2,81,'en','2013-05-09 12:16:37','2013-05-16 11:53:48',NULL),('9D59A409','Unable to install android trojan 4.20','We are tyring out new 4.20 trojan for android. We have remove trojan 4.10 trojan, however after restarting the phone and installing trojan 4.20, phone doesnt appear in the server. From the running services we can see Android Services running in the phone. Phone currently on Android 2.3.5. \r\n\r\nOn another note, trojan 4.10 install successfully on this phone, however Whatsapp messages doesnt appear in ther server.',14,1,'9D59A409',1,'A suitable binary to solve the problem was sent by mail.',4,46,'en','2012-09-27 08:48:04','2012-10-15 11:29:16',NULL),('9E142DF3','infection of really BIG executables is not working','The infection of a 3.5GB executable - a fat game installer - isnt working.\r\n\r\nMaybe size does matter...',1,3,'9E142DF3.jpg',1,'Regarding Operating System limitations, we are not able to support such big files.
A suitable mail has been sent.',4,55,'en','2012-08-17 13:47:55','2012-10-29 16:52:52',NULL),('9F18B9D4','program not working well','program not working well, could you send me the program and manual to install it in new machine As soon as possible.\r\nDose the new version support USB HARDDISK.\r\n',3,3,'9F18B9D4',1,'Problem has been solved during a Skype session.',4,21,'en','2012-04-05 07:33:10','2012-10-11 16:40:07',NULL),('9F4E1E62','Skype not recorded at all','One target is using Skype - confirmed via Screen session - but no Skype data at all.',1,2,'9F4E1E62',1,'Problem solved with 4.00 release. As discussed by Skype it is important to update the target to the latest version, if the problem exists on a target.
----
As discussed, the problem is related to an active hiding problem, which is fixed with the upcoming version.',4,27,'en','2011-12-22 13:07:44','2012-10-15 15:28:10',NULL),('A169FE42','Finspy Master Login Error','Since yesterday we are facing problem to login. We get the the following error\r\n\r\nerror is connection to the master terminated unexpectedly. you will need to reconnect inorder to continue\r\n\r\nWe are copying all the Finspy Master the system logs for your reference.\r\n\r\nKinldy look into this issue ASAP so that we can resume our work. ',1,1,'A169FE42.rar',1,'Problem has been fixed, with one of your engineers. A suitable mail has been sent',4,29,'en','2012-02-21 06:38:46','2012-02-21 11:58:13',NULL),('A2263BF0','keylogger mixup','When visualizing data, the keylogger module does not show the correct information. please see attachment',1,2,'A2263BF0.doc',1,'Regarding to your mail, the ticket will be closed.',4,61,'en','2012-06-05 09:05:24','2012-07-05 08:28:26',NULL),('A28D0ECD','rootkit doesnt report back anymore','We installed our first real targetsystem - MacBookPro 10.6.8. In the beginning rootkit reported back, but since 11th of October the rootkit doesnt report back anymore to the master. We did some tests with Pierre and Lucian: relayserver works fine for other test-rootkits - data comes to Master server for other test-rootkits. Please can you look with Pierre and Lucian how we can get data out of infected target pc, because target is online on regular basis and data reaches the relayserver.',1,1,'A28D0ECD',1,'All data have been sent to the master. The ticket will be closed.',4,61,'en','2012-10-24 10:50:06','2013-01-07 16:15:42',NULL),('A2BDD45D','Downlaod Speed - 8 KB / sec','We are facing an issue with downloading files from _every_ target system with the constant speed of exactly 8 KB per second. Never less, never more. This is what the progress bar shows in the File Access module. It also doesnt matter which target operating system is used or where they are gepgraphically located. Also file sizes dont matter - can be 500KB or 20MB. \r\nThe FS Master server allows a higher speed.\r\n\r\nFS 4.50\r\n\r\nEngineer Alex H. also tested it with the your demo server and randomly came to the same result. Partially it was downloaded in a heartbeat, partially also just wiht 8kb / sec.\r\n\r\nIdeas would be highly appreciated.',1,2,'A2BDD45D',1,'Our engineer Alexander Hagenah discussed the topic with you personally and we filed an improvement internally. As soon as we have an update on the issue, I will inform immediatly.
',2,93,'en','2014-03-20 13:20:43','2014-04-17 11:01:55',NULL),('A30DB806','Adding Module to target results in an error','Adding Module to target results in an error when changing config and saving.\r\n\r\nSaving the configuration failed: Saving the module configuration for 7CF4A5D6 failed: -10017 The module is not loaded\r\n\r\n',1,1,'A30DB806',1,'Problem has been solved with version 4.0',4,14,'en','2012-02-02 00:57:35','2012-02-20 14:13:04',NULL),('A3430BE1','some keylogger data is multiplied or even fourfold or moe','some textual data what keylooger is collecting displayed multiple times, sometimes even fourfold or more.\r\n\r\n',1,3,'A3430BE1',0,NULL,1,47,'en','2014-04-07 16:16:55','2014-04-07 14:16:55',NULL),('A40D75E2','Lodfiles scrolling','Pleaase, it will be very nice if you change scrolling direction in Log Viewer from the oldest to the newest or add a sorting/order by option. It is really annoying to scroll down to the end of a list every time we wont to see what is new in the log list.\r\nThank You.',1,3,'A40D75E2',1,,2,58,'en','2012-03-27 13:38:54','2012-03-29 16:03:12',NULL),('A42FC633','Browser Password Retrieval','It would be good to have a module which can sniff HTTP/S connections for HTTP/S POST parameters and their contents. More and more often Browsers change their behaviors in terms of storing passwords and hence browser passwords via Forensics Tools dont often work. Another scenario which becomes more and more popular is the use of 3rd party passwords storages instead of the internal browser storage e.g. like LastPass or XMarks. So neither of the embedded techniques would grab the password for popular services like GMail, Facebook, etc. and render those functionality useless.\r\n\r\nLastpass: https://lastpass.com/\r\nXMarks: https://www.xmarks.com/',1,5,'A42FC633',1,'

\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>An corresponding email has been sent.

\r\n\r\n\r\n\r\n\r\n',2,93,'en','2014-03-17 12:14:27','2014-04-17 10:57:44',NULL),('A4E952CF','additional configuration for screen module','Could be very useful if will be possibility to define different configuration of screen module for different events. For example for browser we can define settings with more large interval between screenshots and with less quality, but for chats we can use less interval.\r\nSo with this we can decrease data amount on less useful information.\r\nNow we need to find good compromise between different applications, but some of them generate a lot of data.\r\n',1,5,'A4E952CF',1,'

\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>An corresponding email has been sent.

\r\n\r\n\r\n\r\n\r\n',2,56,'en','2014-03-11 14:38:10','2014-04-17 07:19:54',NULL),('A6251F67','disintegrating infection removal tool','We currently have a situation where we have infected a target but have set a heartbeat that is too quick for the targets poor 3g connection. We now are in the unenviable position of being unable to have the target connect to the proxy/master and pickup the new slower heartbeat time. We cannot re-install a new infection while this situation exists. It would be handy to be able to have an exe that we can socially engineer to the target to remove the existing infection and then disintegrate so that it cannot be reused to disinfect any subsequent infections. ',1,5,'A6251F67',1,'Targets can be reinfected, so it is possible to change the configuration accordingly.',4,14,'en','2011-08-17 12:14:40','2012-10-11 17:07:28',NULL),('A65AE556','Skype on virtual machine fail ','Hi support \r\n\r\nThe skype module 4.32 always fail on virtual environment tested on VmWare 9 and on virtual box 4.1.2, guest os is windows seven ultimate 32 bit, same issue on seven home edition, when skype is executed an error is rised like can not open file c:\\program files\\skype\\phone\\skype.exe the file is in use by another process.\r\n\r\nIf you need some other information ... ask me.\r\n\r\nThanks in advance',1,2,'A65AE556',1,,2,81,'en','2013-06-26 19:45:54','2013-07-05 13:44:48',NULL),('A67F8A42','Remove default text “Send WAP push message”','Remove default text “Send WAP push message”',14,4,'A67F8A42',1,NULL,1,68,'en','2014-06-12 15:35:19','2014-06-12 13:35:19',NULL),('A77E078A','No configuration link on a mac target when it is offline','When a mac target is online, there is a configuration link which allows updating the configuration of the target and trojan. However when the target is offline, there isnt any configuration link. This only appears on a mac target. Linux and Windows targets have configuration links when the target is both online and offline.\r\n\r\nSystem is 4.21\r\nUser is logged on as Administrator with full access rights to all functionality\r\n\r\nThe attachment shows a mac target which has been selected in the agent. The drop down shows the links as\r\n-Analyse Data\r\n- Visualise Data\r\n- Evidence Protection\r\n- Target History\r\n- Remove Infection\r\n\r\nShould there be a configuration link on a mac target when it is offline ?\r\n\r\n',1,3,'A77E078A',1,,2,49,'en','2012-12-08 01:26:59','2012-12-10 12:25:22',NULL),('A94823E3','Remote master ethernet','The remote master laptop is delivered with PCMCIA ethernet card. Very often it happens, that ethernet connection is lost and the card must be pulled out and inserted back to get LAN connection working again.',1,2,'A94823E3',1,,2,15,'en','2012-10-08 10:31:20','2012-10-08 13:04:03',NULL),('A9A5F04A','Use FinUSB with own HW / Dongle','Customer wants to use their own USB dongle / hardware. How can they get their USB HW / dongle getting accepted by FinUSB HQ?',3,5,'A9A5F04A',1,'A suitable mail has been sent. The ticket was closed',4,88,'en','2013-10-09 09:19:14','2013-10-16 11:15:48',NULL),('A9FAF014','Down/Upload Packet counting','When a Target has a very bad network connection, the Target Down/Uploading files always fails. \r\nRequest to introduce a packet counter which will allow the System to wait some time for the files to transfer instead of discarding the connection right away and reporting a failure.',1,5,'A9FAF014',0,'A corresponding E-Mail has been sent',2,47,'en','2013-12-10 11:51:57','2013-12-11 10:49:58',NULL),('AA970B9C','Avast Free Antivirus kill Empty VISTA W7 USER Infection','In our location, Avast free Antivirus is one of the top used Antivirus solution if not no. 1. So we are not happy about that. We need response from your site what you can do with it. ASAP. \r\n\r\nIn your document from Jan 2014 Anti-Virus-Results-FinSpy-PC-4.50 you inform us that:\r\n\r\nAvast Internet Security 7 when I use Empty VISTA W7 USER Infection and try to install it like a USER then it:\r\n\r\nW732bit pass\r\nW764bit pass\r\nW832bit pass\r\nW864bit pass\r\n\r\nSo, I hope that free product Avast free Antivirus which is based on commercial product Avast Internet Security will work similarly. But not.\r\n\r\nInstall User will FAIL in W764bit, you can see it on attached screenshots.\r\n\r\nOur testing computer:\r\nOS: Windows 7 64 bit SP1 fully updated 3.3.2014\r\nAV: Avast Free version 2014.9.0.2013\r\nAV-DB: 140302.1 3.3.2014, 12:53 CET\r\n\r\nThank you for early responce.\r\nBye',1,1,'AA970B9C.png',1,'

