Into the Hacker's Mind
May 6, 2017 | Author: Marko Kenistara | Category: N/A
Short Description
A book about hackers...
Description
Into The Hacker's Mind ...Keys To The Dark Side...
By CyberGod
Index : - Introduction -Chapter 1: Making it clear -I-The world "HACKER" -II-Different types of Hackers -a-Black hats -b-White hats -c-Grey hats -Chapter 2: The first steps -I-Beginners fun -a-Windows User passwords -b-Getting admin -c-Changing IP and VPNs -d-Batch virus -II-Wifi hacking -a-WEP -b-WPA/WPa2 -III-Online accounts hacking -a-Phishing -b-Keyloggers -c-RATs -Chapter 3: Because "Chapter 2" is too easy ! [These chapters will be included in Part 2 of the eBook] -I-Websites Attacks: -a-SQL injection -b-XSS/cross site scripting -c-DOS/DDOS -d-Defacing -II-Next level: Botnet -III-Worms ?? -IV-Booters -Chapter 4:Some coding and programming -I-Intro -II-Stealers -a-Builder -b-stub -III-Loggers -a-Builder -b-Stub -IV-Crypters -a-Builder -b-Stub -c-Runtime module -Chapter 5:Pentesting and backtrack -I-Introduction to penetration testing -II-Network scanning and information gathering -III-Social engineering toolkit and DNS spoofing -IV-Metasploit: -a-Intro -b-payloads/stager -c-meterpreter -Chapter 6:Extra : To keep your ass out of troubles -Chapter 7:From a hacker to another.
Hello and welcome to hacking world, this ebook was written by CyberGod to help any new or intermediate hacker. This isn't an informative book nor a hacking dictionary, but instead you can consider it like a teacher that will help you through your journey, this mean that everything you learn from this book can be applied and used directly and not just information about various subjects. Now that you know what you will be reading, I would like to mention that I am not responsible for any action you make based on what you learned from this book. And I would like to thank the whole HF awesome community, if you downloaded this book from somewhere else and you are not a member of HF is suggest you go and register for an account right now. http://www.hackforums.net
Chapitre 1: Making it clear. I. The world 'Hacker' You want to be a hacker ? ok... but first things first, so what does the world 'hacker' refer to? Usually a hacker is a person with a great knowledge in informatic and/or electronics, and by great I mean more then an average person. Now when most people hear the world hacker it is associated with evil and bad actions like hacking bank accounts or websites .... But you must know that not all hackers use their knowledge for bad things. A hacker activities : accounts hacking, pentesting, programming, RATs/Botnet, making money.... And a bunch more . Before ending this small section I would like to say that anyone who wants to be an advanced or expert hacker must learn how to program and code in several language, for a total newbie I suggest starting with something like HTML or VB.net these are easy to learn .
II. Different type of hackers ‐a‐Black hats Black hat hackers are the bad guys, and you must know this is a black hat book. black hat hackers usually try to hack into all type of accounts from online banks and paypal to facebook and msn, using different methods like RATs, keyloggers and fake pages. A more advanced black hat hacker will want to write his own crypters and RATs and try to build a huge botnet to take down servers and websites. Black hat hackers are always trying to breack any security system or bypassing AV and firewalls, some of them also like to use social engineering to trick peoples into their traps. The causes ? Well I can only think of two main causes : making money or prouving themself and aquiring forbiden knowledge.
‐b‐White hats White hats are the opposite of black hats, these guys use their knowledge to help others, they usually code AV and offer help to infected systems; they try to build what black hats destroy. There is not alot to be told about them, just know that they are the oppnents of black hats in an endless war.
‐c‐Grey hats As you can guess a grey hat hacker is a mix of a black and a white hat hacker. Usually they want no harm to others but can turn into a black hat to accomplish their goals.
