Jump to content
MaxCheaters Official Group on X
MaxCheaters Official Group on Discord
--> Place your ad text here <--

Become Anonymous, Hide Ip, Encrypt&hide Hdd, Hide Identity.

Kràtos

By Kràtos
in Guides & Tutorials

 Share

Recommended Posts

Kràtos Newbie

Kràtos

Posted
Posted (edited)

**THIS IS A PRIVATE TUTORIAL CREATED BY WHITEFLAME**

 
 
This tutorial has been written for the Wraith and is NOT for public distibution.
All information in this tutorial is for educational purposes only. Any  illegal activity relating to this tutorial is not my responsibility,  although I would like to say I don't care how you use it, I do. So  please do not use this for Black-hat activities. One day when you grow  up you might realise that you have been a skid, by using mass-deface  techniques and SQLi for your entire life. Do not just hack a site  because it is there. I have a few sites of my own and its annoying,  unproductive, and pointless.
 
Hide like a hacker
 
 
i- Protection
ii- Encryption
iii- Anonymity
iv- Links
 
 
Protection
 
Basically what I am trying to say in this section is, before you go out  hacking other people and other things, just check for a second and make  sure it's not as easy to hack your device. There are some pretty simple  steps for this though.
 
  •  
  • Make sure all your security updates are installed, if you have windows firewall disable it.
  • Download your own firewall. If you are behind a router you can skip this.
  • Make sure all unused ports are closed.
  • Check your msconfig, run a few HJT logs and Malwarebyte's to make sure you are not already infected.
  • Use a keyscambler to prevent keyloggers
 
 
It is important that you are not infected because other could see you  hacking and steal it from you or alternitively, if they get caught, you  get caught. On the other hand you might want to stay infected by a bot  or RAT so if and when you are caught you can claim you had no knowledge  and the bot controlled your PC and performed the hack without your  knowledge. However I am not someone who intends to be caught. (I'm not  really a black hat either)
 
I don't personally use an AV for many reasons reasons:
  •  
  • It is possible to make an FUD virus, this is likely to be what you get infected with.
  • It often goes around deleting your stuff without asking.
  • They slow down your PC and often hog the CPU.
  • Whilst performing updates it slows down your connection.
 
 
FireWall: (not tested)
 
KeyScrambler:
 
HJT:
 
Malewarebytes:
 
Another way to prvent this is to use a Lixux-based O/S as altohugh these  aren't 100% secure they have a lot on Windows machines due to the fact  they are less common.
 
But remember you are not invisible: 
 
 Code:
 
If you downloaded and installed the open-source Unreal IRC server in the last 8 months or so, you’ve been pwned.
 
"Hi all,
 
This is very embarrassing…
 
We found out that the Unreal3.2.8.1.tar.gz file on our mirrors has been  replaced quite a while ago with a version with a backdoor (trojan) in  it.
 
This backdoor allows a person to execute ANY command with the privileges  of the user running the ircd. The backdoor can be executed regardless  of any user restrictions (so even if you have passworded server or hub  that doesn’t allow any users in)."
 
 
Encryption
 
Be under no ilussions, this is one of the most important steps to  keeping information secret. Now I am a big fan of encryption and here is  why:
 
 Code:
 
"if your encryption program uses  128-bit keys, your particular key could be any of more than 3.4  trillion billion billion billion possible combinations. More likely to  win the lottery than to crack that level of encryption using the  brute-force method"Or just use RSA 4096-bit and 256-bit AES?
 
 
Now I think this says a little bit about how much safer encryption makes  you, if you encrypt your HDD using 256-bit, there is little chance even  the authorities will crack it.... in your lifetime. However do be aware  of local law for example in the UK the new Regulation of Investigatory Powers Act states:
 
 Code:
 
Individuals who are believed to  have the cryptographic keys necessary for such decryption will face up  to 5 years in prison for failing to comply with police or military  orders to hand over either the cryptographic keys, or the data in a  decrypted form.
 
 
The penelties are up to 5 years for terrorism-related inforamtion and 2 years for "All other failures to comply"
 
Therefore depending on the strength of your offence it could be more  wise to with-hold your key on claims of a privacy breach, and face the  maximum two years than to hand over your keys. 
 