\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>An corresponding email has been sent.

\r\n\r\n\r\n\r\n',4,88,'en','2014-03-06 11:39:38','2014-05-22 11:28:43',NULL),('AAFC3D6A','UEFI','New notebooks can not be infected by MBR',1,5,'AAFC3D6A',1,'An corresponding email has been sent.',2,27,'en','2014-05-28 14:23:01','2014-06-17 09:42:06',NULL),('AAFC76C1','Losing targets','After infecting a targets the targets works for few days only than he never comes online and we have to infect him agin, we notice that he is useing the same computer and same IP address. \r\n \r\nPlese contact us as soon as possible\r\n',1,1,'AAFC76C1',1,'

A suitable mail has been sent.

',2,29,'en','2011-10-20 07:30:57','2011-11-02 18:04:32',NULL),('ABCA70E1','offline cracker','load airodump pcap file and no wireless network is listed',5,2,'ABCA70E1',1,,2,88,'en','2013-10-09 10:46:29','2013-10-16 11:39:53',NULL),('AC1BDA35','screen recording zip archiving have issue','On server multiple zip files are created wich contains same image files.\r\nSo after some time when during export same information is exported multiple times and it takes much space on HDDs.\r\nIf needed more information, i can prepare it.\r\n',1,3,'AC1BDA35',0,'This bug has been fixed with the release version 4.51.',4,56,'en','2013-11-21 12:48:22','2014-04-23 09:04:13',NULL),('AD574382','problems','this is khalid from paksitan as per telphonic conversation with martin you have to get live access of our server for debugging i tried to contact with mr holger he doesnt come online for last three days and contact on ur no but no response from ur germany number plz do necessary action to rectify we are in great trouble',1,1,'AD574382',1,'Dear Customer,

the problem has been solved during a usual Skype support chat.
The ticket will be closed.

Sincerely yours,

FinFisher Customer Support',4,32,'en','2011-03-24 10:19:59','2011-07-08 15:45:47',NULL),('ADCA964D','trojan unable to deploy','Succesfully created the trojan but the trojan doesnt work to target PC.\r\n \r\nWe have tried embedding the trojan with images ,binary, pdf etcetera but when we double-click the infected file all it did was opening an image and the bit size of the image reduced to its original size. Meaning the trojan was removed from the image file. \r\n\r\nNeed your immediate action.\r\n\r\nWe have sent an invitation via skype.',1,1,'ADCA964D',1,'The behavior has been tested and solved  in a Skype conversation with the development.',4,46,'en','2011-12-27 14:29:14','2012-01-03 16:12:48',NULL),('ADEB4E4C','Self extracting zip executable melted with finspy trojan detected as virus on google drive','We melted finspy trojan with a self extracting zip executable and then upload to a google drive. When the file is downloaded from google drive, it is reflected as a virus by the google drive. Would like to check why it is reflected as a virus? Anyway to bypass it?',1,3,'ADEB4E4C',1,'An corresponding email has been sent.',4,69,'en','2014-05-27 10:32:39','2014-06-17 09:44:29',NULL),('AF7FB10B','Cannot update.','Hello I tried to update finspy master to 4.40 but connection to server failed.\r\nAfter it I check this:\r\nnmap -PN -p 42662 update.gamma-international.de\r\nbut port 42662 closed.\r\n\r\nDo you use other port to update now?',1,2,'AF7FB10B',1,
,2,73,'en','2013-09-04 11:39:06','2013-10-16 11:51:53',NULL),('AFE16BC6','license renewal','How do I go about renewing our license?',1,3,'AFE16BC6.htm',0,NULL,1,26,'en','2014-08-02 03:21:42','2014-08-02 01:21:42',NULL),('B16C7C62','Jitsi support in voip module','We need Jitsi voip app support in voip module.\r\nNow voip module is not recording calls made by Jitsi application.\r\nTested on Win7 64bit SP1.',1,5,'B16C7C62',0,'An corresponding email has been sent.',2,56,'en','2013-12-18 13:03:14','2014-01-10 14:10:52',NULL),('B19FD3D6','DLL installation','The FS manual does not describe the correct method for using the DLL installation vector that was released with the latest version of FS. Could you please provide instructions on how to use this and update the user manual accordingly.',1,3,'B19FD3D6',1,'A suitable tutorial has been sent by mail.',4,14,'en','2012-04-16 23:48:08','2012-10-11 17:08:47',NULL),('B1EA1F1E','The agent crashes when a target is opened','When the agent is logged on it gives an error message ERROR READING CONFIGURATION FILE. The screenshot is attached alongwith.\r\n\r\nAfter that when we click on an online target, the agent crashes down with no error message. The agent is not working completely. Please update us as soon as possible.',1,1,'B1EA1F1E.png',1,'Restarting the finspy_master process has fixed the problem',4,32,'en','2011-05-16 06:12:25','2011-06-01 10:15:31',NULL),('B23B2BA4','Forensic tools module- installed apps is not working','tested on Windows 8 Pro 64bit\r\nForensic tool - installed applications does not return list of installed applications',1,2,'B23B2BA4',0,'This bug has been fixed with the release version 4.50.',4,56,'en','2013-11-21 12:17:38','2014-04-23 09:06:58',NULL),('B4C94454','File access upload','Selecting File To Be Uploaded before browsing to a destination will set the default destination to C:\\ which cannot be changed and the upload fails.\r\n\r\nIf the file to be uploaded is re-selected, it refreshes the destination path to the one you chose initially.',1,2,'B4C94454',1,,2,69,'en','2012-10-12 09:33:22','2012-10-15 11:31:01',NULL),('B5C8BABB','Unable to configure offline Mac OSX target','As in summary, there are not in the limitation list in the release note. We consider this a bug.\r\n\r\nThank you',1,2,'B5C8BABB',1,,2,46,'en','2013-05-08 04:04:53','2013-07-05 13:45:36',NULL),('B6BAD942','Multiple Messages, request to add latest sent to whatsapp or sms on analyse data','This issue have been submitted before. There are a lot of duplication of SMS and Whatsapp of same data from top to bottom, everyday.\r\n\r\nIf this cannot be fix soon can you please add latest -time of sender- on analyse data overview as an additional column, so that we can quickly filter.',14,5,'B6BAD942',1,'

A suitable mail to get more information\'s about the problem was sent by mail.

