Make your .exe look like a jpeg, mp3



By:: Judge

This tutorial will show you how to make your .exe (or .com/.scr) files look like .jpeg/.mp3 or any other filetype! By normally changing the extension to e.g .mp3, will corrupt your file, but with this exploit your file will still be executable!


1. I have my server.exe, but I want it to look like a mp3 file, so people would run it. In this case, you should change the .exe to .scr to make it look more legit in the end.

Now, rename your server.scr (which is still executable) to "songname uploaded by .SCR" (notice the space).



2. Now it's time to use the exploit! Open up the Character Map: 



Scroll down and find the "U+202E: Right-To-Left Override" character:



Click "Select" and then "Copy".

3. Now choose to rename your file, and paste the copied character right before the ".SCR" (press ctrl+v to paste)



Then type "3pm" (without the " ") and press Enter. Now it should look like this:



Done! Obviously you might want to change the icon to look like an mp3 before doing this..

Most browsers have patched this, but it can be used on IM's like MSN or Yahoo Messenger. To upload the file to a filehost, you need to make a .rar file with your server inside.



Now go ahead and mix around with .exe/.scr/.com and the fake-extensions to find some other legit-looking combinations!


Read More Add your Comment 0 comments


Spy-Net [RAT] 2.6 Guide To Setting Up and Spreading



WARNING - EVERYTHING YOU DO WITH THIS TUTORIAL DO IT AT YOUR OWN RISK. USE IT FOR EDUCATIONAL PURPOSES ONLY (A) 
First you need to download these two files:

No-ip DUC : DOWNLOAD
Spy-Net RATDOWNLOAD [Password is Spy-Net]

Okay so fucking first of all we need to setup Our No-ip account.

1. Go to www.no-ip.com
2. Create a new account
3. Confirm it from your E-Mail
4. Login To No-IP website
5. Select Add a host
6. Click Create Host
7. Write what you want the name of your No-IP adress to be

8. Click Create Host
9. Download No-IP DUC , Install it , then login with your Email and password.
10. Once you do You will see your server there. Click on the icon and it will be smiling. ()

I forgot this part 
Port forwarding.

I Will not explain that much ,
1. Go to http://www.portforward.com
2. Click CTRL+F 
3. Select Your Route

4. Follow the guide and do this with the port 81
Okay so now its time to setup Spy-Net!

1.First of all , Open the Spy-Net , you will get a popup with some weird language , click NO
2.On Spy-Net , click START and then Opces -> Idioma -> English.ini (thats for changing language of spynet , Default is spanish or something)

Okay so now , I uploaded pics for it to be easier.

1.Go to File -> Create Server -> Select any of the profiles

2.Connection


Where it says "Your_Dns_here" Click once on it and click DELETE. Then click ADD and write your No-ip adress , and click Addor OK i dont know what it was

3.Installation


Leave everything as it is... ( these the options i use personally)

4.KeyLogger


Okay , so i guess everyone wants the keylogger , so select it.
And i prefer using the Backspace option too , as if someone logins to facebook , and his email is saerdna798@hotmail.com , and he misspelled something and it showed as saerdna879@hotmail.com , im sure he will use backspace and fix it , so this will be recorded on your keylogger and you can get the passwords easier 

5.Anti-Debug


Okay select all of them , if you want to test it on sandboxie , unselect the first one 

6.Final Step


Chose anything you want , for changing the icon click on the Picture icon on there and select any .exe or .ico files...

¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬ ¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬¬​¬¬¬

SPREADING

Okay , so there are alot of methods for spreading , i am going to tell you some of them ..

1. Youtube - YouTube is a video sharing website on which users can upload and share videos, millions of people are online... Now , make a video bout a crack , like For Adobe Photoshop , VB.Net , Teamviewer ,(These were just the examples) or any Games , then get your virus FUD(recommended) and Make a video and post. Now , i know alot of people do this , but they dont do 1 thing right. SPreading the video. 

How do you do this? 

GO to http://www.youtube.com and click on Videos , then click on Most Viewed , and then choose All Time

Then go to every single video that has alot of views and post this:

Wow look what i found click on my name and watch the video , it will get ur free shit etc etc.. .