Chaptre 2: The first Steps I.Beginners fun ‐a‐Windows User Passwords In this chaptre you will learn how to remove any user password using windows operating system. I know this may sound noob or too easy for some but for a beginner this will be an excellent first lesson. Before going directly into action I would like to explain how we are going to remove that password. By the way I will be showing you 2 methods. First off all you must know that windows user password are stored on the HD so using a simple bootable program we can have full access to that HD and remove the password then boot again into windows, don't worry if you didn't understand a word because I will explain every thing. The second method can be used only with a windows XP operating system, what you actually do is login to the hidden unprotected user
"administrator" and remove the password of the other users from there.
.1. Enough talking lets get to action, I will explain the second method first. Assuming your on the login screen and your asked for the password, all you have to do is press ctrl+alt+del then keeping the ctrl and alt pressed, release the del button then press it again. You should be presented with a login form where you can enter a user and a password, in the user write "administrator" without and leave the password field blank now you should be able to login to the administrator user. Once there you can remove any other user's password without knowing the old one, finally you should know that the user administrator can be protected by a password so this method wont work anymore, but in default it comes with no password and most people don't know about that user so in 99% of the time it will be unprotected.
.2.
Now for the other method. You will need a blank CD or DVD, a cd/dvd and a burning software; I am going to be using Nero but you can use any other burning software. Now if you are in Nero choose "burn image" and select the "password‐reset.iso" provided in the "Files" folder. Insert a blank CD and click burn, you should end up with a bootable CD. I want to mention that we can also use a usb instead of a CD, just follow the instruction brovided by the "README.txt" inside the iso image. The next step would be to boot from the CD/DVD/USB, for that you have to insert you CD/DVD/USB then restart your computer, and follow one of the instructions below: When the computer is starting you will get a message similar to that "press F1 to enter BIOS setup" F1 isn't the standar key for all BIOS it vary from one to another. To enter the setup simply press the correct key. Now in the BIOS go to the tab "Startup" or "Boot" and change the boot order, if your booting from a CD or DVD put the CD/DVD drive at position 1, if you want to boot from a USB stick then choose the correspondant device and put it at position 1.
In the above picture I chose the DVD device to be #1. Next you need to save and exit. After the setup exit your computer should reboot and it will boot from the CD, press enter and wait for the program to load. The first thing you will be asked is to choose the correct partition, this mean if your HDD is devided into several partion (ex: C:\ and D:\) you need to choose the system partition (the one containing the "windows" folder and files), in my case it is number "2", so I will just type "2" and hit enter.
Next we want to point the program to the config folder, don't panic it is usually "Windows/system32/config" you get this option by default so just press enter without typing anything.
Now choose "Password reset" which is number "1".
Then "Edit user data and passwords"
Now you need to choose the user with the password to be removed, for that you need to type the hole name of the user and it is case sensitive (You will be provided with the users list).
Then you will be provided with several useful options, we are going to use option "1" or if you want to change the password and not remove it then choose "2" and hit enter.
You will get the above message "Password cleared !" now type "!" then press enter. You will be asked : "About to write file(s) back ! Do it ?" by default it is [n] which means "no", this will undo the changes so we want to type "y" for yes and press enter, press enter for the next message and you are done. Remove the CD and press ctrl + alt + del to reboot.
After the reboot you will notice that the password was removed. Don't forget to choose your HDD as the boot device from the BIOS after you are done. This is the end of our first lesson.
