Saturday, March 17, 2012

[Tutorial] Disinfecting and Hacking a Keylogger


To disinfect yourself and hack the keylogger.

This tutorial is based on how to disinfect ourself if we are keylogged and then how to hack or revert a ftp and email based keylogger..

Disclaimer-

This tutorial is made only for educational purposes, i hereby take no responsibility how you uses it….
I also take no responsibility if you reached jail but that have very few chances as its not illegeal, its one kind of busting those black hat hackers!!!


Important-
Hacking or reverting a keylogger based on ftp is quite difficult technique as you are hacking a hacker!! I will recommend you to read this carefully after that try and try till you get success….

Table of content-

1) What is reverting
2) How to check if you are infected
3) Disinfect or deleting keylogger from your computer
4) Tools needed to revert a keylogger
5) Method to revert a keylogger based on ftp
6) Hack the Hacker
7) Extras (hacking a email based keylogger)

What Is Reverting

Reverting means reversing an action or undoing the changes in a system, when i told system, then its not only our pc or laptop but any thing in universe!!!
But in our case we will consider our computer as system, in which we have to do changes or do reverting.

How To Check If You Are Infected

1st method-
Every program has their own process which can be seen on task manager. So the first thing to do is to find out which process the Trojan is being attached to. If you see some unknown process search that on google. A good hacker will always makes sure he hides its process with a Windows based Process, for eg. svchost.exe or something like that..
So you have very few chances to know you are infected or not by this method.

2nd method-
i) Go to Start–>Accessories–>Command prompt.
Now after opening command prompt, type netstat -a and check for any unknown port.

Newbie note-
NETSTAT command is used to check whatever ports are open or in use!!
netstat -a command will show all the opening ports.

ii) Now type netstat -b. Now check for SYN Packets and the Foreign address its been connecting with , check the process its been associated with, check the ports also. If you find that its connecting to some unknown ports, then you can say you have been backdoored or infected

Newbie note-
netstat -b command show you the active connections with the process with their PID (Process Identifier) and also the packets.

Disinfect or deleting the keylogger

Go to your task manager. On the top of it, click on View–>select Column–>Tick on PID (Process Identifier).
Match the suspicious Process with the Processes In task manager, check PID also

Now most of the RATs and Keyloggers resides on Start up. How to delete them from start up?

a) Go to regedit —> HKLMSoftwareMicrosoftWindowsCurrent versionRun
On the Right hand side, check for the process name which you find on above step, if its not their. check at

HKCUSoftwareMicrosoftWindowsCurrent VersionRun
OR
Open Cmd prompt & type start msconfig. Go to Startup tab, you can check the startup process there.

Tools needed to revert the keylogger

i) Keloggers- Its obvious, you will need the keyloggers you want to hack

ii) password stealer- there are many password stealers at internet, i cant post recommended name here, (check comments section located below for names of two most popular recommended password stealer, i will be using them)…..
I will show guides for both recommended stealer and refer them as 1st type and 2nd type..

iii) Virtual maschine- if you dont know, how to setup a virtual maschine, then google it, its easy. We uses virtual maschine so that we can install our keylogger in it without infecting our real maschine(computer).

Method to revert the keylogger

Run the keylogger in your virtual maschine and start your password stealer. after some time you will get all info of ftp server on which kylogger is sending the logs with password also. Now login using ftp password that we got from the sniffer and get going. I would recommend to steal the logs quietly like a ninja, so you can get others logs as well. Of course you can change the pass if you want but it won’t send any further logs.

Hack the Hacker-

Most of hacker use ftp account to get key stroke recorded from slave computer like.

Assume hacker have install a key logger to u r pc now how to trace that hacker( when the keylogger is installed in your computer and it is sending key strokes it have to log in ftp account as the hacker has program it)
Now u r thinking how to trace???
Get some network tracer or network monitoring tool…

NOw hacker have install log file in your pc and u want to hack hacker-
1) Open you netwok tracer chose your network and start monitoring your network
( network monitor will show you you all ftp, http, udp, tcp and all type of connected to your computer)

2) Hacker has set particulate time after this particular time key stroke will be send to his ftp account it will be maximum 10 min so wait 10 min

3) Hacker is using ftp account so filter it type ftp and hit enter.

4) Now you will see that the key loger is sending key stroke to ftp account and you will see all information even u will see the user name and ftp password and many thing else.

5) NOW YOU BETTER KNOW WHAT TO DO NEXT..

AND IF YOU HAVE ANY OTHER ALTERNATIVES THEN DO LET EVERYBODY KNOW. :D

Extras:-

Most of keyloggers are sends information on ftp, but if we came across a keylogger which sends information on email, than what we can do??
So here is method to revert a keylogger based on email-
Get a keylogger and just open a Cheatbook tool (cheatbook of pC/psp games )
Or You can use any hexeditor tool but cheatbook is commonly used
by many so i decided to include this in my tut
Now follow the steps-

(a)once you have opened the cheatbook click on The red highlited tab in image

(b)in the editor just go to file >open >and select the keylogger

(c)
when you have opened the file you should scroll down to the last
till the text ends and there is that hacker’s Gmail Id and Pass

Congrats you just hacked a Keylogger maker’s Email and pass
now enjoy…

Hope you enjoyed this tutorial…

Do LIKE this and SHARE..

7 comments:

keylogger said...

The unknown port is missing at step#2? Please help...

Anonymous said...

BEST RATED HACKERS
It is too risky and not wise chosing a random hacker to do your hacking job
visit the site below to know the best hackers for your hacking jobs
hireverifiedhacker.wordpress.com/how-to-hire-a-hacker/

Anonymous said...


VERIFIED HACKERS
Finding a true hacker could be almost an impossible task these days, but with the help of our over a decade survey you are 100% safe...
visit this site below so your not misled...Avoid being cheated, hire a VERIFIED HACKER only.
hireverifiedhacker.wordpress.com/hire-a-hacker

jasonbob said...

jordan retro
off white jordan 1
nike air vapormax
supreme clothing
timberland outlet
converse outlet
kyrie 3
nike air max 95
birkin bag
golden goose outlet
xiaofang20191225

jane holly said...

My life was falling apart, I was being cheated and abused, I had to know the truth and needed proof. I contacted a private investigator that linked me with onlineghost who took care of the hack job. He hacked his iPhone,Facebook,Instagram, Whats app, twitter and email account. I got all I wanted as proof . I”m glad i had a proven truth he was cheating . Contact him for any hack job. Tell him i referred you to him, he will surely meet your hack need. Contact: onlineghosthacker247@ gmail .com

Andrea Robertson said...

He is no scam,i tested him and he delivered a good job,he helped me settle bank loans,he also helped my son upgrade his scores at high school final year which made him graduate successfully and he gave my son free scholarship into the college,all i had to do was to settle the bills for the tools on the job,i used $500 to get a job of over $50000 done all thanks to Walt,he saved me from all my troubles,sharing this is how i can show gratitude in return for all he has done for me and my family

Gmail; Brillianthackers800@gmail.com
Whatsapp number; +1(224)2140835

Elizabeth said...

I was so anxiuos to know what my husband was always doing late outside the house so i started contacting hackers and was scamed severly until i almost gave up then i contacted this one hacker and he delivered a good job showing evidences i needed from the apps on his phone like whatsapp,facebook,instagram and others and i went ahead to file my divorce papers with the evidences i got,He also went ahead to get me back some of my lost money i sent to those other fake hackers,every dollar i spent on these jobs was worth it.Contact him so he also help you.
mail: premiumhackservices@gmail.com
text or call +1 4016006790

Post a Comment

 
Design by Secure Hackers