PDA

View Full Version : Keylogging, etc.



Tanya
10-26-2007, 12:49 AM
I was browsing some threads in this forum, and saw something about people not being willing to learn their own stuff. In many cases, espeically the ones who can't even type properly, that is probably true. But in my case, it is not. I would read for hours if I could actually UNDERSTAND what I was reading, but the problem is, half the time I don't, and the other half the time is would be wasted time. You could spend 6 hours reading on one site, only to find out it's something you can't do because it doesn't go step-by-step, or because they direct you to something you have to pay for (I am homeless), or whatever. I wouldn't mind spending 6 hours reading, but there is no way to know that I am reading useful information, unless it is literally telling me EXACTLY how to get the password for a specific site, which is something all people can do, etc., which is, of course, actually impossible.



So here is what I have gathered: I can use a keylogger, but I need to find one. I also found mention of trojans here, which I had actually forgotten abuot, but I don't really know how those work. The problem with keylogger's is getting the IP address: How do I get the person's IP address? It is a static IP. Once I get the IP, how do I install the program? I was also once told I could send an image file or somehting with a trojan embedded, I'd assume I could do that for a keylogger to, but how would you attach the keylogger to the image? They are two seperate files. If someone starts talking, I would continue to do a two-way feedback thing. Right now I have found a keylogger that you have to download, I haven't been able to try it because I'm not on a download-enabled computer right now, but I still need to know how to GET the Keylogger onto the computer remotely... I know this can be done because there is a program selling for $*00 that does it, and it LOOKS like a legit site, anyway... or if someone just wants to help me brainstorm based on past passwords, that'd be great too. Creating a fake login page IS in fact, worth it for one user in my case... but how do I get him to use it? He is not stupid enough to follow SPAM e-mails, nor would I even know where to begin with that. And how do I host it? Generally when you put your HTML on a site, they still have their ads or logo somewhere on the page after you've uploaded it.

It doesn't really matter WHAT I get the password to; my current option are AIM, Yahoo!, or MySpace. It's the same password for all mediums so that's why it doesn't matter which. He'd also have the passwords stored in cookies, but Yahoo! cookies don't work when transferred to another computer. Or I could access to the Yahoo! e-mail long enough to retrieve & delete the MySpace password.

Ezekiel
10-27-2007, 12:41 PM
I was browsing some threads in this forum, and saw something about people not being willing to learn their own stuff. In many cases, espeically the ones who can't even type properly, that is probably true. But in my case, it is not. I would read for hours if I could actually UNDERSTAND what I was reading, but the problem is, half the time I don't, and the other half the time is would be wasted time. You could spend 6 hours reading on one site, only to find out it's something you can't do because it doesn't go step-by-step, or because they direct you to something you have to pay for (I am homeless), or whatever. I wouldn't mind spending 6 hours reading, but there is no way to know that I am reading useful information, unless it is literally telling me EXACTLY how to get the password for a specific site, which is something all people can do, etc., which is, of course, actually impossible.

If you post saying "where can I learn HTML", we'll gladly point you in the direction of an appropriate site. Same goes for anything else.


So here is what I have gathered: I can use a keylogger, but I need to find one.

Not my thing, so I can't help there.


I also found mention of trojans here, which I had actually forgotten abuot, but I don't really know how those work.

People usually use it to refer to malicious programs that you install on someone else's PC, then the program performs its nefarious deeds (logging keystrokes or whatever), then sends them back to the instigator.


The problem with keylogger's is getting the IP address: How do I get the person's IP address?

Myriad ways. Setting up an IP-logging script and sending them the URL to that is the first one that comes to mind.

I'd even write such a script if you wanted it, and give you a link to a free hosting provider.

It's one of those simple, quick tasks that I'm willing to help people with. It's when people ask me "how do I hack" that they get blanked.


It is a static IP.

You sure? So they're in an office, school or something like that, with a leased line?


Once I get the IP, how do I install the program?

This is the part where social-engineering comes in. You have to convince them to run your program. Perhaps over MSN or something.


I was also once told I could send an image file or somehting with a trojan embedded, I'd assume I could do that for a keylogger to, but how would you attach the keylogger to the image? They are two seperate files.

You can, but the trojan would still be an EXE (or other executable) file. It wouldn't be a JPEG or anything.

It works by the 'binding' program inserting the image's data into the initial program, then modifying the initial program to start the victim's image-viewer with the image data from the original image. I've never done it or written anything like it though, so I'm not entirely sure.


I know this can be done because there is a program selling for $*00 that does it, and it LOOKS like a legit site, anyway...

*Sniff*

*Sniff*

What's that smell?

Oh, the smell of bullshit.

You could only remotely execute code on a computer if firstly it was publicly accessible to the net (i.e. not behind a router, and most people are) and there was an undisclosed vulnerability in their operating system or a server program they run. Or, if they are accessible and you know their login password.


or if someone just wants to help me brainstorm based on past passwords, that'd be great too.

Sure; tell us the whole situation, the past passwords, the secret question, and all information you know about this person (minus their name, obviously).

Secret questions are pretty easy to guess if you know the person. "What was your first dog, John? I'm just interested in getting to know you. No, I'm not gay.".


Creating a fake login page IS in fact, worth it for one user in my case... but how do I get him to use it?

Again, social-engineering. You have to use creativity to think up a reason for someone to visit a particular URL. Plus, tricks like using IP addresses instead of hostnames also help.


He is not stupid enough to follow SPAM e-mails, nor would I even know where to begin with that. And how do I host it? Generally when you put your HTML on a site, they still have their ads or logo somewhere on the page after you've uploaded it.

Most free hosting providers with PHP place ads -- it's how they keep the business running.