‐Getting admin‐ That is actually pretty simple on a Windows machine, you will learn 2 different ways to do it. And if you are asking why I am always targeting Windows machines, then the answer would be because Windows is the most used operation system and the easiest to hack. Now to action. Methode 1: You are going to use CMD or also know as command prompt. For me this methode is useless because you need to be administrator in the first place, all it does is add another administrator user, but it can come in hand some day if the account your in is monitored or have some restriction, I don't know... Here is what you need to do open cmd by goind to "Run" then type CMD.exe or open a notepad and type in : "cmd" Without quotes and then save it as anything.BAT it is important to add .bat at the end of the name so it is treated as a batch file. Once iin CMD type : net localgroup Administrators /add replace with the name you want and press
enter. Now log out and you should see the new administrator user. Method 2: For this method you need to do the exact same thing we did with the "Password reset" (see it here) until you are at this stage
Now you need to choose option 3 "Promote user" and continue the same way we did for removing the password. The End
‐c‐Changing IP address and VPNs Why whould I want to change my IP ? and what is a VPN? well I will answer your question right now. If you are going to hack a website or RAT someone you obviously don't want to be tracked so changing your IP is going to help you a lot. Changing your IP can also help bypassing some restrictions like a banned IP. Now for the VPN part; VPN stand for Virtual Private Network, using a VPN service will create a private encrypted connection between you and the provider this mean that no one can intercept your connection and if someone traced you back it will lead him to the VPN provider and not to your personal computer. I will talk no longer about VPN, because it is easy to get one, there is some free VPN out there but the best ones charges for money. Now how to change your IP; you are going to need a proxy changer program and a proxy list. A proxy is simply an IP+port you use that port to connect to the IP and use it. I will be using a program called "Proxy switcher", it is a paid program but I provided you with a cracked copy, you can find in in "Files" under the name "Proxy‐Switcher.rar".
Now follow the instructions : 1‐ Installing Proxy Switcher : First extract the rar archive and install Proxy switcher, after the installation is done right click on Proxy switcher icon in task bar and click "register proxy switcher" use any name with the key I provided in key.txt. Now exit proxy switcher then lunch it again and you are ok to go. 2‐ finding fresh proxy : Well this part is more like a google search you need to search for "proxy list" or "fresh proxy list" or you can use the Proxy switcher itself to seach for proxys for you here is how you do that. .a. Using Proxy Switcher : Richt click on the task bar ‐‐> Show Manager
Now click the "Common task wizard"
Click "Next" then choose the first option in the common tasks and click finish.
Then wait for the program to get the proxy then scan then and you will have a list of dead and working proxys now double click on any working one and you are good to go. Note : Some time your internet connection may get slower based on the speed of the proxy server. And you wont always find proxy using Proxy server so I prefer searching in google. .b. Using Google (Better) : Simple go to google an search for frech proxy list, get any list that you think is fresh then copy it to a notepad and save it. Now go to Proxy switcher ‐‐> File ‐‐> Import from text file... and choose the txt file you save the list in.
Now click on new and you should have a list on unchecked proxys.
Click on Test proxy servers for availibility. And wait for the scan.
Now You should get working and dead proxys. Choose one of the working proxy and connect to it then go see if you ip has changed. Here is a trick, if you get no working proxy you can choose a dead one with a relatively small ping/Response and connect to it and it should work. Here is a picture to make things clear.
Before I conclude, here is a list of free VPN services : ProXPN CyberGost
Hotspot Shield GPass SecurityKiss and a bunch more...
‐d‐Batch Virus "Batch file is the name given to a type of script file, a text file containing a series of commands to be executed by the command interpreter.
The commands may be built into the command processor (COPY), supplied with the operating system but not built into it (XCOPY invokes the Microsoft DOS program XCOPY.EXE), or may be any program (cp invokes the program cp.exe if present, an .EXE port of the Unix cp command, with essentially the same functionality as XCOPY.EXE).
Similar to job control language and other systems on mainframe and minicomputer systems, batch files were added to ease the work required for certain regular tasks by allowing the user to set up a script to automate them. When a batch file is run, the shell program (usually COMMAND.COM or cmd.exe) reads the file and executes its commands, normally line‐by‐line.[1] Unix‐like operating systems (such as Linux) have a similar type of file called a
shell script.[2]
The filename extension .bat was used in DOS, and the Windows 9x family of operating systems. The Microsoft Windows NT‐family of operating systems and OS/2 added .cmd. Batch files for other environments may have different extensions, e.g. .btm in 4DOS and 4NT related shells." Thanks Wikipedia.
Now that you know what a batch file is, I will give a list of some commands and a decription then jump to the part where we use these command to make simple evil virus. (Don't be afraid of the list you don't have to memorise it :P, we will be using only a few of these commands.)
Commands list : @ In DOS version 3.3 and later, hides the echo of a batch command. Any output generated by the command is echoed. The at‐sign can be prefixed to any DOS command, program name, or batch file name within a batch file.