Then you will get loads of people on your RAT.

2.Torrents - This is the most effective way. First you need a torrent client, I use uTorrent, because it's the easiest.Once you get your torrent client, Get some fake stuff , like Steam games Keygen or Cracks or w/e and then put them in a .rar file and put the RAT on it. (BIND IT) . Now you gotta create the torrents.Open uTorrent , and then go to File -> Create New Torrent And add your .rar file on it, okay so now trackers are needed... These are some good ones:

Then click START SEEDING. Now .. CLick Create -> Save AS... and save anywhere u want 
After you saved , go to http://www.thepiratebay.org, Register and upload your torrent

3.Chat Rooms - This is slow but you get adult people ( You can get credit cards and paypals from this). First of all , go to any chat room from any of these below:

And then , upload your file to any free file hosting such as sharesend and then go to chat rooms , and start spamming "16/F/uk huge boobs wanna see my naked pics ? go here <insert link> and tell me if u like it!!

OR

Spam this:

Add me on msn will send u naked pics of me <ur msn here> im hornyyy xxx 
And after they add u send link from there ( this is a better method than the first one .. but this is a lil boring)

4.Forums - I used to do this when i first started using RAT's , it was pretty fun actually

First you go to any gaming forum such as http://www.mpgh.net and create a new thread with the name "Free All In One CrossFire HACK" and then post a fake virus scan of ur file and put download link , you will get alot of 12-17 years old kids who play all day RPG games...

5.Impersonating Microsoft - This one doesnt work very well , but you can use this for targeting. First of all go tohttp://www.passport.net and make a @microsoft.co.uk email... then , add someone you want on that msn and tell him : A new virus has been detected , for your safety , we need you to download this file < LINK> or else your computer may be in danger.

If you are a good SE'r this can be easy for you !

F.A.Q

Q. Why when i try to access Spy-Net.exe is says cannot access the specified device path or file?
A. This means you have an antivirus that deletes the virus instantly after you download it , antiviruses such as AVG do it , you need to UNINSTALL AVG to make it work.
__
Q. How do i make my file undedectable by antiviruses ? [FUD]
A. Use a crypter.

Q. Can you crypt my file?
A. No. i cant.

Enjoy Ratting ! Hava Fun 


Read More Add your Comment 0 comments


The Hacker’s Underground Handbook | ebook on hacking





The Hacker’s Underground Handbook will guide you through password hacking, windows hacking, malware, phising, web hacking, network hacking and Linux (intro, installation, etc). All this material fully packed with images, thus being a top step-by-step guide, on the course of which you cannot fail. A great starting book which will guide you in the right direction, helping you understand the basic concepts of computer security and matters that you should take in consideration.


Read More Add your Comment 0 comments


Best Proxy Tools




Proxy for Online privacy and anonymous web surfing. 
• Proxy fire:
Homepage
Download

• ProxyFire 2.8 With Serial:
Download

• PD Proxy
Download

• Anon Proxy
Download

• Multi Proxy
Homepage
Download

• Proxomitron
Download

• Privoxy
Download

• Anon Proxy
Download

• Anonymous Proxy Tool
Download

• Alive Proxy
Download

• Proxy Master
Download

• K Proxy
Download

• More Proxy Tools (Update Regularly)
Download


Read More Add your Comment 0 comments


Now Facebook In Hacker's Language "1337"



Hi Guys !! :)


Facebook Has Now Officially Launched Hacker's Language ! 1337 ! . I Hope So Many Of The Hacker's Will Start Using This Language ;)




How To Change The Language To 1337 on your Facebook ?


1~ Login To Your Facebook Account
2~ Go To Account Settings
3~ Click On Language Option (i..e) click edit on language option
4~ Now Select The Language To " Leet Speak "


if you want to use Facebook in your old language then set it to English (US) again


















Please Thanks Guys !! :D


Read More Add your Comment 0 comments


How Not To Get Caught while HACKING !