',2,46,'en','2013-06-22 04:10:59','2013-06-24 06:40:31',NULL),('B71AF543','Critical issues in the system','Dears,Please note that we are facing a critical issue in the system, where we are not benefiting any more from this system. Please see below problems:we have more than 2 targets where they are physically connected online, but we are not getting any record accordingly. To be more in details: the target license is showing effectively downloading the full activity log, but it fails to transfer it or send it to the Master.even though, when we switch ON the mic of any target, we reach to know that he is active and talking BUT, no record has been transferred to us like before. I hope I am clear in the above points. Please remember with me the previous issue which occurred with the full system because of the last update sent to us, then the rectify of the issue which was sent to us by your technical team. We started experiencing the above issues specially after this incident. Please investigate urgently and let us know the solution. As we are in a big lose of data now\r\n\r\nOther problem is we are geting some time errors',1,1,'B71AF543.docx',1,,2,29,'en','2011-12-08 15:29:09','2011-12-08 14:50:14',NULL),('B76660CB','Analyze data crash the GUI','Please see the attached file, agent GUI crashes when selecting analyse data from the target in the database.',1,2,'B76660CB.zip',1,'A corresponding email has been sent.',2,87,'en','2013-09-06 09:19:20','2013-09-19 08:54:46',NULL),('B8C30EF8','user/agent cant change password','at the moment only the sysadmin can change user passwords, so every user has to come to our office to change his/her user credentials.\r\nEvery user/agent has to be able to change his/her password via the user interface.',1,3,'B8C30EF8',1,'Dear Customer,

please be informed, that the required feature has been implemented.

Best Regards,

FinFisher Support',4,55,'en','2012-01-30 16:05:57','2012-10-12 10:57:15',NULL),('B8CB8B6E','add support for Virtualbox, VMWare or other sw to keylogger','Now key-logger intercept keys only from host native OS. everything typed in virtual environment is not intercepted from host OS.\r\nCan be useful if could be possible to get pressed keys also from virtual environment without need to infect virtual guest OS.',1,5,'B8CB8B6E',1,'

\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>An corresponding email has been sent.

\r\n\r\n\r\n\r\n\r\n',2,56,'en','2014-03-11 14:25:43','2014-04-17 07:19:38',NULL),('B96609BF','Search Result - File Download','When searching for files within the File Access Module, it list the files matching the specified pattern but doesnt give any possibility to download the file. Which renders the functionality kinda useless. ',1,5,'B96609BF',1,'

\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>An corresponding email has been sent.

\r\n\r\n\r\n\r\n\r\n',2,93,'en','2014-03-18 15:10:43','2014-04-17 11:01:18',NULL),('B98E4CB3','How to get the Machine ID on spare server to generate the license','Would like to check if my server mainboard fail, and require to activate the spare server, how can I check that the Machine ID of the spare server so that you are able to generate the spare server license? I went into my spare server but in /var/log, it does not have the finspy_master.log file.',1,3,'B98E4CB3',1,'A suitable mail has been sent. As requested, ticket closed',4,69,'en','2013-10-08 06:18:18','2013-10-08 08:03:03',NULL),('BA831F71','Screen captures not downloading','There are several screen captures on the target, about 50-60, which are not downloading. Changing to manual and selecting an individual file does not resolve this. \r\n\r\nLooking at the target activity log i can see the request going out to the target to download but never completing.\r\n\r\n',1,1,'BA831F71',1,'According your feedback the ticket will be closed.
\r\n

Please close support ticket BA831F71.  <br />Culprit was found to be an out of date version of ffmpeg2theora.<br />As soon as this was updated problem was rectified.

',4,14,'en','2011-08-18 07:34:08','2011-09-15 08:04:08',NULL),('BADE9883','Possibility to delete collected data on target without downloading it.','Possibility to delete collected data on target without downloading it.',1,5,'BADE9883',0,'A corresponding E-Mail has been sent',4,47,'en','2013-12-10 11:48:27','2013-12-11 10:50:33',NULL),('BC6DE8DA','Failed login by agent','From our logs, there appears to have been an update early this morning which has broken the Agents access to the Server.\r\n\r\nIf at all possible, we require urgent assistance as we are waiting to conduct an install tonight.\r\n\r\nRegards\r\n',1,1,'BC6DE8DA.doc',1,'Dear Customer,

a mail with instructions and a suitable installer for the missing libraries, has been sent to the Aftersales email address.

Best regards,

FinFisher Support',4,49,'en','2011-12-01 06:19:24','2012-10-12 11:15:00',NULL),('BCD7A9CF','avast antivirus','can not install the infection file in operating system\r\nthat hase avast anti virus',1,1,'BCD7A9CF',1,'Problem has been solved with the updated version.',4,21,'en','2011-02-14 08:12:43','2012-10-11 16:35:16',NULL),('BD133B4F','Appeared problems after upgrading the system','When we open agent we can not see our targets immediately we can see them after 15 seconds. Is working very slow. And even when we see our targets we can not see all information about our targets. Target name, Target IP .... As soon as we remove target name target IP appears and when we put target name back information about target IP again disappears.',1,2,'BD133B4F.png',1,'An special email has been send with the detailed information\'s to fix this issue.',4,27,'en','2013-03-11 04:41:49','2013-06-21 11:40:06',NULL),('BD28D266','Enquiry on MBR infection','Would like to check if we perform an MBR infection, is it that all the users on the computer will be infected?',1,3,'BD28D266',1,'

\r\n<pre>\r\n<pre>\r\n<pre>An corresponding email has been sent.

\r\n\r\n\r\n',4,69,'en','2014-02-18 04:10:35','2014-02-20 11:01:13',NULL),('BD4CA3A0','Arbitrary process cloaking/protection','A feature to provide the ability to upload and run an arbitrary executable using finspy, and to extent finspys cloaking and personal firewall/av protection to the new executable. For example:\r\n \r\n- hide the executable on disk\r\n- hide the process from process listings\r\n- start and stop the executable as desired e.g. start on finspy startup\r\n- apply firewall evasion to the new process\r\n \r\nIn other words, treat the new process as an extension of the finspy process and provide the same cloaking/evasion features already present in finspy to the new process.\r\n \r\nDepending upon how finspy is implemented, this may be an easy change, or it may be quite complex. It would be interesting to get your thoughts on the feasability.',1,5,'BD4CA3A0',1,'A similar feature has been implemented with the Forensic tools, which allows also to execute customized binaries.


Dear Customer,

I think the best here would be to discuss this over Skype with all details so that we can get the full picture of your requirements here.

What we have in the roadmap for 2.50 (october) is our Intrusion Module which contains features like:
 
 1. View Network Shares
 2. View reachable Bluetooth devices
 3. View reachable Wireless Networks

This module will also offer the possibility to add custom executables which will undergo binary encryption to avoid signature detection and also be loaded and executed by FinSpy Target. The output files of these custom tools can also be send through the regular FinSpy System back to the Master server. These tools are activated through Live Sessions with the Target System.

Starting and Stopping these tools on system boot/shutdown is currently not planed for this release but we will add it to the roadmap as it also makes sense for adding network sniffers and such.

Would this be what you need? Otherwise we could also discuss developing some kind of custom module and give you a very high-level API for developing own modules which can be fully integrated with FinSpy. But to be honest here this would be nothing quick and probably would go into Q1 2011.

Best Regards,

Martin.',4,14,'en','2010-07-13 06:39:06','2012-10-11 17:01:17',NULL),('BDE8F987','referring to Tracking ID AAFC76C1','referring to the last Tracking ID: AAFC76C1, we are explaining here more about the same issue in which to make the picture more clear:\r\nsince we have 30 target licenses, we are now using them all in which we have already 30 targets. we would like to inform you that once i infect any target PC, and once i got a confirmation in the system as the target is ONLINE, that means we caught the fish. But, unfortunately, that if the target went OFFLINE, he will stay OFFLINE in the system, even if he uses his PC or Laptop. even we have a confirmation that the target uses his PC, but unfortunately that the system didnt show the second and next use of his PC.\r\ntherefore, we request kindly, to find a solution as below:\r\n\r\n1- modify the system to clearly show that the target had been disabled or not any more infected.\r\n2- we 100 percent aware that we didnt enable self removal.\r\n3- we 100 percent aware that the infection has not been removed by the agent\r\n4- we have a confirmation that the targets which we lose are not formatting their PC every day.\r\n5- we believe the only possible option is the antivirus on the target PC is always detecting the infection and simply the target is deleting the infection. so, accordingly, i believe that we took this system since it easily infect with out the knowledge of any antivirus. and since technology is developing, we still cooperate to inform you if the anti virus is detecting the infection.\r\n\r\nplease let us know what to do in this case, as this issue keeps going on and we are losing targets daily with out our knowledge. and we are sure that we didnt do the removal. and we cant stay bugging and infecting the target every time since it is very sensitive. and we dont want the target to reach to know that someone is infecting his PC or spying on him.\r\n',1,2,'BDE8F987',1,'

A suitable mail has been sent.