However, some don't since they make enough cash from paying ********s and it's a good way to introduce them to the service. Here's the first ad-free hosting-provider from my bookmarks:

http://www.*gb.**/


(I am homeless)

Tell you what, contact me in 2-* months and if my shares have grown in price massively (I have a gut feeling, looking at the trends), I'll give you $2000 (PayPal, or whatever). I'm serious.

Moonbat
10-27-2007, 11:07 PM
If I was homeless, learning about HTML and keyloggers wouldn't really be my biggest priority.

But anyways, follow mike's advice.

Also, if you really are homeless, look at this link:

http://tenant.net/Community/steal/steal.html

It's a book called 'Steal this Book' (this link is the online version) and it has lots of good tips for free food, clothing, transportation, etc. I've used many of the techniques and have never been caught. Try it.

Ezekiel
10-28-2007, 05:21 AM
http://tenant.net/Community/steal/steal.html

It's a book called 'Steal this Book' (this link is the online version) and it has lots of good tips for free food, clothing, transportation, etc. I've used many of the techniques and have never been caught. Try it.

All you need now is a time-machine to go back to the '70s when its tips were actually relevant ;).

...

I'd have to obtain conclusive proof of homelessness before handing over ***** (if I actually get any).

Moonbat
10-28-2007, 11:33 AM
All you need now is a time-machine to go back to the '70s when its tips were actually relevant ;).

Pretending to be a Junior Minister trying to get candy for a church-related event has won me almost 200 dollars' worth of Snickers, Milky Way, * Musketeers, and Almond Joy. :D

Ezekiel
10-28-2007, 04:00 PM
Wow.

I honestly don't have any achievements to beat that.

However, what the fuck do you do with all that candy? Sell it on Ebay? Convert it into obesity?

Moonbat
10-28-2007, 07:20 PM
Actually I sold it at school for cash. I ate a few, but sold most of it. I purposely sold it cheaply (25 cents for a normal sized snicker bar, for example) so everyone could enjoy from what I got through my ill means.

Ezekiel
10-28-2007, 08:07 PM
Taser-selling is a more lucrative enterprise.

The thing is though, nobody has bought one yet.

Moonbat
10-28-2007, 08:43 PM
Taser-selling is a more lucrative enterprise.

The thing is though, nobody has bought one yet.

Maybe you should lower the cost, or give them a discount if they bring their own camera. :p

How much do you sell them for anyway?

Ezekiel
10-29-2007, 04:56 AM
Maybe you should lower the cost, or give them a discount if they bring their own camera. :p

How much do you sell them for anyway?

I sell them for £*0. The cameras cost about £5, then I add a service charge.

Troll
10-29-2007, 09:45 AM
I sell them for &#*6*;*0. The cameras cost about &#*6*;5, then I add a service charge.

I've seen &#*6*;* disposable cameras in Poundland. (I think they have a flash)

gordo
10-29-2007, 10:50 AM
Another thread hijacked. Thats what I like bout this site. ;) I'm glad you guys decided to stick around.

Ezekiel
10-29-2007, 07:08 PM
I've seen &#*6*;* disposable cameras in Poundland. (I think they have a flash)

Serious? This would raise my profit margin considerably.

I don't look forward to entering such a retail ****** though, since the last "pound shop" I entered smelt of BO and the products were pure, undiluted shit. Also, they-

What were you doing in a fucking Poundland shop? Are the uni costs that bad?

I doubt it though, since the capacitors in those cameras (for the flash/tasering) are worth several pounds alone (**0v, 85&#*8*;F I think) [that's a big motherfucking capacitor, for your information]. The rest of it is shitty plastic and cheap PCB components/design.

In fact, I've looked on the internet and Maplin sells vastly inferior capacitors for over two pounds.

This reminds me: I can't write the pound symbol, due to Ubuntu being retarded with my key***rd layout. I have to copy and paste it whenever I need it.

Paste: &#*6*;

Being English, this is kind of a problem -- but hey, at least it's better than before when it had the totally wrong layout and I had to type from memory (the @ symbol being ", and changes like that). I never look at the key***rd when yuping anyway though, so it wasn't really a problem. (The last sentence was typed with my eyes shut.)


Another thread hijacked. Thats what I like bout this site. I'm glad you guys decided to stick around.

Yeah, most of us grew out of the hacking thing (at least I did), so now we discuss whatever's on our minds. This leads to many dull threads being hijacked, and the new discussion may be interesting or even duller.

Troll
10-30-2007, 03:56 PM
What were you doing in a fucking Poundland shop? Are the uni costs that bad?

I buy cheap batteries for my mp* player. They don't last long but they're alot cheaper than duracells.


.. but hey, at least it's better than before when it had the totally wrong layout and I had to type from memory (the @ symbol being ", and changes like that).
My key***rd is the same, @ is ", # and &#*6*; doesn't exist, etc.. It's annoying because when i use another key***rd i always type " instead of @ in email addresses because i'm used to " being @

:(

Ezekiel
11-01-2007, 06:03 AM
My key***rd is the same, @ is ", # and £ doesn't exist, etc.. It's annoying because when i use another key***rd i always type " instead of @ in email addresses because i'm used to " being @

:(

The funny thing is, you probably had to google for those characters, then paste each one in individually :D. Join the club.

Whenever someone talks about ***** (and I'm lazy), I usually just say X GBP instead of £X. If I'm not lazy, I'll copy the character from the nearest source (this time, it was your post ;)).

On my key***rd, the inaccessible characters are the ones on the right of each key (you're supposed to press some "third-level chooser" key, but I haven't got that to work). The rest work perfectly on my weird layout except the Euro character, the quarter character, the half character, some weird quote characters, the Yen character, the multiply and divide characters, some random bar characters and squared/cubed characters (I think that covers all the ones on the right). None of them are part ASCII (as far as I know), so it's not that important.