I think this must be read before starting or thinking of hacking. Big ups Evox


How Not To Get Caught

I think one of the most unclear areas to the up and coming hacker is how to avoid being caught when penetrating systems and networks. I've read and heard many very misinformed myths on this subject, and I've seen more than a few people get in a lot of trouble by making dumb mistakes.

I should take a second here first to go over something. I'm not promoting illegal activities or saying anybody should go out and do anything illegal or damaging. I'm just trying to be informative.

Contents


1 Things you should not do
1.1 Use AOL, MSN, or any small ISP (assuming you're doing this from your home).
1.2 Make any operational changes to the compromised computer(s)
1.3 Leave a calling card
1.4 Use Proxies
1.5 Use automated exploit scanning tools
1.6 Tell anybody about what you're doing or have done
1.7 Attempt unrealistic methods of intrusion
1.8 Give yourself a user account
1.9 Do it from a public computer
1.10 Write things down or print things off
1.11 Respond to any odd communications you get regarding your target
1.12 Use mind altering drugs or hack when you've had a lack of food or sleep
2 Stuff you should do
2.1 Your Environment
2.2 Proxies - Revisited
2.3 Data Protection
2.4 Wireless
2.5 Using Exploits
2.6 Hacking Web Apps
2.7 Dealing with Logs
3 Hiding out on a Linux System
4 Hiding out on a Windows System


Things you should not do
There are some things that you should avoid doing at all costs if you don't want to get caught. I think it's important to go over these first because there are a lot of common myths and falsehoods that should probably be cleared up before I go on and explain good ways to protect yourself. Keep in mind, these are things you _shouldn't_ do.

Use AOL, MSN, or any small ISP (assuming you're doing this from your home).
If you do stuff from home, or even just do research of some kind from home, you should avoid MSN, AOL, and smaller "home-town" type ISP's. AOL and MSN watch their customers very closely for any activity that might indicate you are involved in breaking into a system and may call the cops, turn off your internet, or a multitude of other things. Smaller ISP's tend to do the same kind of thing. Citation needed

Make any operational changes to the compromised computer(s)
When you compromise or probe a system you should not do anything that has a good potential of negatively impacting the performance of that system. People will notice if something stops working right or starts working slower than normal, and will investigate the reason behind it.

Leave a calling card
Don't leave any sort of calling card that'll tip someone off to your presence. This includes defaced web pages, deleted system logs, logs edited in ways that aren't believable, etc. This is again, because it lets the target know that someone has been messing with things.

Use Proxies
This mostly applies to the proxies found on public proxy lists, but it should be held as a general rule. Do not use proxies to try to mask where you are connecting from. Most proxies keep logs of who uses them and for what. If your mark realizes something is going on they can probably just get the party responsible for the proxy to release the relevant logs. This isn't to say that proxies should never be used. They just should not be relied on. Ideally, any proxy you use should be one you are sure does not log anything, or one which you can access and delete log entries related to you.

Use automated exploit scanning tools
Don't use programs like X-Scan, Nessus, Saint, SuperScan, Languard, or anything else like that to get info about targets. These programs tend to check for every possible thing which could be wrong with a given system, which will generate a lot of error messages on your target's system and fill their logs, which is a pretty good indication to them that someone is attacking them. Such programs also tend to trigger intrusion detection systems like Snort.

Tell anybody about what you're doing or have done
The fewer people who know, the better, because then there are less people who can rat you out or let it slip. Avoid working in groups if possible.

Attempt unrealistic methods of intrusion
Don't try to do stuff like use IIS exploits against Apache, or IA32 shellcode on a computer with a PPC processor in it. These are sure-fire tip offs to someone that something is going on, and will also trigger most IDS devices. Along with this, you should avoid using automated password guessing programs because they'll cause you the same kind of trouble, and you probably won't gain anything.

Give yourself a user account
Avoid giving yourself a user account on a target system. If you can, use an existing account or access the system using a method that doesn't require authentication.

Do it from a public computer
Although it might be tempting, you shouldn't use public computers for any kind of hacking. While it does grant you relative anonymity, you can't be sure that someone won't walk past and see what you're doing, that there are no cameras around, or that the machine doesn't log what you use it for.