@[command] examples @ {Seperates sections of the batch file without diplaying the DOS prompt.}
@echo OFF
{Hides the echo off report.}
%DIGIT Replaceable batch parameters which are defined by the user when the batch is executed. The parameters are separated by spaces, commas, or semicolons.
%digit {Digit: any digit from 0 to 9. %0 has the value of the batch command as it appears on the command line when the batch is executed. %1 represents the first string typed after the batch commmand. Each occurrence of %digit is replaced by the corresponding string from the batch command line.} examples
MYBATCH DOC A:
COPY *.%1 %2
{Copies all .DOC files in the default
directory to drive A:}
%VARIABLE% Replaces the DOS environment variable name with its environment value.
%variable% {Variable: a string of uppercase characers in the environment associated with a string value. Variable is created in the environment by using SET.} examples %PATH% {Returns the value of PATH, the current search path, which is executable.}
echo %PATH% current search path.}
{Displays the value of PATH, the
%PROMPT% {Returns the value of PROMPT, the current prompt string, which is executable.}
echo %PROMPT% {Displays the value of PROMPT,
the current prompt string.}
echo The current search path is: %PATH% {Displays the message including the current search path.}
set USER=John if %USER%= =John goto LABEL {Since the value of USER does equal "John", the control is transferred to the label, LABEL.}
CALL Loads and executes a batch file from within a batch file as if it were a external command. When a second batch file completes, control is returned to the calling file.
call [drive:][path]filename [batch‐parameters] Before DOS version 3.3: command /c [drive:][path]filename [batch‐parameters]
CLS Clears the video display screen, setting the cursor in the upper left‐hand corner.
cls
ECHO Controls whether commands and comments within a batch file are displayed.
echo [ON|OFF|message|.] examples
echo
{Displays echo status}
echo ON {Restores normal display activity.}
echo OFF commands.}
{Halts display of DOS prompt and
echo Processing... {Displays "Processing..." on the screen.}
echo %USER% {Displays the value of USER on the screen.}
echo.
{Displays a single blank line on the screen.}
echo ^L > prn {Sends an ASCII control‐code (form feed) to the printer. Press plus to type the ^L character.}
echo Y|Del *.* {Answers the DEL "Are you sure" question automatically.}
FOR Repeats the operation of a DOS command for each member of a list. Use CALL to execute a batch file as a command.
for %%argument in (list) do command {Argument: any letter from A to Z. List: a sequence of strings separated
by spaces or commas. Wildcards are allowed.} examples for %%d in (A,C,D) do DIR %%d *.* {Displays the directories of drives A, C, and D sequentially.}
for %%f in (*.TXT *.BAT *.DOC) do TYPE %%f {Types the contents of all .TXT, .BAT, and .DOC files in the current default directory.}
for %%P in (%PATH%) do if exist %%P\*.BAT COPY %% P\*.BAT C:\BAT {Copies all batch files which exist in any directory on the DOS command search path into the directory C:\BAT.}
for %%f in (*.PAS) do call compile %%f {Compiles all .PAS files in the current default directory.}
GOTO Transfers control within a batch file to a line identified by a label. The label must be of the form ":LABEL".
goto LABEL :LABEL
IF Tests a condition and executes a command only if the condition is TRUE. But if the NOT modifier is present, the command will be executed only if the condition is FALSE.