The program I most recomend for doing this is 
 
TrueCrypt:
 
True crypt can provdie 256-bit encryption 
 
 Code:
 
The design and strength of all  key lengths of the AES algorithm (i.e., 128, 192 and 256) are sufficient  to protect classified information up to the SECRET level. TOP SECRET  information will require use of either the 192 or 256 key lengths.
 
 
Oh and that's not even the most useful part:
 
 Code:
 
TrueCrypt allows you to create a  hidden operating system whose existence will be impossible to prove  (provided that certain guidelines are followed — see below). Thus, you  will not have to decrypt or reveal the password for the hidden operating  system.
 
 
As there is a pre-boot authentication process which asks for your  encryption password you can have two, one for people to see and one for  hacking purposes. This is IMPOSSIBLE to prove so I highly recommed using  it, although I don't use it myself...
 
Anonymity
 
Now, this is THE MOST IMPORTANT  section of the whole tutorial, get this part right and you can pretty  much forget about the rest (however if you are performing something  illegal following the other steps might help you sleep better).
 
Hidding your IP and identity is crucial. Here is my prefred methods:
 
  •  
  • SOCKS5 Proxy
  • L1 HTTPS Proxy
  • GCI proxy
  • Encrypted VPN (no logs)
 
 
Diference between SOCKS and HTTP
 
 Code:
 
SOCKS
 
Bill wishes to communicate with Jane over the internet, but a firewall  exists on his network between them and Bill is not authorized to  communicate through it himself. Therefore, he connects to the SOCKS  proxy on his network and sends to it information about the connection he  wishes to make to Jane. The SOCKS proxy opens a connection through the  firewall and facilitates the communication between Bill and Jane. For  more information on the technical specifics of the SOCKS protocol, see  the sections below.
HTTP
 
Bill wishes to download a web page from Jane, who runs a web server.  Bill cannot directly connect to Jane's server, as a firewall has been  put in place on his network. In order to communicate with the server,  Bill connects to his network's HTTP proxy. His internet browser  communicates with the proxy in exactly the same way it would the target  server—it sends a standard HTTP request header. The HTTP proxy reads the  request and looks for the Host header. It then connects to the server  specified in the header and transmits any data the server replies with  back to Bill.
 
 
Remember: 
 
 Code:
 
HTTP proxies are traditionally  more HTTP protocol aware and do more high level filtering (even though  that usually only applies to GET and POST methods, not CONNECT). SOCKS  proxies can also forward UDP traffic and work in reverse - HTTP proxies  can't do that.
 
 
Due to the restrictions of a HTTP proxy, they ONLY work for HTTP traffic  and do not support UDP and other types of proxy uses. the reason is  because they "infer the address of the server and therefore may only be  used for HTTP traffic".
 
Use both HTTP and SOCKS if possible though this is known as "Proxy  Chaining" this is used to make your actions harder to trace but its not  truely effective.
 
REMEBER: Do not use an L3 HTTP proxy as they show your true IP in the header and are therefore essentially pointless.
 
VPN
 
This is by far the most effective way to conceal your identity. It  channels you traffic and encrpts it with 128-bit. Although some support  256-bit. Often a VPN is much more reliable and does not slow down your  connection as much (in fact I haven't noticed mine at all)
 
A VPN is a virtual Private Network
 
 Code:
 
"Secure VPNs use cryptographic  tunneling protocols to provide confidentiality by blocking  intercepts  and packet sniffing, allow sender authentication to block  identity spoofing, and provide message integrity by preventing message  alteration."
 
 
The best VPN's are paid I used to have a link to a free VPN but that is dead now. I will edit this if I find a link again.
 
A decent PAID VPN is: HMA
 
But always use this in conjunction with something else if you are breaking something...
 
ProxyFirewall is a good program which runs SOCKS and HTTP proxies
 
 
Bibliography:
 
UK law report:
 
Regulation of Investigatory Powers Act: 
 
Goverment stance on AES: 
 
Wikipedia review on AES:
 
TrueCrypt Hidden o/s:
 
SOCKS Information and example:
 
Proxy Chaining:
 
Linux infection news:
 
Official IRCd announcement:
 
Downloads linked:
 
Proxy firewall:
 
TrueCrypt:
 
UltraVPN:
 
FireWall: (not tested)
 
KeyScrambler:
 
HJT:
 
Malewarebytes:
Edited by Kràtos
Guest
This topic is now closed to further replies.
 Share
Go to topic listing


×
×
  • Create New...