Write things down or print things off

Keep stuff on computer where you can encrypt it and hide it from prying eyes. Don't write stuff down or print it off because then someone might find it laying around. Plus, papers found with you can be used as evidence while most text-based computer documents can't be.



Respond to any odd communications you get regarding your target
This might sound obvious, but don't respond to any communications you get from anyone regarding your target. If someone contacts you about your target then cease all activity right away.



Use mind altering drugs or hack when you've had a lack of food or sleep
All of these can cause you to make stupid, stupid mistakes.



Stuff you should do

Enough with things you should avoid doing, and on to things you should do. This section is broken up into little segments about different topics.



Your Environment
Something that is a lot more important than you would think is the environment in which you work. Make sure you are relaxed, have access to some place comfortable to sit, and are not rushed. Avoid recurring distractions like the telephone, and turn off things like the TV or the radio. Music is good, but don't listen to music that makes you feel particularly rushed, excited, or tense. Turn off any messaging programs or anything like that.

The idea is to make it so you can completely focus on the task at hand without feeling rushed or uncomfortable. If you maintain a relaxed state of mind and body you will make less mistakes and will think through your actions more carefully. It's really easy to forget what you're doing and then make a mistake later if you get pulled away from the computer by the phone or something. Take frequent brakes and sit down and relax. Also, make sure you have plently of sleep, food, and what not so you're brain is working well. Needless to say, save the cannibus, alcohol. or whatever else for the victory dance, hehe.



Proxies - Revisited
Yeah, I said not to use proxies. That's because it's easier to tell someone not to do something than to explain to them the right way to do it. So, this is the "right way". When it comes to proxies your best source of them is yourself. You should use proxies you have set up on other people's machines. There are many pieces of software available online which will act as a SOCKS proxy if you install it on someone's computer.

Register an account with a free dynamic DNS service like dyndns.org and then install proxies on home machines, and use the dynamic DNS services so you can always find the machines you've made into proxies. The advantage of this approach is that individual home users are a lot less likely to monitor their computers (many home PC's are part of a bot net anyway), and you don't have to worry about logs.

It's best to use proxies which support encryption so the traffic sent between the proxy and your machine can't be sniffed by anyone in between.

Also, on the topic of proxies, it should be noted that any program can be used through a proxy if you take the correct measures. Two pieces of software you should look into are tsocks and proxychains. Both of them can take all of the TCP I/O of a program and send it through a chain of proxies. You can even use them to do anonymous portscanning and the like. About the only thing they don't work well with is FTP, due to the way FTP connections work.

If you have the time to do so you should check out the Tor project (http://tor.eff.org/), which is a decentralized, encrypted network of proxies which anyone can use to mask the source of a connection. It seems to work prety well, except that connections over Tor have a higher latency than connections without it.

Data Protection
Protect the data on your computer(s) from prying eyes. Don't use some kind of stupid method like a commercial crypto-disk software which probably has a backdoor in it. There are better ways. One of the best ways I have seen is to use the cryptodisk function found in the Linux kernel. Basically, you can make a image file which can be mounted as a file system (with the correct password). When it's not mounted the data is encrypted using any algorithm you like (anything from 3DES to AES or Twofish). There's a good tutorial on how to set this up here:http://www.tldp.org/HOWTO/Cryptoloop-HOWTO/

If you're not able to take that route, using PGP/GPG is a good idea. GPG is an open source encryption program that uses a public key architecture and is pretty much the de-facto standard for encrypting documents. It's a good idea to encrypt any saved logs or data using it. If you're using a system with it installed (any *NIX) open a command prompt, run gpg --gen-key and follow the directions. It's a very useful piece of software.

As far as hiding and encrypting data it's a good idea to avoid any commercial software and the methods of encryption used by programs like Winzip and Winrar. In short, don't use any application-specific method of protecting your data. Don't rely on the password protection of Word documents, for example.