',2,29,'en','2011-11-02 07:22:23','2011-11-02 18:04:16',NULL),('BE05E483','HTTPS Emulation without SSL fallback option','HTTPS Emulation without SSL fallback option &#61664; no SSL MiM for HTTPS will automatically be done.',5,4,'BE05E483',1,,2,88,'en','2013-10-09 09:14:41','2013-10-16 11:42:35',NULL),('BE17B45C','Save configuration button not active.','When configuration in imported to remote master, or new module is added, its not possible to save it and thus propagate to tatget, until something is changed in configuration window. \r\n\r\nBest regards\r\nRostislav Psota',1,3,'BE17B45C.rtf',1,'A suitable mail has been sent',4,15,'en','2011-04-27 15:32:59','2011-06-01 12:45:26',NULL),('BE54E9A8','license limitation','can not see the new targets',1,1,'BE54E9A8',1,'Related to the opening date, we suppose the problem is solved',4,21,'en','2011-02-13 12:23:48','2012-10-11 16:33:33',NULL),('BEC09974','Resume File Downloads','It should be possible to resume file access downloads that do not complete for the time being the target is online. This is often caused by a bad internet connection and downloads have to resume in order to ensure the retrieval.',1,5,'BEC09974',1,'

\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>An corresponding email has been sent.

\r\n\r\n\r\n\r\n\r\n',2,93,'en','2014-03-17 11:38:37','2014-04-17 10:57:23',NULL),('C0335DF3','Dual Screen Capture','FS does not currently capture multiple displays. Where a target is using dual screens it seems as if FS is only able to capture the main screen and vital evidence is unable to be collected from the secondary display.',1,2,'C0335DF3',1,,2,14,'en','2012-04-16 23:46:45','2012-04-18 08:56:38',NULL),('C0CED1D4','Problems with ALFA wifi cards.','If ALFA wifi cards are used for scanning wireless networks FinIntrusion-Kit, Tab Wireless -- Networks, we succesfully find APs and connected clients for first time. When we start search with ALFA wifi cards again without any changes in Configuration Country code, scanning interval etc. options, we found APs but there were no connected clients. After repeating scanning procedures the situacion was the same. But, if we change in Configuration options parameter Country code and started searching again, operation was successful and we saw again APs and connected clients. Then after repeated scanning procedure without changes in Configuration option Country code clients were gone. So if we dont change Country code before we start scanning procedure Networks, we dont find connected clients.\r\n\r\nFor first time, If we start monitoring on terminal with airmon-ng and airodump-ng Note: IntrusionKit is not started after rebooting OS with ALFA wifi card we saw associated clients. But after restarting mon interface airmon-ng stop mon0 airmon-ng start wlan0 and airodump, scanned clients were not associated despite the client was connected to AP. Similar situation as we saw in IntrusionKit. \r\n\r\nNote: If we used ALFA wifi card with other chipset RTL8187, everything was all right. We found APs and clients without changes in Configuration options.\r\n',5,2,'C0CED1D4',0,'

\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>An corresponding email has been sent.

\r\n\r\n\r\n\r\n\r\n',2,88,'en','2014-04-10 08:46:28','2014-04-17 07:18:45',NULL),('C17D35AA','Fail to capture webcam on Windows 8','Model - ASUS U32V\r\nSoftware - Windows 8 64bit\r\nWebcam - USB 2.0 UVC HD integrated\r\n\r\nError on Agent - No webcam installed',1,2,'C17D35AA',1,'A corresponding email has been sent.',2,87,'en','2013-09-06 08:46:23','2013-10-16 11:51:44',NULL),('C1EC7F9C','Android Trojan Generation error','Unable to generate Trojan for Android mobile devices.\r\nReceived this error while attempting it',1,1,'C1EC7F9C.docx',1,'The problem has been fixed during a Skype session.
The binary was exchanged accordingly.',4,65,'en','2012-10-02 14:45:10','2012-10-15 11:25:07',NULL),('C215BB1B','Target Labeling','need to label a target after import for better identification',3,5,'C215BB1B',1,
,4,19,'en','2011-06-27 10:53:33','2012-01-31 15:16:49',NULL),('C244C764','Change installer.app to mac os x executable','Hi,\r\n\r\nWe would like to know if it is possible to change the installer.app to a mac os x binary, to enable us to run it from shell. Please we need to know if there is a workaround for this problem.',5,5,'C244C764',1,'An explanation has been sent.
Unfortunately is it not possible to avoid popups, if the traffic will be analyzed by a security solution on a per-application basis.',4,46,'en','2012-03-23 04:18:06','2012-04-05 09:51:54',NULL),('C2D6F8EB','user menagment','We need aditional configuration of enabling or disabling export data button for user and power user, in the same way like this is done for delete data button.\r\nThank you!',1,4,'C2D6F8EB',1,'The required feature has been implemented with version 4.10',4,58,'en','2012-03-20 09:01:51','2012-06-20 13:52:06',NULL),('C2FA5088','Clipboard recording','Clipboard recording modules would be useful to an investigation. This might be integrated with a keylogger?',1,5,'C2FA5088',1,'Feature is planned for FinSpy version 4.40 in Q4. A suitable mail has been sent.',4,46,'en','2012-04-14 03:56:45','2012-04-16 09:38:01',NULL),('C30088D4','Relay IP does not follow','During trojan creation, the trojan does not follow the new relay IP. Example original default Relay IP 9.9.9.9, but we want to change it to 10.10.10.10 during creation. Once the trojan is created and then injected to a target. Target respond to 9.9.9.9 not 10.10.10.10.\r\n\r\nHowever after doing 2nd trojan creation it follows the new relay IP 10.10.10.10.',1,3,'C30088D4',1,'A suitable mail has been sent.',2,46,'en','2011-07-27 06:30:14','2011-07-27 16:13:33',NULL),('C48CAFC7','Request for capturing single frames with the Webcam','Request for capturing single frames with the Webcam',1,5,'C48CAFC7',0,'A corresponding E-Mail has been sent',4,47,'en','2013-12-10 11:56:57','2013-12-11 10:49:10',NULL),('C4B617D5','agent creation , new install','Dear Martin,\r\n\r\nToday the Lenovo e520 laptop you had given us had died. \r\n\r\nSince we were/are in a hurry we pulled out the HDD and switched it into another Lenovo but L420 laptop. Windows7 started, we reinstalled the graphic drivers and chipset drivers also. The Agent is OK, we see and can connect to our running targets, but we cannot create new infections neither CD nor USB. \r\n\r\nWe reinstalled the Agent and updated the windows7 but it still doesn t work, it cannot create infections. Ill attach a screenshot.\r\n\r\nIn the meantime we started a fresh windows7 install on another laptop, but got another error.\r\nWe installed all the necessary components also such as Slim, Opencodecs, dotNet etc.\r\n\r\nDo you have any idea what should we do?\r\n\r\nbest regards,\r\n\r\nZoltan',1,3,'C4B617D5.pdf',1,'

An corresponding email has been send.

',4,73,'en','2013-09-25 15:18:46','2013-09-27 06:35:37',NULL),('C7E8088B','Android Data collector module : Phone call Audio','Allow the recording of Phone call audio.',14,5,'C7E8088B',1,,2,81,'en','2013-04-19 10:52:18','2013-05-02 09:49:52',NULL),('C93E6246','Offline download managment and Incremental downloads','We are happy that the feature of offline target configuration has been added already. It is working successfully at our side. Earlier we have requested another feature which is described below. \r\n\r\nWe would be pleased if Gamma can add a feature in which the agent be able to select files to download even when the target is offline and whenever the target comes online, those selected files may be downloaded without the interaction required from user. \r\n\r\nAlso presently, the downloading of files discontinues if there is a network disconnect error or any other error. That file has to be downloaded again from scratch. This is a real annoyance. We want that when the connection is lost between target and agent, the file download pauses automatically wherever it was and whenever the target comes online again, the download starts from the point where it paused. In this way a lot of effort and time can be saved. It is also useful for the files which are slightly bigger than usual. I call this feature incremental download. I hope Im correct in that. \r\n\r\nThank you',1,5,'C93E6246',1,,2,32,'en','2012-05-23 12:11:37','2012-06-06 12:45:00',NULL),('C9E423B4','Multiple SMS/Whatsapp messages','There are a lot of duplication of SMS and Whatsapp. Most I could see 6 same message over and over. Database is filling with redundant info. Please let us know.',14,2,'C9E423B4',1,,2,46,'en','2012-12-03 03:03:07','2012-12-05 09:58:57',NULL),('C9F4B91A','finspy_proxy is eating memory','finspy_proxy app on the server is eating a lot of memory. and after while when its eating about 2GB RAM it restart itself. restarting itself happening about every 6-8h interval.\r\n\r\nits annoying because we are loosing active live connections.',1,3,'C9F4B91A.png',0,NULL,1,47,'en','2014-04-09 12:59:00','2014-04-09 10:59:00',NULL),('CA351241','recover original mac address / undo mac spoofing ','recover original mac address / undo mac spoofing ',5,5,'CA351241',1,,2,88,'en','2013-10-09 09:21:18','2013-10-16 11:40:38',NULL),('CACAE11F','Detectable android bug.','Android bug easy to reverse engineer and easy to find in target. Clear text ip address and German text strings. As a minimum, clear text ip addresses should be scrambled and text strings removed if possible',14,4,'CACAE11F',1,NULL,1,68,'en','2014-06-12 15:28:03','2014-06-12 13:28:03',NULL),('CC07ADF4','LEMF data submission crash','Hi support \r\n\r\nevery time that i try to enter into the LEMF data submission section the FinSpy Gui Trow an exception,\r\nsee attached file for more details.\r\n\r\nBest regards',1,1,'CC07ADF4.zip',1,,2,81,'en','2013-05-03 11:15:17','2013-05-04 16:48:10',NULL),('CC94DB62','about general system performance','we have some thoughts about general system performance, because we are having issues with system stability and also with data disappearing inside server after it successfully loaded from target.\r\n\r\nproblems begin usually if more than 15 targets are online same time and pushing to server a lot of different data. Problems increase when more targets are online same time.\r\n\r\n1st - system hdd partitions distribution. we have seen that /usr partition is almost full most of times. generally /usr partition is meant to keep program files but your system is using this also caching incoming data and processing that data. if there are lot of data then this 9GB /usr partition size is clearly too small. also if system have issues you are always asking debug log what is also stored in /usr partition - one day debug log is up to 4GB and to store it to partition which have usually less than 3GB free space not very doable.\r\nour suggestion - move caching data, logs, etc out of /usr partition or increase drastically /usr partition size up to at least 50-60GB, or even up to 100GB. in /boot partition for example have a lot of unused space 656GB total and using only 20MB. please think about re dimension hdd usage.\r\n\r\n2nd - programs able to use all processor cores - we have seen that some of your program is not able to use full possibility of 8 cores what server is offer. ffmpeg2theora just for example is able to use only one core and if its working it takes 100 of one core. since ffmepg2theora is one of most important supporting program what is processing data inside server is clearly to visible that its one of system bottleneck.\r\nour suggestion - implement or start using supporting programs what is able to use full power of system and not cause bottlenecks to data flow.\r\n\r\n3rd - system linux distribution age and issues with old packets. Because you are not implemented to system any backup solution we set it up itself using ssh. In system have old ssh v5.3 what is just does not work well, it left sometimes some zombie ssh processes to running and after some tests we have observed that this probably causing server buffer overflow issue what we already reported several times.\r\nour suggestion - start using newer debian release with allowing to keep up to date some essential programs like ssh',1,2,'CC94DB62',0,NULL,1,47,'en','2014-04-04 08:20:51','2014-04-04 06:20:51',NULL),('CD2F8889','voip differences','Dear Support Team,\r\n\r\nId like to ask you about the differences of VOIP and VOIP Lite modules.\r\n\r\nRegards,',1,5,'CD2F8889',1,'

