Originally Posted by
Elmo<*Rissa
You need to send a keylogger with a trojan. A client, and a server. You need to execute the server on their computer via trojan, and use the client to connect to it. Set the keylogger to transmit the data back. Bruteforce really isn't a hack, it's more of a program to crack passwords, with a pass list. It attempts to crack the password by trying all possible combinations, with the lists provided.
There are several ways to get the victim to execute the server portion. You can either send them a a file, like a small game with the server binded to it, so they don't get supicious when the file opens up and doesn't do anything. Or you set up a website with scripts to automaticly execute the file.
You can find the scripts here
[url]http://www.geocities.com/protonigg*r/ie6-exedrop-asp-POC.zip[/url]
Anything else you need, you need to google for it. I've given you a start.
Actually, a keylogger is a type of trojan that only consists of a server. A keylogger is run by the victim and sends logs to an email account, so the only "client" needed is a web browser/email program to check the emails. But what you said is true for almost all other trojans, they need some sort of control mechanism, and it's best to think about trojans as a client and a server.
And about the "website to install malware" thing, for anyone planning on doing this, I would recommend using a newer exploit, such as the createtextrange or wmf exploits, but it all depends on what software the victim is running.
I've tried google, i would rather just get a brute force program to crack someones password and I cant find any on google, just says how to prevent etc. anyone know where I can find one?
It depends what you mean by brute force. If you are talking about brute forcing email accounts, forget it, that is impossible. If you mean brute forcing windows passwords, then cain or LC5 can do that.
Last edited by Ezekiel; 05-11-2006 at 06:37 AM.
Who needs drugs when you have electrons?