if [not] condition command {Condition: errorlevel number; string1= =string2; or exist filename. Command: any DOS command, batch command, batch file name, or program name.} examples if [not] errorlevel number command {Errorlevel: an exit code returned by a program or an external command. The following DOS commands return an exit code: BACKUP, RESTORE, FORMAT, REPLACE, and XCOPY. Number: a numerical value (integer) against which the exit code is compared. The condition is TRUE if the exit code returned by the previous program is greater than or equal to number. The condition is FALSE if the exit code is
less than number.}
BACKUP C:\*.* A: /s if errorlevel 3 goto TROUBLE {If the BACKUP command exits with a code of 3 or higher, control will be transferred to the label TROUBLE.}
if errorlevel 3 if not errorlevel 4 echo ERROR #3 occurred if errorlevel 4 if not errorlevel 5 echo ERROR #4 occurred {Nested if statements that determine the exact error number.}
if [not] string1= =string2 command {The condition is TRUE if both strings are identical. The comparison is case sensitive. If either string is blank, a syntax error occurs.}
if (%1)= =(LTRS) CD C:\WORD\LTRS
{If the first
parameter is LTRS, the change directory to LTRS.}
if "%1"= ="" goto ERROR {If there is no parameter, then control is transferred to label ERROR.}
if not %2X= =X DIR %2\*.* {If there is a second parameter, then display all the files contained in the directory %2.}
if not "%3"= ="" if not "%3"= ="b" if not "%3"= ="B" goto BADPARAM {If there is no third parameter or if it is anything other than b or B, then go to label BADPARAM.}
if [not] exist filename command {The condition is TRUE if filename can be located. The filename can include drive and path specifications. Wildcards are allowed.}
if exist D:\%1\nul CD %1
{Tests for the existence
of directory %1 even if it contains no files, then changes to that directory if it exists.}
if not exist A:\FLASH.EXE COPY C:\PROJECTS \FLASH.EXE A: {Copies FLASH.EXE to drive A, but only if it doesn't exit there already.}
PAUSE Pauses the running of a batch file and displays the message "Press any key to continue ..." on the screen. If the optional message is included, it will be displayed first. Use pause to optionally terminate the batch file with at a safe place. The optional message is not displayed when echo is OFF, so the message must be echoed on the preceding line.
pause [message] examples pause continue ...".}
pause Exploitation Tools‐>Wireless Exploitation Tools‐>WLAN Exploitation‐>gerix‐wifi‐cracker‐ng"
Next Go to the "Configuration" tab select your wireless card interface usually "wlan0" or "wlan1" and click "Enable/Disable Monitor Mode".
A new interface should appear under the name "mon0" having "Monitor" as Mode. If that doesn't happen or if the Mode isn't "Monitor" then probably your wireless card isn't compatible. Anyway lets move on, now select the new monitored interface and click "Rescan networks". You will get a list off all wireless networks near you, Essid is the name of the network and Bssid is the mac address, you will need alse to check the "Enc" (encryption) tab, for this part the network should have a "WEP" encryption. Select a compatible network and move to the "WEP" tab.
First we need to collect some packets; go to the "General functionalities" section and click "Strat Sniffing and Logging".
A new terminal will appear, showing the packets capture and all the client connected to the attacked access point (Router). The number under "#Data" determine how many packets we have captured. and the mac address under "Station" refer to the clients connected to the AP, in my case there is only one device connected with the mac address "7C:11:BE:91:FF:E6" (I can tell it is an iphone from the mac address).
The more device using the AP the faster we will collect packets, our goal number is above 10 000 packets. Now for the attacks, in my case I am using an intel wireless card so the attacks wont have a big effect but I will show you how to do them. I will go with "WEP Attacks (no‐client)" because this will work even if there is no device connected to the wireless network. We have two type of attacks in the no‐client section : ChopChop and fragmentation, here is a list of pros and
cons: Fragmentation Pros ‐ Can obtain the full packet length of 1500 bits xor. This means you can subsequently pretty well create any size of packet. ‐ May work where chopchop does not. ‐ Is extremely fast. It yields the xor stream extremely quickly when successful.
Cons ‐ Need more information to launch it ‐ IE IP address info. Quite often this can be guessed. Better still, aireplay‐ng assumes source and destination IPs of 255.255.255.255 if nothing is specified. This will work successfully on most APs. So this is a limited con. ‐ Setup to execute the attack is more subject to the device drivers. For example, Atheros does notc generate the correct packets unless the wireless card is set to the mac address you are spoofing.
Chopchop Pros ‐ May work where frag does not work. ‐ You don't need to know any IP information.