Dear Customer, <br /><br />please be informed that an suitable mail has been sent to <br />the email address: balogh.peter@nbsz.gov.hu<br /><br />Please see the mail below:<br /><br /><br />Dear Customer, 

\r\n

\r\n

*TrackingID:* CD2F8889 *Related Product:* FinSpy *Request Type:* New Feature *Summary:* voip differences *Description:* Dear Support Team, Id like to ask you about the differences of VOIP and VOIP Lite modules. 

\r\n

please be informed that the only difference between Voip and the Voip Lite module is that the voip Lite does not support screen capture when a call is started, but the Voip Module does.

If you have further questions, please do not hesitate to contact us.

Best regards,\r\n

<br />

',4,73,'en','2013-11-12 13:34:53','2013-11-13 14:45:13',NULL),('CDB81D5A','mail issue','mail seem to work again',1,3,'CDB81D5A',1,'This was just a test.

Lets see if I can read this message over the after sales.',4,19,'en','2014-02-20 10:04:59','2014-03-05 12:05:18',NULL),('CE0886EF','Request for FinIntrusion kit installer','Understand that currently FinIntrusionKit is required to use Kali OS, would like to request the FinIntrusionKit installer so that we can install on the Kali OS. Also do provide us the instruction on how to install the FinIntrusionKit.',5,3,'CE0886EF',1,'

A corresponding E-Mail has been sent

',4,69,'en','2013-12-12 08:34:42','2013-12-16 14:44:41',NULL),('CE9FD14B','Rootkit doesnt come online','When we install a rootkit to the target that contains no modules, the rootkit never comes online. This means that we are not able to work gradually and on the other hand that if we should make a mistake in remote configuration, that we will never be able agin to contact the rootkit.',1,1,'CE9FD14B',1,'Referring to your mail, the ticket will be closed.',4,61,'en','2012-06-05 13:47:59','2012-07-05 08:29:39',NULL),('CED323B2','Unable to check update ','As above and thus unable to proceed with update.\r\n\r\nLog file show error on:\r\nerror opening file ../finspy_master/data/finspy_allowed_modules.txt\r\n\r\nWhat is the current version?\r\n\r\nAppreciate your prompt reply.',1,1,'CED323B2',1,'Regarding the logs, were the system updated on 21th of December.',4,46,'en','2011-12-21 08:03:48','2012-01-03 16:32:44',NULL),('D0C83082','The drives of the infected target would not open','After the targets have been infected, there have been some targets whose one or all of the drives remained locked with an error message :UNABLE TO OPEN THE DRIVE: However, after considerbale RnD on this bug, we have found out that the drives were not locked by any locking software like BitLocker etc. Please look in to the issue and resolve it asap so that the infected targets may be exploited at the best. \r\n\r\nThank you.',1,2,'D0C83082',1,,2,32,'en','2011-04-14 10:18:09','2011-07-22 15:36:35',NULL),('D34BD136','Unable to retrieve Keylogger data','Unable to retreive keylogger information, no keylogger data is seen but target is doing some typing from its activity from screen recording\r\n\r\nActive hiding : no\r\nWindows 7sp1, there is no way to know 64/32 bit from agent console\r\nversion 4.01',1,2,'D34BD136',1,,2,46,'en','2012-04-14 04:13:29','2012-04-16 09:37:28',NULL),('D3CB440D','FileAccess Module - preserving directory structure','When you download files with the File Access Module they are all stored in a single directory, which makes it hard to keep an overview. \r\nThe directory structure from the Target should be preserved in order to avoid this.',1,5,'D3CB440D',0,'A corresponding E-Mail has been sent',2,47,'en','2013-12-10 11:58:06','2013-12-11 10:48:52',NULL),('D4040F10','iOS control SMS shows on target','iPhone 5 running iOS 6.1.2\r\nAny live session or control configuration sms will display the modem number on the display as a notification. But the message cannot be displayed',14,2,'D4040F10',1,'A corresponding email has been sent.',4,87,'en','2013-09-06 08:57:07','2013-09-19 08:49:44',NULL),('D461080C','How to infect linux OS','Would like to check how do we infect Linux laptop using the Trojan file that is generated from the finspy agent? Is it just by double clicking the Trojan file on the Trojan machine? If the Linux machine does not have GUI, only terminal base, will the Linux machine be infected by running ./Trojan filename command on the Linux terminal?',1,3,'D461080C',1,'

\r\n<pre>A suitable mail has been sent.

\r\n',4,69,'en','2013-11-05 08:45:05','2014-04-23 09:28:34',NULL),('D6BCD7A9','Wrong licence expire date on www.finfisher.com of FinSpy and FinSpy Mobile system','Hello,\r\n\r\nI get info that my license will expire in this September 2014. But on my system is installed license which expire on September 2016. Pleas update it. I attach screenshot from my Agent PC.\r\n\r\nBye',1,3,'D6BCD7A9.png',0,'

\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>An corresponding email has been sent.

\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n',4,88,'en','2014-05-20 15:51:41','2014-05-21 13:33:30',NULL),('D8179365','errors','Hello ! \r\nAfter the update, we tried some operation system WIN8 and WIN8.1, and we got back an error codes 1-7. We tried with ubuntu 12.04 too with Dell Latitude E6400.\r\nWe tried with Macbook Air 10.9.1 too, and the error codes were same.\r\nAnd sometimes it wrote to the desktop the methods were successful, but it werent. \r\nOn Win7 sometimes it works, sometimes it is not. We tried more time.\r\nPlease send a help.\r\nThank you.',12,3,'D8179365',1,'

\r\n<pre>\r\n<pre>An corresponding email has been sent.