Also, it's not a horrible idea to have some kind of plan in place to destroy all of your data very quickly in the event of a raid or something like that. Granted, you probably won't ever have to actually use the plan, but it's like hacking insurance. Better safe than sorry. It's best to dispose of magnetic disks like floppies and hard drives using very strong magnets or very high heat. Heat is best, since the media will warp and expand. One thing I used to do was keep a coffee can with a magnet taped to the lid, and keep floppies in the can. That way knocking over the can would erase the disks.

Hiding your data somewhere no one will look is a good idea as well. Some HP network printers use a version of DOS which will allow you to store files on the flash drive in the printer, for example. Who is going to look for your stored files on a printer? All the better if they're encrypted too.



Wireless

The spread of wireless internet access has made it a lot easier to hide one's identity on the internet. If an attack is made from a network with an attached wireless AP, it's almost impossible to know who did it. However, if you choose to go this route you need to take special precautions.

Obviously, don't be suspicious, and don't get yourself on camera. Also don't use programs like Net Stumbler to find networks. Use a passive tool like Kismet, or just put your card in monitor mode and use Ethereal. Do NOT use a Windows computer for this. Windows loves to broadcast all sorts of identifying data all over the place, and you don't want that on someone else's wifi net. In fact, make sure any programs which automatically connect to anything online are turned off so you don't make any more traffic than you have to. It's also a good idea to change the MAC address of your wifi card using a program like macchanger or travesty. You can change the reported MAC address in Linux easy enough with ifconfig.

If you can, you should get into the AP and delete logs related to your computer as well. That way no one even knows anyone out of the ordinary was using the network. Otherwise you might suddenly find that networks you frequent become closed.



Using Exploits
Probably one of the most effective ways into a system is to exploit a vulnerability in a piece of software installed on that system. It could be an exploit for anything from an anti-virus program, to a web server, to something as odd as a word processor. Such exploits are plentiful, available all over the internet, and most systems have at least one piece of software installed which is vulnerable to an exploit. All of this makes using known exploits very attractive. Well, before you happily go and use someone else's exploit code there are some precautions you should take.

First of all, most of the time when a vulnerability is discovered one to two pieces of code are released for exploiting it. In most cases these pieces of code send some kind of distinguishing data to the target, so such data is often added to the signature lists of IDS software very quickly. Exploits which cause something to listen on a port are usually added to IDS software pretty quickly too, because they tend to use the same port all the time. So, if you just plan to use someone else's un-modified code, you probably shouldn't. The best practice is usually to write your own code that exploits a known vulnerability in a fashion that won't set off too many alarms. If you don't have that level of skill, you can always try modifying someone else's code.

Most exploits have a section somewhere in them called the "payload" which is basically the instructions the exploit has the target run. Most of the time "shellcode" is placed here, which is a hashed and obfuscated list of command line instructions. Again, most of the time the goal of shellcode is just to get the remote system to bind a command shell to a given port. In many cases you can simply remove the shellcode in an existing exploit and replace it with your own. Tools like the Metasploit Framework can help you generate code to your specs.

Also, the best practice as far as exploits go is to use or find one that not many people know about at all. If an exploit isn't public knowledge then most people will not know what to look for, and most IDS devices won't flag the usage of it.



Hacking Web Apps

A common way into a server is to exploit something wrong with a web-based application like forum or gallery software. This is actually a very good way into a server that carries a lower risk than you might think. If you do this sort of thing it's best to do it during peak hours because so much traffic will already being hitting your target that yours will probably go unnoticed. Web server log files get very large and most people never read through them unless they think something's messed up or not working right. Furthermore, most *NIX based systems use logrotate to delete old log files, so chances are, your logs will be deleted anyway after a little while. Some systems are even configured so that log files are "rotated" once they reach a certain size.

However, you are still vulnerable to detection by intrusion detection software. Thus, you should take two precautions. The first is to use a randomized chain of proxies so that your requests don't all appear to be coming from the same IP. Multiproxy (for Windows) and proxychains (for Linux/UNIX) can do this for you. The second is to use SSL (https://) if you can. SSL encrypts all data between you and the web server to prevent people from snooping. It also prevents IDS software from seeing the data you're sending the server.