Cons ‐ Cannot be used against every access point. ‐ The maximum xor bits is limited to the length of the packet you chopchop against. ‐ Much slower then the fragmentation attack. I will start with the chopchop attack first click "Start false access point Authentication on victim".
Then "Start ChopChop attack" type "y" for yes in the new windows and press enter. Wait some seconds then press "Create the ARP packet to be injected on the victim access point".
Finally "Inject the created packet on victim access point". Follow the same steps for the fragmentation attack they are very similar. Now we wait until we get more then 10 000 ‐ 15 000 packets.
Then go to the "Cracking"‐> "WEP cracking" and click "Aircrack‐ng ‐ Decrypt WEP passowrd", wait for it to finish and you will get your password . Remove the ":" from, so in my case it will be "2400242890" .
‐WPA/WPA2‐ This attack need at least one client who is connected to the AP. Same as WEP until you choose a network to crack, for this you need the network to have WPA or WPA2 encryption. select it then go to "WPA" tab.
Now "Start Sniffing and Logging".
Now we need to get a "Handshake" so we can brute force the password, to do that open "WPA attacks" then click "autoload victim clients"
Now click "client deauthentication" wait for it to finish and you will get "WPA handshake: AP BSSID" (if not try increasing the deauth number, it is 4 by default).
‐> Waiting for client deauthentication.
After we get a handshake we are ready to start cracking, so first we need to get a dictionary file; it is basicly a very big list of password you can find one easly if you google it. I will assume you got you dictionary file, now go to "Cracking"‐> "WPA bruteforce cracking". In normal cracking type the location of your dictionary file (including
the file's name) and click "Aircrack‐ng ‐ Crack WPA password".
Almost done, if your dictionary contains the password aircrack should be able to decrypt it.
This conclude the second section of chapter 2.
II.Online accounts. (Facebook, hotmail, gmail...) If you have no idea or any previous experience about accounts hacking then READ this: 1‐ A program or a software that automatically hack
NOT
accounts by giving it username or email does
exist, so please don't be fooled by the fake youtube videos. 2‐ Social Engineering : also known as SE is the art of manipulating/tricking peoples; usually used to get some information from the victim or trick them into fake login/ keyloggers.... 3‐ Hacking accounts IS a cyber crime and can get you in jail in some countrys. 4‐ " Ohh no my facebook/hotmail.... account was hacked, how can I hack it back ? " Stop whining about and use the password recovery button, it is lot easier then hacking the person who hacked you in the first place.
5‐ These tutorials are for education purpose so don't abuse this knowledge for personal revenge. Enough said lets move into action. ‐a‐ Phishing A phishing page is a fake login page that looks exactly like the original one but once you login it will send the username and password to the hacker. It is probably the easiest and most efficient way to hack an account, but require more SE then the other. 1‐ What you will need : ‐ Free/paid webhosting. ....Yes, that is all you will need in addition to a brain and a computer of course. 2‐ Making the fake page : ‐a‐ Choose a website, I will go with Facebook, if you don't have any knowledge of html and php coding stick to my exemple so you follow me easily. ‐b‐ Go to the website login page, in my case it is facebook.com or facebook.com/login.php both pages have a login form. Then we need to get the web page source
code, if you are using firefox jusr right click and select "View Page Source" or you can press Ctrl + U. Copy all code then past it in notepad++ or notepad. ‐c‐ Now we need to create a php file that will receive the message (email/pass) sent by the page and write it to a text file. So go on and open a new notepad windows and copy past this code. You can edit: ‐The redirection location in the second line after "Location:" ‐Text file name holding the emails and passwords in line 3 original name "logs.txt" After you have set these option to your liking save it as something.php ( I will name it action.php) ‐d‐Uploading : First you need to creat an account with webhosting service here is some free ones : 7ry.us 000webhost.com freewebhostingarea.com zymic.com After you have created and account create a free domain then login to your domain.
Now in you domain cpanel search for your ftp login info, and save then somewhere then log out.
Google Filezilla and download it then use the ftp login you got from your host to login.
Now you can easily upload file from you computer (left) to the online host (right); go on and upload the php file we created earlier.