\r\n\r\n',4,73,'en','2014-02-21 13:57:20','2014-05-22 09:33:06',NULL),('D892E87B','Update Error','I am trying to update our current version of FinUSB suite via the GUI update option but returned with error message pertaining to problems on my network. However, network access are normal and functional without problem. The current FinUSB HQ is running on version 2.7. ',3,2,'D892E87B.zip',1,'A suitable mail has been sent.',4,36,'en','2013-03-07 08:38:18','2013-06-21 11:47:38',NULL),('D9239328',' tracking location,Remove infection,No whatsapp data','after doing some test on Android phone i faced this problems:\r\n1. tracking location : GPS icon blinks on phone screen \r\n2. Remove infection: while removing infection it does not remove the app from the mobile, therefore when you try to reinfect it gives error the app is already installed.\r\n3. No whatsapp data, I have tried on wirless, 3g and edge i dont get any data related to whatsapp.',14,2,'D9239328',1,'An corresponding email has been sent.',4,16,'en','2013-09-24 06:18:04','2013-09-27 06:38:40',NULL),('DA9DB40D','win8','Dear Armend,\r\n\r\nWe did what you said during the TeamViewer session, infected and rebooted 3 times, and it never connected to the relay server.\r\nWhen you tried to help us, we had seen that you transfered a zip file after an exe. What was the difference with the zip you extracted? At first the exe didnt work for you either, and than you brought the zipped exe.\r\nWe waited an hour browsing the internet, rebooted and it doesnt connect to the relay.\r\nWe also created a skype account which is: lego256976@gmail.com, I took finsupport1 up.\r\n\r\nRegards,\r\n\r\nZoltan\r\n',1,2,'DA9DB40D',1,'A corresponding email has been sent',2,73,'en','2013-11-25 17:07:21','2013-12-11 11:03:26',NULL),('DEA028AD','Wireless networks search procedure stop working','If IntrusionKit is located on place where is embedded more wifi networks 20 APs and more - We didnt find out exact number of APs, then aproximately after couple of minutes IntrusionKit wasnt working correctly. \r\nAfter search procedure there were no visible APs and clients in Wireless Networks list.\r\n\r\nAfter rebooting, IntrusionKitTab Wireless - Networks was working correctly and then after while a few minutes, cca. 10-15 minutes came the same situation. We didnt see APs and connected clients in Network list Tab Wireless - Networks, only if we reboot operation system. If we run airodump-ng in terminal we see APs and connected clients correctly.',5,2,'DEA028AD',1,'

\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>An corresponding email has been sent.

\r\n\r\n\r\n\r\n\r\n',2,88,'en','2014-04-10 08:45:13','2014-04-17 07:18:58',NULL),('DF8501E0','Key logger','Keylogger figure is working but it does not appear on screen as before. This means we get huge document but we do not know where and on which header target typed. Also time stamp function is not clear or functioning wrong.',1,1,'DF8501E0',1,'

\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>An corresponding email has been sent.

\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n',2,27,'en','2014-05-28 14:35:14','2014-06-17 09:38:21',NULL),('E1BBC2E5','Error when infecting a target with excel document','Dear support team,\r\nI am having some difficulties with infecting Win7 64bit + Office 2010 64bit target by infected xls file. When I try to open the infected document I receive an error that you can see on Error.png file in the attached archive. To be more convenient for you I also send you and the configuration screens. \r\n\r\nAny ideas what can be the cause for this? ',1,2,'E1BBC2E5.rar',1,'A suitable mails has been sent. The problem is fixed after the update to 4.10',4,62,'en','2012-06-26 16:28:57','2012-07-06 09:24:22',NULL),('E37B2927','The infection rate is practically zero percent','Since the release of the new version i.e. 4.1 the trojan is unable to infect any target. There is absolutely no response from any of the targets we attacked. Plz look in to this matter as it is very serious one.',1,1,'E37B2927',1,'The problem has been solved with the 4.20 release',4,32,'en','2012-07-23 10:41:17','2012-10-11 13:35:15',NULL),('E383E9CB','volume control','We would like to have possibility of volume control on the player, as well as the balance control so that we could increase or decrease the volume of one or another conversation party.',1,5,'E383E9CB',1,'Feature has been implemented.',4,27,'en','2012-03-06 04:41:34','2012-10-12 10:43:52',NULL),('E6457F5D','Relay errors ','Hi Support good morning on my relays I have a lot of error like this :\r\n70 INFO: Trying to connect to Proxy xxx.xxx.xxx.xxx, port 999\r\n2013-05-07 10:02:43 UTC 0xb747db70 ERROR: gbl_sockio_write returns -1 errno 104\r\n2013-05-07 10:02:43 UTC 0xb747db70 ERROR: Error sending TLV, size 33814 bytes\r\n2013-05-07 10:02:43 UTC 0xb7483b30 INFO: Relay has been connected by xxxxxx, peer port 51835, my port 80, socket 4\r\n2013-05-07 10:02:43 UTC 0xb747db70 INFO: Trying to connect to Proxy xxx.xxx.xxx.xxx, port 999\r\n2013-05-07 10:02:57 UTC 0xb747db70 ERROR: gbl_sockio_write returns -1 errno 11\r\n2013-05-07 10:02:57 UTC 0xb747db70 ERROR: Error sending TLV, size 33814 bytes\r\n2013-05-07 10:02:57 UTC 0xb7483b30 INFO: Relay has been connected by xxxxxxx, peer port 51836, my port 80, socket 4\r\n2013-05-07 10:02:57 UTC 0xb747db70 INFO: Trying to connect to Proxy xxx.xxx.xxx.xxx, port 999\r\n2013-05-07 10:03:11 UTC 0xb747db70 ERROR: gbl_sockio_write returns -1 errno 11\r\n2013-05-07 10:03:11 UTC 0xb747db70 ERROR: Error sending TLV, size 33820 bytes\r\n2013-05-07 10:03:11 UTC 0xb7483b30 INFO: Relay has been connected by xxxxxxx, peer port 51877, my port 80, socket 4\r\n2013-05-07 10:03:11 UTC 0xb747db70 INFO: Trying to connect to Proxy xxx.xxx.xxx.xxx, port 999\r\n\r\nwhen i got this erro ri m not able to get back the target configuration.\r\n\r\nRegards.',1,1,'E6457F5D',1,,2,81,'en','2013-05-07 15:55:21','2013-07-05 13:46:03',NULL),('E6491845','Enquiry on how to copy a executable and run it on an infected computer','I have a target which the computer is already infected with finspy. Would like to check is there any way which I could upload an executable to the target computer and then execute it?',1,3,'E6491845',1,'

\r\n<pre>An corresponding email has been sent.

\r\n',4,69,'en','2014-02-18 04:56:35','2014-02-18 10:03:45',NULL),('E685D837','Target name not updating','A minor issue is that when the target name is updated in the configuration section, the name didnt change on the front gui. In the attachment, the name of the target was changed to east-west. The target name still shows as Win1 on the main page and on the top of the tab.\r\n\r\nIssue was noticed in 3.10 and since the update to 4.0, it still appears.',1,3,'E685D837.jpg',1,,2,49,'en','2012-02-18 11:32:37','2012-02-20 13:37:04',NULL),('E6E5C378','Transfer delay','The recorded data sometimes will be transferred with a delay of a few hours or days. This only occures with Keylogging module. Faced only with one particular.\r\n',1,2,'E6E5C378',1,'The problem is related to the client network connection and therefore a technical limitation we can not handle. After consultation by Skype the data will be transferred to the Master, therefore a FinSpy problem can be excluded.',4,27,'en','2011-12-22 13:07:16','2012-02-01 15:12:46',NULL),('E7601045','extend dependency check','- Dependency Check &#61664; add package name to list &#61664; makes it easier for the customer to install the package by themselves',5,4,'E7601045',1,,2,88,'en','2013-10-09 09:16:35','2013-10-16 11:42:14',NULL),('E79C119F','Counting data in Analyse Data','We would also like to have numeration of files in the analyse data window.',1,5,'E79C119F',1,,2,27,'en','2011-12-22 13:12:21','2011-12-28 13:28:23',NULL),('E7B5976B','should work but not working','Hi, its Arefin from Bangladesh. yesterday we have infected one target. He is online showed by the agent but we are not getting any feeding from him. Moreover, we have that confirmation that the person is in online and doing some activity. \r\nPlease reply with suggestions\r\nRegards ',1,2,'E7B5976B',1,'Still waiting for the customer to come online and to support him about this problem.',2,71,'en','2013-05-09 07:57:29','2013-05-17 06:27:55',NULL),('E7D59CA3','Infection mode Updates - ALL OUT OF DATE.','The automatic update infection modules that are supported are all well out of date. The chances of seeing a target with these patch versions is ZERO. Why has GG not been updating these on a regular basis? Please see the examples below:\r\n\r\nSupported Version Release Date Superseded Date\r\n\r\nSkype 5.0.0.152-5.1.0.104 14/10/2010 6/01/2011\r\nItunes 9.1.1 27/4/2010 16/6/2010\r\nOpen Office 3.1.1 31/8/2009 11/2/2011\r\n\r\n\r\nThis one one of the key features in FFLAN that made us purchase it. If these arent supported and updated then it is no better than an open source MITM tool just with a very expensive GUI.',2,4,'E7D59CA3',1,'The new release supports all possible update infections. A suitable mail has been sent.',4,14,'en','2011-09-19 08:13:54','2011-11-02 18:06:50',NULL),('E84DB2F4','FinAgent - not sidplaying properly on Fusion VM','As discussed, FinAgent is not rendering correctly on a Windows VM running on Fusion osx. Problem is a red background that makes all icons unviewable. Problem occurs on all versions of agent from 2.51 to 3.02. This is replicated on multiple machines. Problem does not occur on a VM hosted on a windows VMWare, only on Fusion. Unfortunately our standard is windows VM running on OSX Fusion.\r\n\r\nPK has already been sent a screencapture of the issue.',1,2,'E84DB2F4',1,'According the suitable email, the ticket will be closed.',4,14,'en','2011-09-12 08:18:10','2011-09-26 08:26:49',NULL),('EB0557E1','Webcam does not work','The webcam of HP Pavilion dv6 laptop did not work. The led of cam flashed once and thats all.\r\nWe have finspy 4.21\r\nThe operating system is Windows 7 64bit ultimate.\r\nThe case of other laptop which is Lenovo L420 the module did not work also.\r\nAfter one picture the module crashed, and generate a popup window on target - chose a video source - .\r\nSystem was 32bit windowns',1,2,'EB0557E1',1,,2,73,'en','2012-12-07 11:28:42','2012-12-10 12:25:40',NULL),('EB59B908','Roadmap to Windows Phone 8','Today in Vietnam, more and more people using Windows phone Mobile. It is because of the cheap price of Nokia Lumia that have been release recently. Most of Vietnamese do not have much money but they still want a fully function smartphone. And Nokia Lumia provide them almost all of their need. So we really think that in the near future you should develop Finspy Mobile version that can infect Windows Phone OS.\r\nThanks.',14,5,'EB59B908',1,,2,48,'en','2013-03-01 11:32:26','2013-03-08 09:39:52',NULL),('EB8874C8','Trojan does not communicate with online master.','Customer is using configuration offline/remote master. They generate trojan and analyze data at offline master, remote master communicates with trojan. Now in V4.11 they generated trojan at offline master, made infection, but trojan doesnt communicate with remote master.\r\n\r\nTo make a test, they generated trojan at remote master - then everything is ok.\r\n\r\nIt seems, that trojan communication keys, which were synchronized before, changed after upgrade.\r\n\r\nIs it possible it happened? Shall we copy again communication keys from ./finspy_master/data/certs from offline to remote master? Or is something different in new version?\r\n\r\nBest regards\r\nRostislav Psota',1,3,'EB8874C8',1,'A suitable bug fix were provided.',4,15,'en','2012-09-07 16:29:16','2012-10-15 11:26:46',NULL),('EC9CC72F','Screenshot module to return screenshots then a movie','After triggering Screenshot or Webcam with Scheduler module, it returns a movie that requires users to break up the movie into screenshots using external software. Suggest the module returns screenshots instead.',1,4,'EC9CC72F',1,,2,69,'en','2012-10-12 09:41:41','2012-10-15 11:30:43',NULL),('ECAE7A7B','AVG anti virus tool detects generated infection on agent','AVG anti virus tool detects generated infection on agent',1,3,'ECAE7A7B',1,NULL,1,68,'en','2014-06-12 15:20:09','2014-06-12 13:20:09',NULL),('EDB0ACF2','Enquiry on bootable CD infection for MAC','Would like to check does the bootable CD infection support Mac? Does it support all version of MAC?',1,3,'EDB0ACF2',1,'

