///////////////////////////////////////////
How to Own a Hacker - Reverting Keyloggers and Stealers
How to know if you are
infected with RATs or Keyloggers. Here i will show you how to revert those
keyloggers, RATs, or stealers, and find who sent them to you.
What is Reverting?
Reverting generally means reversing an action or undoing the changes. Here
in our case, reverting would be more of reversing the action.
For this we will need a keylogger server using ftp. It can be found on
warez sites, youtube etc. You basically need the following things:
Keylogger, passstealerCain and AbelVirtual machine (so you don't get
infected, and what if the hacker is using better protocol that would be
epic fail).
Getting Started:
Execute the keylogger on your virtual machine.
Now run Cain and Abel and do the following things as per stated order.
Wait for sometime and then check back the passwords area.
As you can see the keylogger used ftp protocol to transfer the logs. Ftp
protocol isn't very safe since it doesn't encrypt the data. Anyways you
should see the IP address where your PC is sending packets. And also the
username and password. This might not work if the server is using other
protocol like http, smtp, etc. you'll most probably get junk values in user
and pass box if those protocols are used.
So i open the ipaddress http://66.220.9.50/
Guess what its our very own drivehq.com =D. Now login using ftp password
that we got from the sniffer and get going. I would recommend to steal the
logs quietly like a ninja, so you can get others logs as well. Of course
you can change the pass if you want but it won't send any further logs.
No comments:
Post a Comment