The file action.php is now online so lets get his link, to do that right click the file and select "Copy URL(s) to clipboard".
This will give you the ftp link but we need to get the http link, follow this. ftp : ftp://user@domain/fileteh/action.php to get the http linnk remove everything before the @ including the @. Also if in the link there is reference to "public_html" remove it. So my http link will be : http://domain/fileteh/action.php ‐e‐ Back to the page code; we need to search the code for the part about the login form more specificly for the code that sends the request to the server. For Facebook search the code for : action="https://www.facebook.com/login.php? login_attempt=1"
Make sure this code is in the form "login_form".
Now replace the link after action=" with your php file link ("http://domain/fileteh/action.php")
‐f‐ Obfuscate then upload. To obfuscate your code go to http://htmlobfuscator.com/ then copy all the modified html (webpage) code to from notepad to the website and click obfuscate then copy the obfuscated code and place it in notepad then save it as something.html
And upload your html file the same way you did for the php file then get the http url. ‐g‐ Setting permissions, in filezilla right click the two file and click "File peromissons..." then change it 777 and click
"ok". ‐h‐ Testing: finally you are ready to test the page. Go to the html page you uploaded (not the php page) and it should look just like facebook.
Write any username and password then press login the page will then redirect you (You can change redirection page in the php file see step "c" ). Then refresh Filezilla ang a new txt file should be there with the username and password inside.
Extra : ‐Masking the link : If you link looks too suspicious then you can mask it. That is very easy go to www.dot.tk and select a new URL name.
Then in the "Forward this domain to" insert the link to the sake page.
Now you can send the .tk link and they will be redirected to the fake page. ‐ Spreading : Here comes the SE part.You need to trick to login with your fake page, you can tell them they will get free facebook gold or free likes or just tell them it is a new version of facebook with lots of new stuffs; you wont believe how stupid some people are so just come up with a story and make them login using the fake page.
THE END
‐b‐Keyloggers ‐1‐ What is a keylogger ? A keylogger run in silent mod (hidden) on the slave's pc and will record all pressed keys in addition to screenshots/webcame and then send the logs to the hacker. Keyloggers are used to steal passwords or spy on comversations and user's activities. ‐2‐ How to setup a Stealer + Logger ? I will be using "Unknown Logger Public V 1.5" located in the Files folder under the name : "Unknown Logger Public V 1.5.rar" (Credits goes for unknowns from hackforums.net for that great free logger.)
This logger has 2 delivery option : By email or by FTP, I recommend using ftp as it is more stable or use a fake email so if you are traced to the email they wont get your real one. 1) Using FTP : First login to your ftp account (You can see details on how to create one in the previous part "Phishing")using Filezilla then create a text file and upload it, lets name it "logs.txt"
Now in the Logger fill in the information with user name, password of the ftp, and for the URL go to Filezilla and copy the URL of the "logs.txt"
For the email delivery :
I recommend Gmail. Enter your email, password , choose "smtp.gmail.com", then enter the email address to send the logs for. (Don't touch the port) Testing the delivery : For both email and FTP click the " Send: Tags Explanation/Test " button, if everything is ok you will see this message. (may take like 1 minute max if you have slow internet connection)
If you chek your logs file or your email you should get this.
The next step is configuring the Logger and Stealer. First for the Logger, there is the "Send Logs" option if you leave it 1 this means the loggers will send the logs every 1 min , i recommend every 2 or 3 min but it is up to you. The name is simply the name of the virus. Now click the " Settings " button and check "Run on StartUp" in the "Extras".
Now for the Stealer, simply check everything in the "Stealers" tab in "Settings". (You can check only 1 or 2 options if you don't want the others) That how it should look.
Now give it a name then click " Build " (will be build in the same location as the builder). ‐3‐ Spreading If you want to spread your keylogger successfully you will need to make it FUD (Fully UnDetectable) so that it is not detected and deleted by AV. To do this you will need a FUD crypter I did not include one with the book because a private FUD crypter will cost you money.