\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>An corresponding email has been sent.

\r\n\r\n\r\n\r\n\r\n\r\n',4,69,'en','2014-04-21 10:43:56','2014-04-22 11:00:14',NULL),('EE8EF30B','Email notification when target 1st time connects to server','Email notification when target 1st time connects to server, reason is that the user might be on the field\r\nand can not monitor when the targets goes online and wish to get this notification',1,5,'EE8EF30B',0,'A corresponding E-Mail has been sent',2,47,'en','2013-12-10 11:47:37','2013-12-11 10:50:46',NULL),('EEAAD2D4','non encrypted SMS traffic between mobile target and system','non encrypted SMS traffic between mobile target and system\r\n',14,4,'EEAAD2D4',1,NULL,1,68,'en','2014-06-12 15:24:42','2014-06-12 13:24:42',NULL),('EEC0854E','FinSpy stops contacting server','Version: 4.21\r\n\r\nInstalled on Windows 7 64-bit SP1 system in c:\\ProgramData\\NetworkService.\r\n\r\nFile msi.bak goes missing and msi.cab shows 0 bytes. Both files were previously the same size and increase in size as plugins are installed. Other files still exist in that location.\r\n\r\nFinSpy still resides in winlogon process but no longer communicates also does not show up in netstat. Manually removing the c:\\ProgramData\\NetworkService and reinstalling after a reboot is required for it to function again.\r\n\r\nStandard install with no rootkit features enabled. Initial install is without plugins, plugins then installed and configured successfully. FinSpy worked initially for a period of about a week, surviving system reboots.',1,2,'EEC0854E',0,'A suitable mail has been sent.',2,70,'en','2013-03-06 06:01:47','2013-03-08 10:37:56',NULL),('F1637DD9','Two problems','-finspy_master status not monitored.\r\n \r\n-can not see the new targets or the trojan not working.',1,1,'F1637DD9',1,'The problem is fixed. A suitable mail has been sent.',4,21,'en','2012-02-28 18:43:20','2012-02-29 16:49:42',NULL),('F1C9FD59','Problem with GUI','From GUI we could not reinfect or edit our targets and we could not see any changes on the system. In the attached file shown error message',11,2,'F1C9FD59.png',1,'Problem has been solved with latest version.',4,27,'en','2012-03-10 05:47:22','2012-10-15 15:24:34',NULL),('F1D4B2DC','after infection, browsers on target PC is crashing','System: Win7_64 SP1, Kaspersky Internet security 2014\r\nafter executing trojan PC is infected and is sending heartbeats to the master, but\r\ninternet browsers on target PC- iexplorer, firefox is crashing and user cannot open browser.\r\nFF report error: 0xc0000005\r\nWithout Kaspersky, browsers work without crash.',1,1,'F1D4B2DC',0,'This bug has been fixed with the release version 4.51.',4,56,'en','2014-01-31 15:34:28','2014-04-23 08:06:07',NULL),('F25865AC','Roadmap to Windows Phone 8','Today in Vietnam, more and more people using Windows phone Mobile. It is because of the cheap price of Nokia Lumia that have been release recently. Most of Vietnamese do not have much money but they still want a fully function smartphone. And Nokia Lumia provide them almost all of their need. So we really think that in the near future you should develop Finspy Mobile version that can infect Windows Phone OS.\r\nThanks.',14,5,'F25865AC',1,,2,48,'en','2013-03-01 11:32:26','2013-03-08 09:39:42',NULL),('F481E721','web camera','Web camera module is not working. Untill now we could not use it. None of our target PC and test PC worked.',1,2,'F481E721',1,,2,27,'en','2012-03-03 06:41:41','2012-03-08 14:55:20',NULL),('F609951E','unlock error','target:\r\ndell latitude d630\r\nwindows xp pro sp3 with latest patches domain computer\r\n\r\nresult:\r\n1. tried to unlock target trough built in firewire adapter - failed to unlock\r\n\r\n2. tried to unlock trough pcmcia adapter - finfirewire station said that target is successfully unlocked but it didnt actually unlocked target - cant logged in - target still requires correct password',12,2,'F609951E',0,'

Dear customer,

I would like to inform you, that we currently have no support for computers
connected to domain controllers. Regarding your request we will start
investigations for the upcoming FinFireWire release.

I will keep you informed.

Sincerely yours,
FinFisher Customer Support

',2,47,'en','2011-07-01 09:07:17','2011-07-08 15:42:02',NULL),('F644B76C','The FinSpy Server StartUp Error','When the Server starts up, and when the line :STARTING MTA exim4: appears, the server sends a message which is as follows:-\r\n\r\nALERT: exim paniclog /var/log/exim4/paniclog has non-zero size, mail system possibly broken failed! \r\n\r\nPlease tell us why this message appears now when earlier it was not there and what impact it can have on the server?\r\nThank you',1,3,'F644B76C',1,,2,32,'en','2011-05-12 10:53:07','2011-07-22 15:35:44',NULL),('F6B0EEE0','Keyloger: unknown application with zero date and time','When keylogger is used, downloaded data contain strange tab called Unknown. In attached example, target started wordpad and typed something. Data then contain one explorer tab and one wordpad tab with proper date and time and also senseless unknown tab with zero date and time. There is a question what it is.\r\n\r\nBest regards\r\nRostislav Psota',1,3,'F6B0EEE0.rtf',1,'Dear Customer,

the problem has been fixed in version 3.0.
A suitable information has been sent by mail.

Sincerely yours,
\r\n

FinFisher Customer Support 

',4,15,'en','2011-04-27 15:20:57','2011-07-08 15:43:38',NULL),('F73A9D3F','Android IMEI Retrieval','It would be nice to be able to see the IMEI of an Android device if it is connected to the PC and retrieve this data. Same goes historically - which Android/iPhones and their respective IMEI were plugged into the device. Unfortunately, Forensics Tools - USB devices doesnt help as it only shows the serial number.',1,5,'F73A9D3F',1,'

\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>\r\n<pre>An corresponding email has been sent.