Dealing with Logs
How to deal with system log files is a hotly debated subject. Generally, you should never just delete all the logs on a system. Missing log files are a huge tip off that something is wrong. Also, you should always check to see if the logs on a system are being saved somewhere other than the usual place. On a Linux or UNIX system you'll probably want to take a look at /etc/syslog.conf and look to see if logs are being logged to any remote hosts. Windows doesn't have a built in way of logging to a remote computer (at least, not that I am aware of), so it's harder to tell if something like that is set up on a Windows box.

It is a good idea to edit logs. However, you have to be careful and pay attention to what you're doing. You probably shouldn't just delete all evidence that you ever touched the system. Rather, you should alter the evidence to make it look like someone else did. For example, say you break into a server in a college. It wouldn't be a bad idea to alter and change all instances of your IP to an IP somewhere on the same IP block as the student dorms. A plausible explanation is always better than no explanation. People won't look as hard for an answer if there's already an apparent, obvious one in front of them.

On *NIX systems there's a file called /var/log/lastlog which keeps track of the last time each user logged in and from where. Generally, when a user logs in it will show them the last time they logged in. Deleting lastlog is a bad idea, and there is no good way to edit it. One good way to deal with it is to secure shell to localhost and log in again. Most people won't really think anything of it if the server says the last time they logged in was from TTY1 or something. Now, yeah, an admin will know something is up, but if the account you used belongs to someone less experienced they'll just ignore it and assume the admins must have been fixing something.



Hiding out on a Linux System
If you break into a Linux system there are some things you should check for before you poke around too much. You should probably check to see what modules are loaded (lsmod) and look for anything odd which might indicate you're inside a virtual machine (might be a honeypot). Another good way to check for that is to cat /proc/cpuinfo. If it's vmware cpuinfo will say so.

Also, you should see if process accounting is installed and enabled. Look for the executable accton, which is typically located in /sbin. Look for any kind of integrity software as well, including chkrootkit, rkhunter, tripwire, samhain, integcheck, etc. If you do find software which will detect your presence you should not disable it. Rather, see if you can reconfigure it to ignore you.

Generally, because of the way a Linux system logs actual log ins you'll probably want to install some sort of rootkit or back door to let yourself in later. The best sort of rootkit for this sort of thing is one that's not readily detectable. Good ideas are replacing ssh with a patched version which does not log your logins, or replacing /sbin/login with a version that doesn't log you. There are plenty of rootkits out there which you can get ideas and the like from.

There are also a lot of more obscure ways of gaining access, including programs which send command over ACK packets, ICMP, or HTTP. Such programs are very useful since a firewall won't normally think anything of them. Also, of note here are netcat and the GNU version of awk, both of which can be used to make a remote shell you can connect to. These are nice because both of them are usually installed on most Linux systems.

Also, a final note on rootkits. Do not compile them on your own system and them upload them, especially if they replace vital system files on the target system. If your system happens to have different versions of a required library or something of that nature the rootkit might cause the "patched" version of /sbin/login or some other program to not even run, which that is a first class way to let someone know something is wrong.



Hiding out on a Windows System
Windows is a lot easier to hide on. There are plenty of good programs which will dodge antivirus software and disable logging of your connections. Also, if the target system uses NTFS you can use NTFS file streaming to hide files on the system (the book Hacking Exposed talks about how to do this).

As far as backdoors and the like go, you should avoid using traditional trojan horses. They are easy to detect and usually have a lot of functionality issues. Installing something like tightvnc, turning on Remote Desktop/Terminal Services, or something like that is the way to go. Most Windows servers do not have the logging facilities to notice a change like that, and it's easy to hide such changes or software installs if you use a rootkit like the one that comes on those CD's Sony is distributing right now (hides any file where the name starts with $sys). People tend to expect a little oddness and quirkiness out of Windows, so you have more leeway for installing backdoors.

Honestly though, there aren't many reasons to want to break into a Windows system. They do make excellent members of a list of a proxies.


Read More Add your Comment 0 comments


 

About Me

© 2010 Dorks Night All Rights Reserved Thesis WordPress Theme Converted into Blogger Template by Hack Tutors.info