Your next step is to find some place to spread it one, usually torrents are the best find a new fresh prgram/game/crack/movie... download it, use a binder to bind the file with your keylogger and start spreading. You can also use extension spoofer if you are spreading the keylogger without binding it with another application, this will make it look less suspecious.
‐c‐ Remote Administrator Tools ‐1‐ What is a RAT ? RAT stand for Remote Administrator Tool or Remote access Trojan, it a malware program that would give the hacker access to the victim's computer. RAT usually spread in torrents and pirated/fake softwares. A system infected by a RAT is part of an infected network called botnet. A botnet can have several goals, most common : ‐money ‐DDOS (Attacks websites) ‐2‐ How to setup Dark Comet RAT? Dark comet is one of the best free (public) RATs, but as a public RAT it is easly detected by AV so consider using a crypter. General idea on how the RAT will work: There is two part in a RAT, a client and a server; The server is sent to the victim to infect the computer, then the server will try to establish a connection with the client. The client receive the connection and communicate back with the hacker's commands. It is very similar to multiplayer games a person create a game (Client) and the other players connect to it
(server). The server will need and IP address and a port to connect to the client, as some of us don't have a unique IP (IP can change everytime you connect to the internet) we will use a DNS host. This mean the server will connect to the DNS host then will be redirected to your IP, and you can update your DNS host every time your IP change. What is left to do is port forwarding your router, this means open port to allow the server to connect. a) No‐ip DNS host To get a free DNS host, we need to sign up at www.no‐ ip.com, once you sign up go on and login to your account. Then click on "Add a Host".
Enter a host name and leave the host type to DNS Host (A) then click "Create Host".
Now we need to download no‐ip client so we can update the IP fast and easy. To do so click on "Download Client" in the left panel.
b) Creating the server. You must know that Dark comet is a RAT and will be detected by your AV so turn it off or add dark comet to the exeptions list. Go to the "Files" folder provided with this ebook and extract "DarkCometRAT531.zip" open the folder then run "DarkComet.exe" accept the terms and you good to go.
To create the server go to : DarkComet‐RAT‐> Server module(657.50 Kb)‐> Minimalist (quick) or if you want to fully costumize the server choose Full editor (expert)
Set the setting as shows in the above picture, you have to change "IP/DNS" to the no‐ip DNS host your created earlier; you can also change the port and the icon if you want. Now click normal to build the serve. c) Lets open some ports. Before we can start listening for connections we need to open the port we used for ther server in my case "1604". This can be very if your router support UpNP, anyway follow these steps : ‐ Go to Socket/Net tab in DarkComet, then righ click and add port.
Enter your port number and make sure "Try to forward automaticaly (UpNP)" is checked, then click "Listen".
Now we need to check if the port is open, to do so go to : www.canyouseeme.org, enter your port numbe and click "Check Your Port" if you get Success then you are good to go and the port is open.
4‐ only if automatic forward didn't work. If the previous method didn't work and you got a connection error from canyouseeme.org the refer to this website and choose your router model to port forward
your router manually (it is pretty easy): http://portforward.com/routers.htm d) Listening For connection on a specifique port all you need to do is go to Socket/Net tab and add a port (Same as in the previous step) and if you protected your server connection with a password (can be used only in Full editor mode) go to DarkComet‐RAT‐>Client setting‐> General settings and enter the password in "Traffic encryption merged key (password)"
e) Testing Final step is to test if everything is working, so go create a server and remove and option that could harm your computer then run the server on your self and listen for connections, a seconds later your computer should appear in the "Users" tab.
To uninstall the RAT from your machine right click the user‐> Uninstall Server(s)
‐3‐ Spreading (Same as for the keylogger) You will need to make it FUD (Fully UnDetectable) so that it is not detected and deleted by AV. To do this you will need a FUD crypter I did not include one with the book because a private FUD crypter will cost you money. Your next step is to find some place to spread it one, usually torrents are the best find a new fresh prgram/game/crack/movie... download it, use a binder to bind the file with your RAT server and start spreading. You can also use extension spoofer if you are spreading the server without binding it with another application, this will make it look less suspecious.
View more...
Comments