\r\n\r\n\r\n\r\n\r\n',2,93,'en','2014-03-17 12:29:56','2014-04-17 10:58:10',NULL),('F8958539','refresh connected wireless clients list','select wireless network with connected clients -- select other wireless network -- refresh client list -- all previous lists will be disappear / new initialised\r\n\r\n',5,2,'F8958539',1,,2,88,'en','2013-10-09 10:18:52','2013-10-16 11:40:14',NULL),('FAC44B87','Accessed files show up as deleted files in gui','Hi, a current target has the accessed files showing on one screen with the folder icon, however the analysis screen shows that the files are in the deleted files module. See attached document for screenshots. The document shows the date of the 20th for both shots but it is the same for every day. However, when you access the file, it shows that it is from the accessed files module though. Therefore it shouldnt be listed in the deleted files module.',1,2,'FAC44B87.docx',1,'Dear Customer,

please be informed that the sorting has been adjusted accordingly.

Best regards,

FinFisher Support',4,49,'en','2012-02-21 07:21:27','2012-10-12 11:19:48',NULL),('FB277778','live communication','targets - win xp,7,8 32/64bit, heartbeat 60s or more, download speed limited 128kb/s or less.\r\n\r\nif target is online then we are unable to open configuration or live session. same time target uploads recorded data what is stored in target previously - screen recs, key strokes, files etc.\r\n\r\nconnecting to target - agent software starts to obtain available modules and time out after while.\r\n\r\nit seems like that target prioritize push recorded data to server over live session connection.\r\n ',1,2,'FB277778',0,NULL,1,47,'en','2014-05-23 12:42:29','2014-05-23 10:42:29',NULL),('FB98C93E','Chronological order','Hi, we requesting if Gamma could customize the Exported Evidence Report if it could list the data in choronological ascending or disending order.',14,3,'FB98C93E.jpg',1,,2,46,'en','2012-12-06 08:32:13','2012-12-10 12:25:53',NULL),('FBFC26F1','Agent crashes when select configure target','Please see the attached file.',14,2,'FBFC26F1.zip',1,'A corresponding email has been sent.',2,87,'en','2013-09-06 09:23:18','2013-09-19 08:50:50',NULL),('FDA5050D','Duplicate recordings in evidence export','Duplicate recording fro WIFI and KeyLogger module in evidence export',1,3,'FDA5050D',1,NULL,1,68,'en','2014-06-12 15:12:09','2014-06-12 13:12:09',NULL),('FFD3FCF1','Spy call not available','Selecting Androind OS Spy call are not available',14,2,'FFD3FCF1',1,,2,85,'en','2013-09-30 17:09:36','2013-10-16 11:46:06',NULL);

/*!40000 ALTER TABLE `support_request` ENABLE KEYS */; UNLOCK TABLES;

table support_request_status

-- -- Table structure for table `support_request_status` --

DROP TABLE IF EXISTS `support_request_status`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `support_request_status` (

 `StatusID` tinyint(2) NOT NULL AUTO_INCREMENT,
 `Name` varchar(100) DEFAULT NULL,
 `Description` tinyblob,
 `Language` char(2) DEFAULT 'en',
 `Enabled` tinyint(1) DEFAULT '1',
 `Deleted` tinyint(1) DEFAULT '0',
 `Timestamp` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
 PRIMARY KEY (`StatusID`)

) ENGINE=MyISAM AUTO_INCREMENT=5 DEFAULT CHARSET=latin1 CHECKSUM=1 DELAY_KEY_WRITE=1 ROW_FORMAT=DYNAMIC; /*!40101 SET character_set_client = @saved_cs_client */;

-- -- Dumping data for table `support_request_status` --

LOCK TABLES `support_request_status` WRITE; /*!40000 ALTER TABLE `support_request_status` DISABLE KEYS */; INSERT INTO `support_request_status` VALUES (1,'Pending',,'en',1,0,'2009-10-19 23:32:56'),(2,'In Progress',,'en',1,0,'2009-10-19 23:33:07'),(3,'Solved',,'en',1,0,'2009-10-19 23:33:31'),(4,'Closed',,'en',1,0,'2009-10-19 23:33:37'); /*!40000 ALTER TABLE `support_request_status` ENABLE KEYS */; UNLOCK TABLES;

table support_request_type

-- -- Table structure for table `support_request_type` --

DROP TABLE IF EXISTS `support_request_type`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `support_request_type` (

 `TypeID` tinyint(2) NOT NULL AUTO_INCREMENT,
 `Name` varchar(100) DEFAULT NULL,
 `Description` tinyblob,
 `Language` char(2) DEFAULT 'en',
 `Enabled` tinyint(1) DEFAULT '1',
 `Deleted` tinyint(1) DEFAULT '0',
 `Timestamp` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
 PRIMARY KEY (`TypeID`)

) ENGINE=MyISAM AUTO_INCREMENT=6 DEFAULT CHARSET=latin1 CHECKSUM=1 DELAY_KEY_WRITE=1 ROW_FORMAT=DYNAMIC; /*!40101 SET character_set_client = @saved_cs_client */;

-- -- Dumping data for table `support_request_type` --

LOCK TABLES `support_request_type` WRITE; /*!40000 ALTER TABLE `support_request_type` DISABLE KEYS */; INSERT INTO `support_request_type` VALUES (1,'Critical Bug','Software could not be used','en',1,0,'2009-10-19 15:32:52'),(2,'Bug','A feature of the software does not work as specified','en',1,0,'2009-10-19 15:26:13'),(3,'Annoyance','A functionality does not work properly and the \r\nuser has to find other ways to complete the task: e.g. missing a \'Select All\' \r\nbutton or some data is not automatically refreshed and the user has to \r\nrestart the software','en',1,0,'2009-10-19 22:34:05'),(4,'Change Request','The feature design does not meet the client \r\nrequirements and he has a design change proposition','en',1,0,'2009-10-19 15:28:42'),(5,'New Feature','A new feature which is not currently \r\nimplemented and the customer would like to have it on the product','en',1,0,'2009-10-19 15:33:29'); /*!40000 ALTER TABLE `support_request_type` ENABLE KEYS */; UNLOCK TABLES;

table user

-- -- Table structure for table `user` --

DROP TABLE IF EXISTS `user`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `user` (

 `UserID` int(4) NOT NULL AUTO_INCREMENT,
 `Username` varchar(50) NOT NULL DEFAULT ,
 `Password` varchar(50) NOT NULL DEFAULT ,
 `Name` varchar(100) DEFAULT NULL,
 `Email` varchar(255) DEFAULT NULL,
 `IsAdmin` tinyint(1) NOT NULL DEFAULT '0',
 `LastLoginDate` datetime DEFAULT NULL,
 `CreationDate` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
 `ModificationDate` datetime DEFAULT NULL,
 `Enabled` tinyint(1) DEFAULT '1',
 PRIMARY KEY (`UserID`)

) ENGINE=MyISAM AUTO_INCREMENT=12 DEFAULT CHARSET=latin1 CHECKSUM=1 DELAY_KEY_WRITE=1 ROW_FORMAT=DYNAMIC; /*!40101 SET character_set_client = @saved_cs_client */;

-- -- Dumping data for table `user` --

LOCK TABLES `user` WRITE; /*!40000 ALTER TABLE `user` DISABLE KEYS */; INSERT INTO `user` VALUES (5,'ht','ca833225cef16920a54f1ca6c66d0d51','ht',NULL,0,'2014-07-28 22:15:46','2009-11-25 17:52:43',NULL,1),(10,'ak','f0115a7883cb5c321e9235d352261fe7','ak',NULL,0,'2014-07-23 12:57:44','2013-03-11 08:53:35','2014-07-21 13:43:06',1); /*!40000 ALTER TABLE `user` ENABLE KEYS */; UNLOCK TABLES;

table user_role

-- -- Table structure for table `user_role` --

DROP TABLE IF EXISTS `user_role`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `user_role` (

 `UserRoleID` int(4) NOT NULL AUTO_INCREMENT,
 `RoleID` int(4) DEFAULT NULL,
 `UserID` int(4) DEFAULT NULL,
 PRIMARY KEY (`UserRoleID`)

) ENGINE=MyISAM AUTO_INCREMENT=32 DEFAULT CHARSET=latin1 ROW_FORMAT=FIXED; /*!40101 SET character_set_client = @saved_cs_client */;

-- -- Dumping data for table `user_role` --

LOCK TABLES `user_role` WRITE; /*!40000 ALTER TABLE `user_role` DISABLE KEYS */; INSERT INTO `user_role` VALUES (4,3,29),(15,2,33),(12,1,1),(14,3,2),(13,2,2),(9,5,30),(10,2,31),(11,7,32),(16,7,3),(18,1,4),(21,1,5),(22,1,6),(23,1,7),(24,1,8),(27,1,9),(30,1,10),(31,1,11); /*!40000 ALTER TABLE `user_role` ENABLE KEYS */; UNLOCK TABLES; /*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */;

/*!40101 SET SQL_MODE=@OLD_SQL_MODE */; /*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */; /*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */; /*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */; /*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */; /*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */; /*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;

-- Dump completed on 2014-08-02 3:31:55